CryptDrop - Changelog

Version 2.2.0 (April 7, 2026) - Production Ready Release

Documentation: Complete production deployment guide (PRODUCTION.md)
Production: Nginx serverblock configuration with SSL/TLS
Production: Let's Encrypt certificate generation guide
Security: Production checklist with 10+ verification steps
Backups: Automated database backup scripts and restoration procedures
Monitoring: Logging configuration and health check monitoring
Performance: Docker resource limits and Nginx caching tuning
Logging: LOG_LEVEL set to WARN for production
Logging: File-based logging enabled by default
Configuration: Production environment fully configured in .env
Docker: docker-compose.prod.yml ready for deployment
Testing: All production deployment scenarios verified
Status: ✅ Production-ready deployment

Version 2.1.2 (April 7, 2026) - Docker Permission Fixes & UI Cleanup

Bugfix: CRITICAL - Fixed Docker EACCES: permission denied error when writing .env file
Bugfix: Non-root Docker user (nodejs:1001) can now start without permission errors
Improvement: Environment initialization now gracefully handles read-only filesystems
Improvement: Keys are auto-generated in-memory if not provided via environment variables
Improvement: Docker can now be run without pre-existing .env file
Docker: Dockerfile now creates .env with correct permissions for nodejs user
Docker: Development mode (docker-compose.yml) now allows optional key generation
UI: Removed Security Notice warning box (unnecessary notification)
UI: Removed form field animations for cleaner, faster interface
Bugfix: Fixed missing decryptFile() function in view.js attachment handling
Feature: Attachment decryption now properly implemented with file metadata
Port: Changed from 3000 to 9285 across all configurations

Version 2.1.1 (April 7, 2026) - Critical Security Audit & Fixes

Security: CRITICAL FIX - Database encryption now uses per-note random salt
Security: Fixed salt reuse vulnerability that broke decryption after server restart
Security: Each encrypted value now includes: IV:Salt:Ciphertext format for proper recovery
Security: Data persistence guaranteed across server restarts and redeploys
Security: Proper backward compatibility for legacy note format detection
Security: Unified attachment size limit to 10MB (client and server)
Security: Consistent file size validation across all interfaces
Bugfix: FIXED - Helmet CSP configuration error (upgradeInsecureRequests invalid directive syntax)
Bugfix: Removed invalid CSP directive value that caused server startup failure
Bugfix: HTTPS upgrades now properly delegated to reverse proxy level (Nginx)
Documentation: Comprehensive security audit report added (SECURITY_AUDIT.md)
Testing: Coverage improvements for cryptographic operations
Quality: Code review and hardening based on security audit

Version 2.1.0 (April 6, 2026) - Docker & Security Hardening

Docker: Complete Docker containerization with Alpine Linux for production
Docker: Multi-stage Dockerfile with optimized image size (~150MB)
Docker: docker-compose.yml for development environment
Docker: docker-compose.prod.yml with Nginx reverse proxy setup
Docker: Health checks and resource limits configured
Docker: Non-root user execution for security
Deployment: Deploy script (deploy.sh) for easy dev/prod deployment
Deployment: Nginx configuration with SSL/TLS support and security headers
Deployment: Complete DOCKER.md guide for deployment procedures
Configuration: .env.example template with production checklist
Security: Fixed hardcoded salt in database encryption (CRITICAL)
Security: Improved random IV generation for each encryption operation
Security: Reduced JSON body size limit from 50MB to 5MB to prevent DoS
Security: Removed detailed validation error messages exposed to clients
Security: Improved Helmet CSP with upgrade-insecure-requests directive
Security: Reduced attachment size limit from 15MB to 10MB
Security: Added additional archive file extensions to blacklist (.bz2, .xz, .iso)
Security: Generic error messages to prevent information disclosure
Security: Improved logging to not expose sensitive information
Infrastructure: .dockerignore for cleaner Docker builds
Documentation: Comprehensive Docker deployment guide
Linux Ready: Full Linux/Kubernetes compatibility with Docker

Version 2.0.0 (April 6, 2026) - Security Simplification

Redesign: Complete UI overhaul with modern dark mode design
Security: Removed unnecessary forensic countermeasures (multiple-pass overwrites, VACUUM operations)
Security: Simplified security architecture while maintaining strong encryption
Performance: Improved server performance by removing complex deletion operations
Logging: Moved to minimal, non-persistent logging approach
Developer: Localhost excluded from rate limiting for easier development
Documentation: Updated privacy policy and security documentation to reflect simplified approach
Architecture: Reduced codebase complexity while improving maintainability

