diff --git a/FUTURE.md b/FUTURE.md index f6b89ff..3c4582a 100644 --- a/FUTURE.md +++ b/FUTURE.md @@ -3,7 +3,7 @@ **This document tracks potential future enhancements for Bill Tracker.** **Last Updated:** 2026-05-10 -**Current Version:** v0.24.0 +**Current Version:** v0.24.1 ## How to Use This Document @@ -128,23 +128,8 @@ Many routes contain business logic that should be extracted to service layers. ### ๐Ÿ”ต LOW -### ๐Ÿ”ต Export Formats Include Sensitive Bill Credential Fields by Default โ€” LOW -**Priority:** LOW -**Added:** 2026-05-10 by Prime (code review) -**Type:** SECURITY / PRIVACY - -**Description:** -Full user exports include `website`, `username`, `account_info`, notes, and monthly notes by default. This may be intended for portability, but it turns every Excel/SQLite export into a high-sensitivity artifact and there is no lightweight/redacted export option. - -**Affected Files:** -- `routes/export.js:88-153` -- `routes/export.js:156-199` -- `routes/profile.js:236-254` - -**Potential Fix:** -Add explicit UI copy warning that exports may contain account metadata, and consider a redacted export mode that excludes credential/account fields and free-form notes. - -**Severity:** LOW +### ~~๐Ÿ”ต Export Formats Include Sensitive Bill Credential Fields by Default โ€” LOW~~ โœ… FIXED (v0.24.1) +**Moved to HISTORY.md** ### ~~๐Ÿ”ต Duplicate Local Login Route Increases Auth Drift Risk โ€” LOW~~ โœ… FIXED (v0.23.2) **Moved to HISTORY.md** diff --git a/HISTORY.md b/HISTORY.md index 75ff53a..deb1406 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -1,5 +1,10 @@ # Bill Tracker โ€” Changelog +## v0.24.1 + +### Added +- **Export privacy warning** โ€” Amber alert banner on Download My Data section warning that exports may contain sensitive account metadata (website URLs, usernames, account info). Updated "What's included" list to show monthly starting amounts and history ranges. + ## v0.24.0 ### Fixed diff --git a/client/lib/version.js b/client/lib/version.js index d7c52cd..380ca32 100644 --- a/client/lib/version.js +++ b/client/lib/version.js @@ -1,19 +1,10 @@ -export const APP_VERSION = '0.24.0'; +export const APP_VERSION = '0.24.1'; export const APP_NAME = 'BillTracker'; export const RELEASE_NOTES = { - version: '0.24.0', + version: '0.24.1', date: '2026-05-10', highlights: [ - { icon: '๐Ÿงน', title: 'Clear Demo Data Fix', desc: 'Fixed Clear Demo Data button โ€” removed placeholder, made button accessible, fixed seed user ID bug, removed duplicate endpoint.' }, - { icon: '๐Ÿ›ก๏ธ', title: 'Admin Toggle-Paid Restricted', desc: 'Admins can no longer toggle payments on other users\' bills. All bill payment mutations now require ownership.' }, - { icon: '๐Ÿ”ง', title: 'Analytics Crash Fix', desc: 'Imported missing standardizeError in analytics routes โ€” invalid query params now return 400 instead of 500.' }, - { icon: '๐Ÿ“ฆ', title: 'Export Data Integrity', desc: 'User exports now include cycle_type, cycle_day, and bill_history_ranges โ€” no more data loss on export/import.' }, - { icon: '๐Ÿ”“', title: 'Single-User Mode Lockout Fix', desc: 'Fixed single-user mode locking out when expired sessions exist โ€” removed unnecessary session join from user lookup.' }, - { icon: 'โฑ๏ธ', title: 'Rate Limiter Scoped', desc: 'Password rate limiter now only applies to change-password routes, not all profile reads/updates.' }, - { icon: '๐Ÿ”‘', title: 'Session Invalidation Fix', desc: 'Profile password change now correctly invalidates other sessions using cookie value, not missing sessionId.' }, - { icon: '๐Ÿช', title: 'CSRF Default Fixed', desc: 'CSRF cookie httpOnly defaults to false (matches SPA pattern). Password change routes no longer exempted from CSRF.' }, - { icon: '๐Ÿ“…', title: 'Notification Due-Day Fix', desc: 'Fixed same-day reminder classification โ€” now compares calendar days instead of timestamps to avoid overdue misclass.' }, - { icon: '๐Ÿ“Š', title: 'Upcoming Bills Validation', desc: 'Negative/invalid day windows now default to 30 instead of producing empty results.' }, + { icon: 'โš ๏ธ', title: 'Export Privacy Warning', desc: 'Added visible warning that exports may contain sensitive account metadata. Updated "What\'s included" list to show new export fields (monthly starting amounts, history ranges).' }, ], }; \ No newline at end of file diff --git a/client/pages/DataPage.jsx b/client/pages/DataPage.jsx index ddb3288..2c65549 100644 --- a/client/pages/DataPage.jsx +++ b/client/pages/DataPage.jsx @@ -288,11 +288,15 @@ export function DownloadMyDataSection() { +
+ +

Exports may contain sensitive account metadata (website URLs, usernames, account info). Store exported files securely and avoid sharing them unencrypted.

+

What's included

    - {['Bills','Payments','Categories','Monthly bill state','Notes','Export metadata'].map(i => ( + {['Bills','Payments','Categories','Monthly bill state','Monthly starting amounts','History ranges','Notes','Export metadata'].map(i => (
  • {i}
    • diff --git a/package.json b/package.json index 9d31c91..1e8384e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "bill-tracker", - "version": "0.24.0", + "version": "0.24.1", "description": "Monthly bill tracking system", "main": "server.js", "scripts": {