fix: audit fixes — peek icon, blur limit, GResource compression, sync markers (v0.6.8)
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Update PKGBUILD version / update-pkgver (push) Successful in 2s
- Enable peek icon on password entry (consistent with moongreet) - Raise blur limit from 100 to 200 (consistent with moongreet/moonset) - Add compressed="true" to GResource CSS/SVG entries - Add SYNC comments to duplicated blur/background functions
This commit is contained in:
@@ -2,6 +2,13 @@
|
||||
|
||||
Architectural and design decisions for Moonlock, in reverse chronological order.
|
||||
|
||||
## 2026-03-31 – Fourth audit: peek icon, blur limit, GResource compression, sync markers
|
||||
|
||||
- **Who**: Ragnar, Dom
|
||||
- **Why**: Fourth triple audit found blur limit inconsistency (moonlock 0–100 vs moongreet/moonset 0–200), missing GResource compression, peek icon inconsistency, and duplicated code without sync markers.
|
||||
- **Tradeoffs**: Peek icon enabled in lockscreen — user decision favoring UX consistency over shoulder-surfing protection. Acceptable for single-user desktop. Blur limit raised to 200 for ecosystem consistency.
|
||||
- **How**: (1) `show_peek_icon(true)` in lockscreen password entry. (2) `clamp(0.0, 200.0)` for blur in config.rs. (3) `compressed="true"` on CSS/SVG GResource entries. (4) SYNC comments on duplicated blur/background functions pointing to moongreet and moonset.
|
||||
|
||||
## 2026-03-30 – Third audit: blur offset, lock-before-IO, FP signal lifecycle, TOCTOU
|
||||
|
||||
- **Who**: Nyx, Dom
|
||||
|
||||
Reference in New Issue
Block a user