Version 1.4.0 (September 6, 2025)

Security: Implemented database encryption at rest with AES-256-CBC
Security: Auto-generation of secure encryption keys (DB, session, CSRF)
Security: Added protection against zip bombs and malicious compressed files
Security: Implemented magic byte detection for compressed file types
Security: Added compression ratio analysis to detect zip bombs
Security: Enhanced rate limiting with environment variable configuration
Security: Fixed critical client-side sanitization vulnerability in sanitize.js
Security: Implemented dynamic CSP nonce generation per request (prevents nonce reuse attacks)
Security: Enhanced timing attack protection with constant response delays
Security: Added comprehensive file-type validation with whitelist approach
Security: Implemented persistent audit logging with automatic 30-day retention
Security: Added file-based audit log storage with daily rotation
Security: Removed honeypot bot detection (user preference for better UX)
New: Added forensic-grade secure delete button for browser memory clearing
New: Implemented multiple-overwrite deletion of note content and attachments
New: Added blob URL revocation for secure attachment cleanup
New: Secure delete automatically redirects to main page after completion
Improved: Comprehensive error handling system with visual feedback
Improved: Professional error display with retry functionality
Improved: Form validation with field-specific error messages
Improved: Toast notifications for user feedback
Improved: HTTP status code specific error handling
Improved: Minimalistic animations that match website design
Improved: Switched from better-sqlite3 to sqlite3 for better Windows compatibility
Improved: Fixed deprecated crypto API usage (createCipher → createCipheriv)
Improved: Enhanced environment variable management with .env parsing
Improved: Removed MIME type validation for more flexible file uploads
Improved: Replaced browser-incompatible DOMPurify/JSDOM with native sanitization
Improved: Enhanced error handling with detailed logging and safe client responses
Improved: Strengthened XSS protection across all user inputs
Fixed: CSP violations from inline styles and data URLs
Fixed: CSP policy updated to allow data: and blob: URLs for file previews
Fixed: Loading message appearing on page load without user action
Fixed: Prevented encryption key regeneration on server restart
Fixed: Removed entropy check that blocked encrypted files
Fixed: URL encoding issue in note link generation
Removed: All debug code and test files for production readiness
Removed: Client-side screenshot protection (ineffective and UX-breaking)

Version 1.3.0 (May 17, 2025)

New: Renamed service to CryptDrop
New: Updated GitHub repository information
Improved: Enhanced README documentation
Improved: Streamlined Privacy Policy

Version 1.2.0 (May 17, 2025)

New: Added forensic countermeasures documentation page
New: Implemented changelog page
Improved: Updated footer links on all pages
Improved: Added CSS styles for new pages

Version 1.1.0 (May 15, 2025)

Fixed: Improved confirmation mechanism - notes are now only deleted after confirmation
New: Added endpoint for note metadata without deletion
New: Added Privacy Policy and FAQ pages
Improved: Footer with links to Privacy Policy and FAQ
Improved: Redesigned entire UI for better user experience

Version 1.0.0 (May 10, 2025)

New: Initial implementation of the CryptDrop application
New: File attachments functionality (encrypted)
New: Confirmation step before viewing notes
New: Implemented forensic countermeasures
Security: Implemented comprehensive XSS protection measures
Security: Zero-knowledge architecture for maximum privacy
Security: Added DOM-Purify and XSS protection filters
Security: Input validation and sanitization for all data
Security: Rate-limiting to protect against brute-force attacks
Improved: Set up Content-Security-Policy

Technical Implementation Details

Security Improvements

Implementation of Helmet for secure HTTP headers
XSS protection through Content-Security-Policy with dynamic nonces
Built-in rate limiters for API endpoints
Enhanced client-side sanitization with browser-compatible implementation
Secure methods for file deletion in the database
Timing attack mitigation with constant response delays
Comprehensive input validation and output encoding

Database Changes

Schema extended to support file attachments
Implementation of secure deletion (DoD 5220.22-M standard)
Automatic vacuuming after deletion operations

Frontend Changes

UI redesign for better UX
Two-step process for viewing notes
Client-side encryption with WebCrypto API
Memory clearing functions after encryption/decryption

New Dependencies

dompurify: For client-side sanitization
xss: For additional XSS protection
express-rate-limit: For limiting requests
express-validator: For input validation
sanitize-html: For HTML sanitization
cookie-parser: For potential authentication features