Skip to content

v1.0.0 Release#11

Merged
darox merged 1 commit into
mainfrom
claude/review-project-improvements-eUgOu
May 9, 2026
Merged

v1.0.0 Release#11
darox merged 1 commit into
mainfrom
claude/review-project-improvements-eUgOu

Conversation

@darox

@darox darox commented Apr 19, 2026

Copy link
Copy Markdown
Owner

User description

Summary

  • Initial v1.0.0 release of UniFiBar
  • Comprehensive code review: safety hardening, wired Ethernet support, VPN stability, views refactoring, diagnostics
  • Adds CHANGELOG.md documenting all features
  • Adds swift test step to CI release workflow

Pre-merge Verification

  • 56 tests passing across 6 suites
  • Zero build warnings (debug + release)
  • Swift 6 strict concurrency compliant
  • Zero external dependencies
  • All code review items addressed

After merging, create tag v1.0.0 on main to trigger the release workflow.


PR Type

Enhancement, Bug fix


Description

  • Security hardening: moved cert pins to Keychain, reject on mismatch (MITM fix), validate cert expiry via X.509 OIDs, strip control chars from API key, exponential backoff with auth-failure halt, URL validation, and response sanity caps

  • Added wired Ethernet detection, monitoring sections (DDNS, port forwards, nearby APs), diagnostics log with export, update checker, section visibility prefs, compact mode, and configurable poll interval

  • Fixed sites response null-data crash, overlapping refresh races, URLSession/memory leaks on reconfigure, and generation-based refresh cancellation

  • Refactored UI to explicit parameters, added cert-pin reset flow, detailed error states with reasons, and SI/decimal byte formatting

Security Impact Assessment:

  • Certificate pinning TOFU fix: Previously, on cert mismatch the pin was silently overwritten, allowing MITM attacks. Now mismatches are rejected and explicitly flagged for user review.

  • Keychain storage: Certificate pins moved from UserDefaults (world-readable) to Keychain with kSecAttrAccessibleWhenUnlockedThisDeviceOnly.

  • API key sanitization: Control characters stripped from API key to prevent HTTP header injection.

  • Safe error logging: safeErrorDescription() strips URLs and credential fragments from log output.

  • Response sanity caps: Client list capped at 5,000, devices at 500, sessions at 1,000 to prevent memory exhaustion from compromised controllers.

  • Auth failure halt: Polling stops on 401/403; no further credential replay until user reconfigures.


Diagram Walkthrough

flowchart LR
  A["UniFiClient"] -- "cert pinning + keychain" --> B["PinnedCertDelegate"]
  C["StatusBarController"] -- "exponential backoff + auth halt" --> D["Refresh Loop"]
  C -- "fetch monitoring data" --> E["DDNS / Port Forwards / Rogue APs"]
  F["PreferencesManager"] -- "section visibility + poll interval" --> G["Menu View"]
  H["DiagnosticsLog"] -- "export report" --> I["UI Diagnostics Section"]
  J["URLValidator"] -- "normalize + validate" --> K["SetupView / PreferencesView"]
Loading

