Merge pull request #118 from Picocrypt/dependabot/go_modules/src/golang.org/x/crypto-0.38.0

Bump golang.org/x/crypto from 0.37.0 to 0.38.0 in /src

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1 @@
+blank_issues_enabled: false

.github/ISSUE_TEMPLATE/default.yml

@@ -0,0 +1,105 @@
+name: Default template
+description: The default template for all issues
+body:
+  - type: markdown
+    attributes:
+      value: |
+        # Rules
+  - type: markdown
+    attributes:
+      value: |
+        **Please read this section carefully and completely. You may be blocked from this repository if you violate the rules.**
+  - type: markdown
+    attributes:
+      value: |
+        Picocrypt is a "finished" piece of software and is in a maintenance-only stage. This does not mean the software is old, outdated, or abandonware, but that the sole focus is on fixing bugs and ensuring the software continues to work smoothly as opposed to actively developing new features. As well, my time as the developer is very limited considering that Picocrypt brings me no monetary benefit and is entirely a gift of my time and skill to the community.
+  - type: markdown
+    attributes:
+      value: |
+        *Therefore, to save me time so that I can focus on the important things, please follow the guidelines below depending on your topic.*
+  - type: markdown
+    attributes:
+      value: |
+        ### Bug reports or security issues
+  - type: markdown
+    attributes:
+      value: |
+        These are important; make the issue with a short description, and then once the issue is created, add a comment with as many details as possible. Ping me (@HACKERALERT) in the comment so that I can get to it as soon as possible. Keep in mind that I define "bug" as something wrong with Picocrypt's code itself. If it's not Picocrypt's fault, it's not a bug.
+  - type: markdown
+    attributes:
+      value: |
+        ### Problems running/starting Picocrypt
+  - type: markdown
+    attributes:
+      value: |
+        Usually these issues are not directly caused by Picocrypt's code. If you're on Windows, see [here](https://github.com/Picocrypt/Picocrypt/issues/91). If you're on Linux, install some packages and try again (see [here](https://github.com/Picocrypt/Picocrypt/tree/main/src#1-prerequisites)). Picocrypt only targets Windows 11, Ubuntu 24/Debian 12, and macOS 15 or later, so *do not create an issue if your OS is older than those; that is your problem, not mine*. If none of the points above help, create the issue and in a separate comment, provide details about the environment you're running in (like OS, DE, etc.). **Do not ping me initially.** Let the issue sit for at least *5 days* to allow other users to potentially help you resolve the issue. If after 5 days, you haven't figured things out, then you may ping me (@HACKERALERT).
+  - type: markdown
+    attributes:
+      value: |
+        ### Picocrypt is crashing
+  - type: markdown
+    attributes:
+      value: |
+        This is almost always caused by input/output files being in locations where you don't have the correct read/write permissions. Try working within your user/home folder only and copy to/from other places to see if that resolves the crash. If not, run Picocrypt from the command line (e.g. `Picocrypt.exe` or `./Picocrypt`) so you can read the crash message. If you still can't fix the crash, create an issue and ping me (@HACKERALERT).
+  - type: markdown
+    attributes:
+      value: |
+        ### Antivirus problems
+  - type: markdown
+    attributes:
+      value: |
+        These are unpreventable; report them as false positives to your antivirus software provider and **do not create an issue about it**.
+  - type: markdown
+    attributes:
+      value: |
+        ### Support requests/usage questions
+  - type: markdown
+    attributes:
+      value: |
+        Create the issue and ask your question or support request in a separate comment. **Do not ping me initially.** Let the issue sit for at least *10 days* to give other users a chance to help you first. If after 10 days, you have not received any assistance, then you may ping me (@HACKERALERT).
+  - type: markdown
+    attributes:
+      value: |
+        ### Feature requests/suggestions
+  - type: markdown
+    attributes:
+      value: |
+        Picocrypt is mature software; I do not intend to add any new features. **Do not create these types of issues.**
+  - type: markdown
+    attributes:
+      value: |
+        ### Performance issues/improvements
+  - type: markdown
+    attributes:
+      value: |
+        Picocrypt prioritizes correctness and reliability over performance, so many parts of the code are written sequentially and don't use concurrency. This is intentional and need not be pointed out. Unless performance is absolutely atrocious to the point where it is indicative of a potential bug, **do not make issues about performance**.
+  - type: markdown
+    attributes:
+      value: |
+        ### Other issues/generic topics
+  - type: markdown
+    attributes:
+      value: |
+        You will have to use your best judgement here. Read the sections above to get an idea of what I expect to see and do what you think is best. Ideally, ping me only if sufficient time has passed for other users to assist/answer you, or it is best addressed by me directly. You must first look through existing issues or do a web search (AI can help!) before creating the issue. While I am allowing these generic issues to be made, if they become a hassle, I reserve the right to disallow them in the future.
+  - type: checkboxes
+    id: confirmation
+    attributes:
+      label: "Please confirm:"
+      options:
+        - label: "I have carefully read and agree to the rules outlined above"
+          required: true
+        - label: "I will provide as many helpful details as possible"
+          required: true
+        - label: "I acknowledge my issue may be ignored or closed without explanation"
+          required: true
+        - label: "I have looked through previous issues and related info already"
+          required: true
+        - label: "I will remember to close my issue when it is resolved"
+          required: true
+  - type: input
+    id: summary
+    attributes:
+      label: "Describe the issue briefly in a few sentences:"
+      description: "You can add more details in a separate comment after creating the issue."
+    validations:
+      required: true

.github/workflows/build-linux.yml

@@ -9,17 +9,18 @@ on:
       - "VERSION"
     branches:
       - main
+  workflow_dispatch:
 
 jobs:
   build:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v4
 
     - name: Setup Go
       uses: actions/setup-go@v5
       with:
-        go-version: '>1.18'
+        go-version: '>=1.24'
         check-latest: true
         cache: false
 
@@ -38,7 +39,7 @@ jobs:
         go build -v -ldflags="-s -w" -o Picocrypt Picocrypt.go
       env:
         CGO_ENABLED: 1
-        GOAMD64: v2
+        GOAMD64: v1
 
     - name: Package as .deb
       run: |
@@ -72,6 +73,11 @@ jobs:
         if-no-files-found: error
         compression-level: 9
 
+    - name: Generate checksums
+      run: |
+        echo "CHECKSUM_PICOCRYPT=$(sha256sum Picocrypt | cut -d ' ' -f1)" >> $GITHUB_ENV
+        echo "CHECKSUM_DEB=$(sha256sum Picocrypt.deb | cut -d ' ' -f1)" >> $GITHUB_ENV
+
     - name: Release
       uses: softprops/action-gh-release@v2
       with:
@@ -80,3 +86,8 @@ jobs:
           Picocrypt.deb
         tag_name: ${{ env.VERSION }}
         make_latest: true
+        append_body: true
+        body: |
+          **Linux:**
+          `sha256(Picocrypt)      ${{ env.CHECKSUM_PICOCRYPT }}`
+          `sha256(Picocrypt.deb)  ${{ env.CHECKSUM_DEB }}`

.github/workflows/build-macos.yml

@@ -9,17 +9,18 @@ on:
       - "VERSION"
     branches:
       - main
+  workflow_dispatch:
 
 jobs:
   build:
-    runs-on: macos-14
+    runs-on: macos-15
     steps:
     - uses: actions/checkout@v4
 
     - name: Setup Go
       uses: actions/setup-go@v5
       with:
-        go-version: '>1.18'
+        go-version: '>=1.24'
         check-latest: true
         cache: false
 
@@ -63,6 +64,11 @@ jobs:
         VERSION=$(cat VERSION)
         echo "VERSION=$VERSION" >> $GITHUB_ENV
 
+    - name: Generate checksums
+      run: |
+        HASH=$(shasum -a 256 Picocrypt.dmg | cut -d ' ' -f1)
+        echo "CHECKSUM_PICOCRYPT=$HASH" >> $GITHUB_ENV
+
     - name: Release
       uses: softprops/action-gh-release@v2
       with:
@@ -70,3 +76,7 @@ jobs:
           Picocrypt.dmg
         tag_name: ${{ env.VERSION }}
         make_latest: true
+        append_body: true
+        body: |
+          **macOS:**
+          `sha256(Picocrypt.dmg)  ${{ env.CHECKSUM_PICOCRYPT }}`

.github/workflows/build-windows.yml

@@ -9,17 +9,18 @@ on:
       - "VERSION"
     branches:
       - main
+  workflow_dispatch:
 
 jobs:
   build:
-    runs-on: windows-2022
+    runs-on: windows-2025
     steps:
     - uses: actions/checkout@v4
 
     - name: Setup Go
       uses: actions/setup-go@v5
       with:
-        go-version: '>1.18'
+        go-version: '>=1.24'
         check-latest: true
         cache: false
 
@@ -34,25 +35,25 @@ jobs:
         go build -v -ldflags="-s -w -H=windowsgui -extldflags=-static" -o 1.exe Picocrypt.go
       env:
         CGO_ENABLED: 1
-        GOAMD64: v2
+        GOAMD64: v1
 
     - name: Add icon, manifest, and version info
       shell: pwsh
       run: |
-        Invoke-WebRequest -OutFile reshacker_setup.zip https://github.com/user-attachments/files/15893917/reshacker_setup.zip
+        Invoke-WebRequest -OutFile reshacker_setup.zip https://github.com/user-attachments/files/18878075/reshacker_setup.zip
         Expand-Archive -DestinationPath reshacker_setup reshacker_setup.zip
         reshacker_setup/reshacker_setup.exe /SILENT
-        Start-Sleep -Seconds 30
+        Start-Sleep -Seconds 60
         Invoke-Expression "& `"$Env:P`" -open src/1.exe -save src/2.exe -action addoverwrite -res images/key.ico -mask `"ICONGROUP,MAINICON,`""
-        Start-Sleep -Seconds 10
+        Start-Sleep -Seconds 30
         Invoke-Expression "& `"$Env:P`" -open src/2.exe -save src/3.exe -action addoverwrite -res images/key.ico -mask `"ICONGROUP,GLFW_ICON,`""
-        Start-Sleep -Seconds 10
+        Start-Sleep -Seconds 30
         Invoke-Expression "& `"$Env:P`" -open src/3.exe -save src/4.exe -action addoverwrite -res dist/windows/manifest.xml -mask `"MANIFEST,1,`""
-        Start-Sleep -Seconds 10
+        Start-Sleep -Seconds 30
         Invoke-Expression "& `"$Env:P`" -open dist/windows/versioninfo.rc -save resources.res -action compile"
-        Start-Sleep -Seconds 10
+        Start-Sleep -Seconds 30
         Invoke-Expression "& `"$Env:P`" -open src/4.exe -save src/5.exe -action addoverwrite -res resources.res"
-        Start-Sleep -Seconds 10
+        Start-Sleep -Seconds 30
       env:
         P: "C:\\Program Files (x86)\\Resource Hacker\\ResourceHacker.exe"
 
@@ -67,7 +68,7 @@ jobs:
       uses: actions/upload-artifact@v4
       with:
         name: build-windows
-        path: src/Picocrypt.exe
+        path: src/*.exe
         if-no-files-found: error
         compression-level: 9
 
@@ -77,6 +78,12 @@ jobs:
         $version = Get-Content -Path "VERSION"
         echo "VERSION=$version" >> $env:GITHUB_ENV
 
+    - name: Generate checksums
+      shell: pwsh
+      run: |
+        $hash = Get-FileHash "src/Picocrypt.exe" -Algorithm SHA256
+        echo "CHECKSUM_PICOCRYPT=$($hash.Hash)" >> $env:GITHUB_ENV
+
     - name: Release
       uses: softprops/action-gh-release@v2
       with:
@@ -84,3 +91,7 @@ jobs:
           src/Picocrypt.exe
         tag_name: ${{ env.VERSION }}
         make_latest: true
+        append_body: true
+        body: |
+          **Windows:**
+          `sha256(Picocrypt.exe)  ${{ env.CHECKSUM_PICOCRYPT }}`

.github/workflows/close-issues.yml

@@ -0,0 +1,21 @@
+name: Close inactive issues
+on:
+  schedule:
+    - cron: "30 1 * * *"
+jobs:
+  close-issues:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+    steps:
+      - uses: actions/stale@v9
+        with:
+          days-before-issue-stale: 30
+          days-before-issue-close: 14
+          stale-issue-label: "stale"
+          stale-issue-message: "This issue is stale because it has been open for 30 days with no activity."
+          close-issue-message: "This issue was closed because it has been inactive for 14 days since being marked as stale."
+          days-before-pr-stale: -1
+          days-before-pr-close: -1
+          repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/pr-test-build-linux.yml

@@ -0,0 +1,71 @@
+name: pr-test-build-linux
+
+permissions:
+  contents: write
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  pr-test-build-linux:
+    runs-on: ubuntu-24.04
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Setup Go
+      uses: actions/setup-go@v5
+      with:
+        go-version: '>=1.24'
+        check-latest: true
+        cache: false
+
+    - name: Install packages
+      run: |
+        sudo apt install -y gcc xorg-dev libgtk-3-dev libgl1-mesa-dev libglu1-mesa wget
+
+    - name: Install dependencies
+      run: |
+        cd src
+        go mod download
+
+    - name: Build
+      run: |
+        cd src
+        go build -v -ldflags="-s -w" -o Picocrypt Picocrypt.go
+      env:
+        CGO_ENABLED: 1
+        GOAMD64: v1
+
+    - name: Package as .deb
+      run: |
+        wget https://github.com/user-attachments/files/16136712/Picocrypt.zip
+        python -m zipfile -e Picocrypt.zip Picocrypt
+        cp src/Picocrypt Picocrypt/Picocrypt/usr/bin/picocrypt-gui
+        VERSION=$(cat VERSION)
+        echo "VERSION=$VERSION" >> $GITHUB_ENV
+        echo "Version: $VERSION" >> Picocrypt/Picocrypt/DEBIAN/control
+        echo "Version=$VERSION" >> Picocrypt/Picocrypt/usr/share/applications/picocrypt.desktop
+        cd Picocrypt
+        dpkg-deb -Zxz --build --root-owner-group Picocrypt
+
+    - name: Prepare to upload artifacts
+      run: |
+        mkdir out
+        mv src/Picocrypt out
+        mv Picocrypt/Picocrypt.deb out
+        rm -rf src
+        rm -rf Picocrypt
+        mv out/Picocrypt .
+        mv out/Picocrypt.deb .
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: pr-test-build-linux-ONLY-FOR-TESTING
+        path: |
+          Picocrypt
+          Picocrypt.deb
+        if-no-files-found: error
+        compression-level: 9

.github/workflows/pr-test-build-macos.yml

@@ -0,0 +1,57 @@
+name: pr-test-build-macos
+
+permissions:
+  contents: write
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  pr-test-build-macos:
+    runs-on: macos-15
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Setup Go
+      uses: actions/setup-go@v5
+      with:
+        go-version: '>=1.24'
+        check-latest: true
+        cache: false
+
+    - name: Install packages
+      run: |
+        brew install glfw glew
+
+    - name: Install dependencies
+      run: |
+        cd src
+        go mod download
+
+    - name: Build
+      run: |
+        cd src
+        go build -v -ldflags="-s -w" -o Picocrypt Picocrypt.go
+      env:
+        CGO_ENABLED: 1
+
+    - name: Package as .app in a .dmg
+      run: |
+        mv dist/macos/Picocrypt.app.zip .
+        unzip -d Picocrypt.app Picocrypt.app.zip
+        rm Picocrypt.app.zip
+        mv src/Picocrypt Picocrypt.app/Contents/MacOS/Picocrypt
+        mkdir out
+        cp -R Picocrypt.app out
+        hdiutil create Picocrypt.dmg -volname Picocrypt -fs APFS -format UDZO -srcfolder out
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: pr-test-build-macos-ONLY-FOR-TESTING
+        path: |
+          Picocrypt.dmg
+        if-no-files-found: error
+        compression-level: 9

.github/workflows/pr-test-build-windows.yml

@@ -0,0 +1,70 @@
+name: pr-test-build-windows
+
+permissions:
+  contents: write
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  pr-test-build-windows:
+    runs-on: windows-2025
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Setup Go
+      uses: actions/setup-go@v5
+      with:
+        go-version: '>=1.24'
+        check-latest: true
+        cache: false
+
+    - name: Install dependencies
+      run: |
+        cd src
+        go mod download
+
+    - name: Build
+      run: |
+        cd src
+        go build -v -ldflags="-s -w -H=windowsgui -extldflags=-static" -o 1.exe Picocrypt.go
+      env:
+        CGO_ENABLED: 1
+        GOAMD64: v1
+
+    - name: Add icon, manifest, and version info
+      shell: pwsh
+      run: |
+        Invoke-WebRequest -OutFile reshacker_setup.zip https://github.com/user-attachments/files/18878075/reshacker_setup.zip
+        Expand-Archive -DestinationPath reshacker_setup reshacker_setup.zip
+        reshacker_setup/reshacker_setup.exe /SILENT
+        Start-Sleep -Seconds 60
+        Invoke-Expression "& `"$Env:P`" -open src/1.exe -save src/2.exe -action addoverwrite -res images/key.ico -mask `"ICONGROUP,MAINICON,`""
+        Start-Sleep -Seconds 30
+        Invoke-Expression "& `"$Env:P`" -open src/2.exe -save src/3.exe -action addoverwrite -res images/key.ico -mask `"ICONGROUP,GLFW_ICON,`""
+        Start-Sleep -Seconds 30
+        Invoke-Expression "& `"$Env:P`" -open src/3.exe -save src/4.exe -action addoverwrite -res dist/windows/manifest.xml -mask `"MANIFEST,1,`""
+        Start-Sleep -Seconds 30
+        Invoke-Expression "& `"$Env:P`" -open dist/windows/versioninfo.rc -save resources.res -action compile"
+        Start-Sleep -Seconds 30
+        Invoke-Expression "& `"$Env:P`" -open src/4.exe -save src/5.exe -action addoverwrite -res resources.res"
+        Start-Sleep -Seconds 30
+      env:
+        P: "C:\\Program Files (x86)\\Resource Hacker\\ResourceHacker.exe"
+
+    - name: Compress with upx
+      shell: pwsh
+      run: |
+        Invoke-WebRequest -OutFile upx.zip https://github.com/user-attachments/files/15894908/upx-4.2.4-win64.zip
+        Expand-Archive -DestinationPath upx upx.zip
+        upx/upx-4.2.4-win64/upx.exe --lzma --brute -o src/Picocrypt.exe src/5.exe
+
+    - name: Upload artifact
+      uses: actions/upload-artifact@v4
+      with:
+        name: pr-test-build-windows-ONLY-FOR-TESTING
+        path: src/*.exe
+        if-no-files-found: error
+        compression-level: 9

.gitignore

@@ -20,3 +20,5 @@
 # Go workspace file
 go.work
 go.work.sum
+
+TODO

CODEOWNERS

@@ -1,3 +1,4 @@
 .github/workflows/* @HACKERALERT
 VERSION @HACKERALERT
 CODEOWNERS @HACKERALERT
+src/* @HACKERALERT

Changelog.md

@@ -1,6 +1,35 @@
-# Future
+# v1.48 (Released 04/18/2025)
 <ul>
-	<li>Migrate golang.org/x/crypto to standard library imports (https://github.com/golang/go/issues/65269)</li>
+	<li>✓ Allow pressing 'Enter' key to press Start/Process button</li>
+	<li>✓ Update "Encrypt" button to "Zip and Encrypt" if multiple files</li>
+	<li>✓ Give user estimated required free disk space in status label</li>
+	<li>✓ Encrypt previously unencrypted temporary zip files</li>
+	<li>✓ Add `.incomplete` to filenames while work is in progress</li>
+	<li>✓ Use `encrypted-*.zip.pcv` output name instead of `Encrypted.zip.pcv`</li>
+	<li>✓ Use 0700 permissions when auto unzipping and creating folders</li>
+	<li>✓ Handle many more errors in the code where they were ignored previously</li>
+</ul>
+
+# v1.47 (Released 02/19/2025)
+<ul>
+	<li>✓ No code changes, just build on newly released Go 1.24</li>
+	<li>✓ Reintroduce the Windows installer made using Inno Setup</li>
+</ul>
+
+# v1.46 (Released 01/29/2025)
+<ul>
+	<li>✓ Added Picocrypt version to the window title</li>
+	<li>✓ Added ability to automatically unzip archives upon decryption</li>
+</ul>
+
+# v1.45 (Released 12/05/2024)
+<ul>
+	<li>✓ Bumped GitHub Actions Ubuntu 22 -> 24 and macOS 14 -> 15</li>
+</ul>
+
+# v1.44 (Released 11/09/2024)
+<ul>
+	<li>✓ No changes, just updated dependencies</li>
 </ul>
 
 # v1.43 (Released 09/11/2024)

README.md

@@ -36,6 +36,9 @@ A command-line interface is available for Picocrypt <a href="https://github.com/
 ## Web
 A functionally limited web app is available <a href="https://picocrypt.github.io/">here</a> which allows you to encrypt and decrypt standard Picocrypt volumes (no advanced features or keyfiles) on any modern browser, including mobile devices. It's a simple, future-proof way to encrypt files that should work indefinitely due to the web's stable nature. Note that you can only encrypt single files up to a maximum size of 1 GiB.
 
+## Mobile 🚧
+An experimental project <a href="https://github.com/Picocrypt/PicoGo">PicoGo</a> is a community-developed port of Picocrypt to platforms like Android and iOS using the Fyne GUI library. Feel free to try it out, but keep in mind that it is *not* part of the official core Picocrypt project (like the platforms listed above) and thus not subject to the same scrutiny and standards that the core project is. So, **use it with caution and diligence** during its experimental phase.
+
 # Why Picocrypt?
 Why should you use Picocrypt instead of VeraCrypt, 7-Zip, BitLocker, or Cryptomator? Here are a few reasons why you should choose Picocrypt:
 <ul>
@@ -88,7 +91,7 @@ While being simple, Picocrypt also strives to be powerful in the hands of knowle
 </ul>
 
 # Security
-For more information on how Picocrypt handles cryptography, see <a href="Internals.md">Internals</a> for the technical details. If you're worried about the safety of me or this project, let me assure you that this repository won't be hijacked or backdoored. I have 2FA (TOTP) enabled on all accounts with a tie to Picocrypt (GitHub, Reddit, Google, etc.), in addition to full-disk encryption on all of my portable devices. For further hardening, Picocrypt uses my isolated forks of dependencies and I fetch upstream only when I have taken a look at the changes and believe that there aren't any security issues. This means that if a dependency gets hacked or deleted by the author, Picocrypt will be using my fork of it and remain completely unaffected. You can feel confident about using Picocrypt as long as you understand:
+For more information on how Picocrypt handles cryptography, see <a href="Internals.md">Internals</a> for the technical details. If you're worried about the safety of me or this project, let me assure you that this repository won't be hijacked or backdoored. I have 2FA (TOTP) enabled on all accounts with a tie to Picocrypt (GitHub, etc.), in addition to full-disk encryption on all of my portable devices. For further hardening, Picocrypt uses my isolated forks of dependencies and I fetch upstream only when I have taken a look at the changes and believe that there aren't any security issues. This means that if a dependency gets hacked or deleted by the author, Picocrypt will be using my fork of it and remain completely unaffected. I've also meticulously gone through every single setting in the Picocrypt organization and repos, locking down access behind multiple layers of security such as read-only base-level member permissions, required PRs and mandatory approvals (which no one can do but me), mandatory CODEOWNERS approvals, and I'm the only member of the Picocrypt organization and repos (except for PicoGo). You can feel confident about using Picocrypt as long as you understand:
 
 <strong>Picocrypt operates under the assumption that the host machine it is running on is safe and trusted. If that is not the case, no piece of software will be secure, and you will have much bigger problems to worry about. As such, Picocrypt is designed for the offline security of volumes and does not attempt to protect against side-channel analysis.</strong>
 

VERSION

@@ -1 +1 @@
-1.44
+1.48

dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml

@@ -11,47 +11,33 @@
   <url type="homepage">https://github.com/Picocrypt/Picocrypt</url>
   <url type="bugtracker">https://github.com/Picocrypt/Picocrypt/issues</url>
   <content_rating type="oars-1.1"/>
-
   <description>
-    <p>
-      Picocrypt is a very small (hence Pico), very simple, yet very secure encryption tool that you can use to protect your files. It is designed to be the go-to tool for encryption, with a focus on security, simplicity, and reliability. Picocrypt uses the secure XChaCha20 cipher and the Argon2id key derivation function to provide a high level of security, even from three-letter agencies like the NSA. Your privacy and security is under attack. Take it back with confidence by protecting your files with Picocrypt. For more info, please visit the project's GitHub repository.
-    </p>
-    <p>A list of features:</p>
-    <ul>
-      <li>Password generator: Picocrypt provides a secure password generator that you can use to create cryptographically secure passwords. You can customize the password length, as well as the types of characters to include.</li>
-      <li>Comments: Use this to store notes, information, and text along with the file (it won't be encrypted). For example, you can put a description of the file you're encrypting before sending it to someone. When the person you sent it to drops the file into Picocrypt, your description will be shown to that person. Comments are not authenticated, meaning it can be freely modified by an attacker. Thus, it should only be used for informational purposes in trusted environments.</li>
-      <li>Keyfiles: Picocrypt supports the use of keyfiles as an additional form of authentication (or the only form of authentication). It also provides a secure built-in keyfile generator.</li>
-      <li>Paranoid mode: Using this mode will encrypt your data with both XChaCha20 and Serpent in a cascade fashion, and use HMAC-SHA3 to authenticate data instead of BLAKE2b. Argon2 parameters will be increased significantly as well.</li>
-      <li>Reed-Solomon: This feature is very useful if you are planning to archive important data on a cloud provider or external medium for a long time. If checked, Picocrypt will use the Reed-Solomon error correction code to add 8 extra bytes for every 128 bytes of data to prevent file corruption. This means that up to ~3% of your file can corrupt and Picocrypt will still be able to correct the errors and decrypt your files with no corruption.</li>
-      <li>Force decrypt: Picocrypt automatically checks for file integrity upon decryption. If the file has been modified or is corrupted, Picocrypt will automatically delete the output for the user's safety. If you would like to override these safeguards, check this option. Also, if this option is checked and the Reed-Solomon feature was used on the encrypted volume, Picocrypt will attempt to recover as much of the file as possible during decryption.</li>
-      <li>Split into chunks: With Picocrypt, you can choose to split your output file into custom-sized chunks, so large files can become more manageable and easier to upload to cloud providers. Simply choose a unit (KiB, MiB, GiB, or TiB) and enter your desired chunk size for that unit. To decrypt the chunks, simply drag one of them into Picocrypt and the chunks will be automatically recombined during decryption.</li>
-      <li>Compress files: By default, Picocrypt uses a zip file with no compression to quickly merge files together when encrypting multiple files. If you would like to compress these files, however, simply check this box and the standard Deflate compression algorithm will be applied during encryption.</li>
-      <li>Deniability: Picocrypt volumes typically follow an easily recognizable header format. However, if you want to hide the fact that you are encrypting your files, enabling this option will provide you with plausible deniability. The output volume will indistinguishable from a stream of random bytes, and no one can prove it is a volume without the correct password.</li>
-      <li>Recursively: If you want to encrypt and/or decrypt a large set of files individually, this option will tell Picocrypt to go through every recursive file that you drop in and encrypt/decrypt it separately. This is useful, for example, if you are encrypting thousands of large documents and want to be able to decrypt any one of them in particular without having to download and decrypt the entire set of documents.</li>
-    </ul>
+    <p>Visit the project's GitHub repository to learn more.</p>
   </description>
-
   <categories>
     <category>Utility</category>
     <category>Security</category>
   </categories>
-
   <launchable type="desktop-id">io.github.picocrypt.Picocrypt.desktop</launchable>
   <screenshots>
     <screenshot type="default">
-      <image>https://github.com/Picocrypt/Picocrypt/raw/4d4bd47efe88ff25f372db81c4249920d399226b/images/screenshot.png</image>
+      <image>https://raw.githubusercontent.com/Picocrypt/Picocrypt/refs/heads/main/images/screenshot.png</image>
       <caption>Main window</caption>
     </screenshot>
   </screenshots>
   <releases>
-    <release version="1.42" date="2024-09-03">
-      <url type="details">https://github.com/Picocrypt/Picocrypt/blob/main/Changelog.md#v142-released-09032024</url>
+    <release version="1.48" date="2025-04-18">
+      <url type="details">https://github.com/Picocrypt/Picocrypt/blob/main/Changelog.md#v148-released-04182025</url>
       <description>
-        <p>Security audit by Radically Open Security has concluded! No major security issues were found</p>
         <ul>
-          <li>Panic if crypto/rand.Read fails</li>
-          <li>Assume host machine is trusted, make notes in documentation accordingly</li>
-          <li>Handle edge cases regarding comments</li>
+          <li>Allow pressing 'Enter' key to press Start/Process button</li>
+          <li>Update "Encrypt" button to "Zip and Encrypt" if multiple files</li>
+          <li>Give user estimated required free disk space in status label</li>
+          <li>Encrypt previously unencrypted temporary zip files</li>
+          <li>Add `.incomplete` to filenames while work is in progress</li>
+          <li>Use `encrypted-*.zip.pcv` output name instead of `Encrypted.zip.pcv`</li>
+          <li>Use 0700 permissions when auto unzipping and creating folders</li>
+          <li>Handle many more errors in the code where they were ignored previously</li>
         </ul>
       </description>
     </release>

dist/windows/versioninfo.rc

@@ -1,6 +1,6 @@
 1 VERSIONINFO
-FILEVERSION 1,0,0,0
-PRODUCTVERSION 1,0,0,0
+FILEVERSION 1,48,0,0
+PRODUCTVERSION 1,48,0,0
 FILEOS 0x40004
 FILETYPE 0x1
 {
@@ -8,7 +8,7 @@ BLOCK "StringFileInfo"
 {
 	BLOCK "040904B0"
 	{
-		VALUE "FileVersion", "nightly"
+		VALUE "FileVersion", "1.48"
 		VALUE "LegalCopyright", "\xA9 Evan Su & contributors, GPLv3"
 		VALUE "ProductName", "Picocrypt"
 	}

src/go.mod

@@ -1,21 +1,21 @@
 module Picocrypt
 
-go 1.17
+go 1.24.2
 
 require (
-	github.com/Picocrypt/dialog v0.0.0-20240831001746-9ca708a9cd29
-	github.com/Picocrypt/giu v0.0.0-20240831005244-5771b35043ac
-	github.com/Picocrypt/imgui-go v0.0.0-20240831004007-6f60d7beadf6
-	github.com/Picocrypt/infectious v0.0.0-20240830233326-3a050f65f9ec
+	github.com/Picocrypt/dialog v0.0.0-20250412233924-78f7b909315b
+	github.com/Picocrypt/giu v0.0.0-20250412235908-fe90a482e6f2
+	github.com/Picocrypt/imgui-go v0.0.0-20250412235405-d86b230f5fbb
+	github.com/Picocrypt/infectious v0.0.0-20250412183341-9f88c6307b39
 	github.com/Picocrypt/serpent v0.0.0-20240830233833-9ad6ab254fd7
-	github.com/Picocrypt/zxcvbn-go v0.0.0-20240831000415-fccb38ccb913
-	golang.org/x/crypto v0.29.0
+	github.com/Picocrypt/zxcvbn-go v0.0.0-20250412183938-d59695960527
+	golang.org/x/crypto v0.38.0
 )
 
 require (
-	github.com/Picocrypt/gl v0.0.0-20240831002619-6531d2bba5fc // indirect
-	github.com/Picocrypt/glfw/v3.3/glfw v0.0.0-20240831003212-7f16c5fb374b // indirect
+	github.com/Picocrypt/gl v0.0.0-20250412234430-767b58dbf936 // indirect
+	github.com/Picocrypt/glfw/v3.3/glfw v0.0.0-20250412234750-7b96bfdb8dd8 // indirect
 	github.com/Picocrypt/mainthread v0.0.0-20240831004314-496f638392b3 // indirect
 	github.com/Picocrypt/w32 v0.0.0-20240831001500-1183079d4d57 // indirect
-	golang.org/x/sys v0.27.0 // indirect
+	golang.org/x/sys v0.33.0 // indirect
 )

src/go.sum

@@ -1,87 +1,24 @@
-github.com/Picocrypt/dialog v0.0.0-20240831001746-9ca708a9cd29 h1:WIgRST/mpLiBEG2MF5MRPBDYYevLw7y14cwUEDjG5+Q=
-github.com/Picocrypt/dialog v0.0.0-20240831001746-9ca708a9cd29/go.mod h1:raXVkdcX4495+fW9Ac+kvPMHRNk0rOcNXEWFD71B2As=
-github.com/Picocrypt/giu v0.0.0-20240831005244-5771b35043ac h1:Z21enGbi450NyI7UZSoEuu//axifyGl63BJVjHX3ZXc=
-github.com/Picocrypt/giu v0.0.0-20240831005244-5771b35043ac/go.mod h1:x7jbmZVofU9rn5WJj2+riU85Zo0MFlfp1sMTnKFQhc0=
-github.com/Picocrypt/gl v0.0.0-20240831002619-6531d2bba5fc h1:5ckKMFhiz/Af6+sdkGlw74BU+rKRmoFWqU/rXHGUe3g=
-github.com/Picocrypt/gl v0.0.0-20240831002619-6531d2bba5fc/go.mod h1:VknKAZzEoKP9nqrc/dveCwR5L01B9V8yLqtpvYmQ3DA=
-github.com/Picocrypt/glfw/v3.3/glfw v0.0.0-20240831003212-7f16c5fb374b h1:hSaQU4P9KbMg9s2Jp2mTk9G5G+zkf4Yse5YRoxWTDTk=
-github.com/Picocrypt/glfw/v3.3/glfw v0.0.0-20240831003212-7f16c5fb374b/go.mod h1:r5awTCSm/ugmTRKmT8Hr0T4xGPI6K35eFK0s3jYCW+s=
-github.com/Picocrypt/imgui-go v0.0.0-20240831004007-6f60d7beadf6 h1:Y6SuxbSkQSU1hdEOpoMvp6Akq3RVX6KP1U4pKjGv3qo=
-github.com/Picocrypt/imgui-go v0.0.0-20240831004007-6f60d7beadf6/go.mod h1:mGfOCkgyafVMIs1tU70va3lFSh6hSb+Vq4paVLX1Fjg=
-github.com/Picocrypt/infectious v0.0.0-20240830233326-3a050f65f9ec h1:/cop0/v0HxIJm1XGDgIlzNJ3e4HhM8nIUPZi5RZ/n1w=
-github.com/Picocrypt/infectious v0.0.0-20240830233326-3a050f65f9ec/go.mod h1:aaFq/WMVxrU2Exl/tXbTFSXajZrqw0mgn/wi42n0fK4=
+github.com/Picocrypt/dialog v0.0.0-20250412233924-78f7b909315b h1:k5YGEx61N6K8l2l6AQ1u5W2aR+47sVZWFyqXS/f5lIA=
+github.com/Picocrypt/dialog v0.0.0-20250412233924-78f7b909315b/go.mod h1:OyaP0Tz19qL3RAGq5Ntues+WVrIbHh5MrfqoA/qhqeg=
+github.com/Picocrypt/giu v0.0.0-20250412235908-fe90a482e6f2 h1:SPR2efZTpZJON/2mNifLi68Gl9Epxh/1nXb3kGGHCcg=
+github.com/Picocrypt/giu v0.0.0-20250412235908-fe90a482e6f2/go.mod h1:jd6AonK0ZI02R7GqLWb4gWJz/A2ClF36Y4fFMR8Lzbk=
+github.com/Picocrypt/gl v0.0.0-20250412234430-767b58dbf936 h1:6MChjQ4AZC2ISBjbgZU/z6tSUxYP50NkRvAu0T2kjlY=
+github.com/Picocrypt/gl v0.0.0-20250412234430-767b58dbf936/go.mod h1:pMdf3io/y3I+zYZ6/xFb3MlI2AgL38enDDIKuR0n2qA=
+github.com/Picocrypt/glfw/v3.3/glfw v0.0.0-20250412234750-7b96bfdb8dd8 h1:i8wXJhSYIJTXb6sqBS6JZW7QosI9u8Ysy1BHZCTuZEc=
+github.com/Picocrypt/glfw/v3.3/glfw v0.0.0-20250412234750-7b96bfdb8dd8/go.mod h1:cX5N2TrX03DC5i5eplxopglDue/vHDs+6Ng9G9uItaI=
+github.com/Picocrypt/imgui-go v0.0.0-20250412235405-d86b230f5fbb h1:0XMtv2CXx3QvC9ikeH43fJl6ql8j5EsnaiOqhsToFnY=
+github.com/Picocrypt/imgui-go v0.0.0-20250412235405-d86b230f5fbb/go.mod h1:N+NVTIIMz6icYltvaKHMvmVIllZDYUyscJ8wpcLKDZ4=
+github.com/Picocrypt/infectious v0.0.0-20250412183341-9f88c6307b39 h1:czHyPoiNrILv9xjfQ87UFllJgak8W6gVcYkmfOay/BE=
+github.com/Picocrypt/infectious v0.0.0-20250412183341-9f88c6307b39/go.mod h1:2ZVEanURxuWmxYZ6W6xMMy4ZR6xmQr16Vq/XPTLIspQ=
 github.com/Picocrypt/mainthread v0.0.0-20240831004314-496f638392b3 h1:a62XmbZYhHGDR15C1gxp/IPfJX5SflrJuGpqNoOOK7w=
 github.com/Picocrypt/mainthread v0.0.0-20240831004314-496f638392b3/go.mod h1:bsUKeX+/53rCTrItl3YUaeaN5tXl1v6326ZI90xIOsc=
 github.com/Picocrypt/serpent v0.0.0-20240830233833-9ad6ab254fd7 h1:G36G2vmQAS7CVoHQrHDGAoCWll/0kPCI8Dk7mgwcJFE=
 github.com/Picocrypt/serpent v0.0.0-20240830233833-9ad6ab254fd7/go.mod h1:BxsgRYwUVd92aEwXnXsfXfHw8aHlD/PUyExC/wwk9oI=
 github.com/Picocrypt/w32 v0.0.0-20240831001500-1183079d4d57 h1:jusSXTp0h5wz8lxNXStw0jXr/ogZF6rzRF8gu0534hA=
 github.com/Picocrypt/w32 v0.0.0-20240831001500-1183079d4d57/go.mod h1:FkeZHdKlITdP34VknO8yLdRY5pCi+iWEhDSA0YsBhZc=
-github.com/Picocrypt/zxcvbn-go v0.0.0-20240831000415-fccb38ccb913 h1:QGv9QiTkNZ2iRmXEd7nNopaUJMBhBdBcsvWPl+v51AY=
-github.com/Picocrypt/zxcvbn-go v0.0.0-20240831000415-fccb38ccb913/go.mod h1:dMyJ/0E4MeBo2wH1ZYmvPTChnYSj2MjLUndvYQt0vGw=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
-golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
-golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
-golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
-golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
-golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
-golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
-golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
-golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
-golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
-golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
-golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
-golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
-golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
-golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
-golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
-golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
-golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+github.com/Picocrypt/zxcvbn-go v0.0.0-20250412183938-d59695960527 h1:IqypAzv5COsByMhiSdwlgafA5SBRG7Z0binnBSo3htM=
+github.com/Picocrypt/zxcvbn-go v0.0.0-20250412183938-d59695960527/go.mod h1:u0rcUNEwy7st1DnPxdOJdTsh0aSRhrdMOxlIGrXR1Ls=
+golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8=
+golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw=
+golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
+golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=