File Walkthrough

Relevant files
Enhancement
10 files
UniFiClient.swift
Security hardening, flexible decoding, monitoring APIs, cert pin
migration
+322/-56
StatusBarController.swift
Error handling, backoff, auth halt, monitoring fetch, diagnostics
logging
+270/-33
PreferencesView.swift
Redesigned preferences with sections, diagnostics, cert reset,
visibility toggles
+305/-90
MenuContentView.swift
Refactored to explicit params, error views with diagnostics,
monitoring sections
+236/-62
WiFiStatus.swift
Added ErrorState reasons, monitoring fields, clearState, SI byte
formatting
+154/-20
SetupView.swift
Improved error messages, URL validation integration, rate limiting fix
+72/-66 
ConnectionSection.swift
Refactored to explicit parameters instead of WiFiStatus dependency
+55/-34 
DiagnosticsLog.swift
New diagnostics log with categories, levels, export, and event cap
+173/-0 
PreferencesManager.swift
Added section visibility, compact mode, poll interval, cert cleanup on
reset
+111/-2 
DeviceDetector.swift
Return all active interface IPs for wired+WiFi matching   
+42/-25 
Tests
1 files
WiFiStatusTests.swift
Tests for quality labels, status bar colors/symbols, clearState, error
display, formatting
+220/-0 
Additional files
35 files
pr-agent.yml +5/-2     
release.yml +3/-0     
.pr_agent.toml +7/-1     
launch.json +24/-0   
CHANGELOG.md +27/-0   
CODEOWNERS +0/-2     
Package.swift +5/-0     
build_common.sh +87/-0   
compile_and_run.sh +11/-68 
package_app.sh +11/-63 
probe_endpoints.sh +55/-0   
setup-pr-agent.sh +45/-0   
AppDelegate.swift +4/-0     
UniFiBarApp.swift +1/-0     
ClientDTO.swift +32/-0   
DeviceDTO.swift +56/-6   
MonitoringDTO.swift +175/-0 
Formatters.swift +18/-0   
URLValidator.swift +47/-0   
UpdateChecker.swift +113/-0 
CollapsibleSection.swift +136/-0 
MetricRow.swift +4/-0     
ProgressBarView.swift +1/-0     
DDNSSection.swift +34/-0   
InternetSection.swift +69/-14 
NearbyAPsSection.swift +40/-0   
PortForwardsSection.swift +37/-0   
SessionTimeSection.swift +10/-1   
VPNSection.swift +2/-2     
WiFiExperienceSection.swift +14/-10 
DecodeFlexibleArrayTests.swift +110/-0 
PreferencesManagerTests.swift +97/-0   
URLValidatorTests.swift +88/-0   
UniFiErrorTests.swift +34/-0   
UpdateCheckerTests.swift +64/-0   

@darox darox force-pushed the claude/review-project-improvements-eUgOu branch from 9e7ae1b to b815fa2 Compare April 19, 2026 08:18
@github-actions

Copy link
Copy Markdown

Failed to generate code suggestions for PR

@darox darox force-pushed the claude/review-project-improvements-eUgOu branch 2 times, most recently from f660ea6 to 681da97 Compare April 19, 2026 13:16
@darox darox force-pushed the claude/review-project-improvements-eUgOu branch from 681da97 to 7b82806 Compare April 30, 2026 06:12
@github-actions

Copy link
Copy Markdown

Failed to generate code suggestions for PR

@github-actions

github-actions Bot commented Apr 30, 2026

Copy link
Copy Markdown

PR Reviewer Guide 🔍

(Review updated until commit 91497ad)

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪
🧪 PR contains tests
🔒 No security concerns identified
⚡ No major issues detected

@github-actions

Copy link
Copy Markdown

Failed to generate code suggestions for PR

1 similar comment
@github-actions

Copy link
Copy Markdown

Failed to generate code suggestions for PR

@darox

darox commented Apr 30, 2026

Copy link
Copy Markdown
Owner Author

Preparing review...

2 similar comments
@darox

darox commented Apr 30, 2026

Copy link
Copy Markdown
Owner Author

Preparing review...

@darox

darox commented Apr 30, 2026

Copy link
Copy Markdown
Owner Author

Preparing review...

@github-actions

Copy link
Copy Markdown

Failed to generate code suggestions for PR

@darox

darox commented Apr 30, 2026

Copy link
Copy Markdown
Owner Author

Preparing review...

@darox darox force-pushed the claude/review-project-improvements-eUgOu branch from fcd10a5 to eb2dd3c Compare May 4, 2026 15:15
@darox

darox commented May 4, 2026

Copy link
Copy Markdown
Owner Author

Preparing review...

2 similar comments
@darox

darox commented May 4, 2026

Copy link
Copy Markdown
Owner Author

Preparing review...

@darox

darox commented May 4, 2026

Copy link
Copy Markdown
Owner Author

Preparing review...

@darox darox changed the title Pre-release code review: safety, formatting, view extraction, and concurrency fixes v1.0.0 Release May 9, 2026
@github-actions

github-actions Bot commented May 9, 2026

Copy link
Copy Markdown

Persistent review updated to latest commit 91497ad

- Safety hardening: API key sanitization, array bounds, safe error logging
- Wired Ethernet connection support
- VPN tunnel stability fixes
- Certificate pinning with TOFU + expiry validation
- View extraction: CollapsibleSection, DiagnosticsLog, UpdateChecker
- Add CHANGELOG.md documenting all features
- Add swift test to CI release workflow
- Remove buggy PR-Agent integration
@darox darox force-pushed the claude/review-project-improvements-eUgOu branch from 70909fe to 0e5eb11 Compare May 9, 2026 13:13
@darox darox merged commit db6c277 into main May 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant