RestoreSafe v2.2.0

Added

• Startup health checks now use grouped sections and include source, target, and temp disk-space details.
• Restore preflight now estimates needed disk space and validates target free space before starting.
• Added shared aligned preflight-field formatting and log-only warning support.

Changed

• Reworked backup, restore, and verify preflight layouts for clearer grouping and fewer irrelevant fields.
• Changed newest-backup selection to use a dot (.) and made restore destination prompt ordering match that shortcut.
• Simplified interactive error messages and standardized failure spacing.
• Updated README naming/YubiKey guidance, build output handling, Go 1.26.2, and golang.org/x/* dependencies.

Fixed

• Backup now stops before confirmation/password entry when estimated source size exceeds target free space.
• Password retry warnings are now log-only and no longer shown to the user.
• Fixed startup health counts for informational disk-space lines.

Security

• Hardened decryption against tampered backup parts with oversized encrypted chunk lengths by rejecting invalid chunk sizes before allocation.

RestoreSafe v2.1.1

Changed

• Improved backup preflight formatting for readability: key/value fields now use aligned labels.
• Updated backup preflight wording to distinguish target and local disk checks: Free space was renamed to Free space target.
• Backup preflight now includes Free space local when local staging is enabled, showing free space on the staging drive.
• Improved backup progress visibility during archive creation: after the existing Created: N part file(s) summary, each created part filename is now logged at info level.
• Improved staging finalization visibility: while copying from local staging to the backup target, each copied .enc part file is now logged at info level.
• Added a short per-folder copy completion log line during staging finalization once all part files for a source folder are copied.

Fixed

• Fixed retention timing in backup workflow when local staging is enabled: retention cleanup now runs after staged files are copied to the target directory, so retention_keep is applied to the actual final target state (avoids effectively keeping one extra backup set).

RestoreSafe v2.1.0

Changed

• Refactored internal package structure and naming for clearer responsibilities, including extracted shared utilities and workflow helpers.
• Removed duplicate decrypt-stream logic by consolidating restore/verify decryption into a shared pipeline.
• Reorganized tests to align better with source files and expanded dedicated coverage for newly extracted workflow components.

Fixed

• Corrected startup exit prompt wording to match actual input behavior: message now says "Press Enter to exit." instead of "Press any key to exit...".
• Fixed YubiKey connectivity detection to use a version-compatible ykman list probe, preventing false "no YubiKey detected" failures on some YubiKey Manager CLI versions.
• Improved backup, restore and verify preflight for YubiKey modes: directly under Authentication, preflight now shows [OK] when a YubiKey is detected and shows [WARN] with remedy guidance when no YubiKey is detected.
• Fixed YubiKey prompt accuracy and failure diagnostics: backup/restore/verify now verify that a YubiKey device is actually connected before prompting for touch, avoiding false "YubiKey detected" messages and reducing misleading double-remedy error text.
• Fixed restore preflight to suppress same-volume warning on local drives (only warn for network/NAS storage), matching backup preflight behavior.
• Cleaned up small code-quality issues in error construction, auth-mode constants, and split-size naming for improved readability and maintainability.

Removed

• Removed unattended operation CLI flags (-backup, -restore, -verify). These flags provided limited value without truly supporting unattended execution: -backup required YubiKey physical touch, and -restore/-verify required authentication input. The -config flag for custom config paths remains available for interactive mode.

RestoreSafe v2.0.0

Added

• Added automatic local staging for restore when the backup folder and restore target share the same drive/share and TEMP/TMP is on a different local drive. RestoreSafe now copies the selected .enc parts to local temp storage first to reduce same-share read/write contention.
• Added password-less YubiKey-only mode. Authentication is now configured via a single authentication_mode key in config.yaml with three numeric options: 1 (default, password only), 2 (password + YubiKey HMAC-SHA1 second factor), and 3 (YubiKey only, no password). The challenge file written by a YubiKey-only backup is marked with a NOPW: prefix so that restore and verify detect the mode without relying on config.yaml. Backup and restore/verify preflight summaries display the resolved authentication label.
• Added CLI flags -backup, -restore, and -verify to run operations directly without opening the interactive menu.
• Added safety guard for unattended backup: non-interactive -backup now requires authentication_mode: 3 and exits with an error otherwise.
• Added automatic newest-run resolution in non-interactive -restore and -verify modes (no backup picker).
• Added CLI flag -config to load config.yaml from a custom location; if omitted, RestoreSafe still uses config.yaml in the application folder.
• Added automatic startup health check. RestoreSafe now runs a non-interactive diagnostic pass on launch and reports configuration, source/target folder access, temp directory access, YubiKey CLI availability, and structural issues in existing backup/challenge files before showing the main menu.
• Added interactive verify mode for existing backups. Verification checks selected backup sets for missing parts, validates decryption with password and optional YubiKey challenge-response, and confirms that the decrypted stream is a readable TAR archive without restoring files.
• Added backup and restore completion summaries showing processed folders, total part files created/processed, log file location, and whether warnings occurred.
• Added a simple retention policy via retention_keep in config.yaml: after a successful backup, RestoreSafe keeps only the newest N backup sets per source folder, deletes older encrypted part/challenge files, and removes orphan .log files only when no backup parts remain for the same backup run.
• Added unit and integration tests for config validation, TAR verification, health/retention helpers, backup/restore selection logic, and backup/restore round-trip behavior.

Changed

• Refactored internal code structure into clearer package boundaries to improve maintainability and testability.
• YubiKey CLI detection now resolves ykman automatically from PATH and the standard Windows install location (C:\Program Files\Yubico\YubiKey Manager\), removing the need to manually add it to PATH after installing YubiKey Manager.
• Improved backup preflight output: RestoreSafe now shows estimated total source size, free target disk space, and a warning when estimated size likely exceeds currently free target space.
• Improved restore/verify backup selection and ID handling: backup sets are grouped by date + ID, support date filtering, include a quick newest shortcut, and when the same backup ID exists on multiple dates RestoreSafe warns and automatically uses the newest date.
• Changed restore authentication detection so it no longer depends on config.yaml alone: YubiKey requirement is inferred from backup-side challenge files when available.
• Improved duplicate source-folder handling: when multiple configured sources share the same basename, RestoreSafe appends a full path-derived alias (including drive hint) to backup naming. Every non-alphanumeric character in that alias is encoded as UTF-8 hex (~XX~, for example - -> ~2D~, _ -> ~5F~, space -> ~20~), and true identical source-path duplicates are warned and skipped.
• Improved user-facing messaging across config, backup, restore, verify, health check, YubiKey, and low-level crypto/split/logging/retention/archive paths: messages use clearer punctuation and include concrete remediation steps (for example forward-slash path hints, missing part/challenge guidance, and permission checks).
• Startup health check now reports a warning when the write-probe temporary file cannot be cleaned up in the target folder or TEMP directory.
• Logger now falls back to console-only output when the log file cannot be opened, rather than silently dropping all log calls.
• Shared staging lifecycle helpers and a generic preflight validation helper extracted to the operation package and used consistently across backup, restore, and verify workflows.

Fixed

• Unified TAR path validation rules between verify and restore flows and removed unused restore dead code.
• Fixed backup staging path: encrypted parts and challenge files are now correctly written to the local staging directory (not the final target) when local staging is enabled.

RestoreSafe v1.2.0

Added / Changed

• Updated Go toolchain version to 1.26.1.
• Added dynamic version display in interactive menu: version is now extracted from versioninfo.json at build time and displayed as "RestoreSafe v1.1.0" when the application starts.
• Updated config-SAMPLE.yaml to use forward-slash Windows path examples (C:/...) and added a note to avoid YAML escaping pitfalls.

Fixed

• Improved config parse error guidance: invalid YAML path escape errors now include a hint explaining valid Windows path formats in YAML.

RestoreSafe v1.1.0

Added / Changed

• Startup mode simplified: removed CLI flags (-backup, -restore) and standardized operation via interactive menu / double-click flow.
• Improved startup error handling in main: introduced shared exitWithError(...) helper for cleaner and consistent fatal error behavior.
• Improved runtime I/O diagnostics architecture:
  • extracted shared stream progress logger into internal/engine/progress.go.
  • renamed helper to logStreamProgress for clearer intent.
  • clarified progress output labels to be operation-specific (encrypted during backup, decrypted during restore).
• Improved maintainability of restore password verification writer by simplifying internal state handling (verifyWriter).
• Improved developer readability of filename parsing by documenting partFilePattern capture groups in internal/util/naming.go.

Fixed

• Fixed inconsistent menu error UX: backup failures now also wait for key press before returning.
• Fixed silent stdin read handling in main by checking read errors in both getUserInput and waitForKeyPress.
• Fixed potential silent close error in SequentialReader.Read (internal/util/split.go) when switching part files.

RestoreSafe v1.0.0

Added / Changed

• Initial stable release of RestoreSafe for Windows 64-bit.
• Encrypted backup creation for one or more configured source folders.
• Secure restore flow for encrypted backup archives.
• AES-256-GCM encryption for authenticated confidentiality and integrity.
• Argon2id key derivation for password-based protection.
• Optional YubiKey challenge-response (HMAC-SHA1, slot 2) as second factor.
• Encrypted metadata (file and folder names) in backup archives.
• Automatic archive splitting into numbered .enc parts.
• Deterministic backup naming scheme with date, random ID, and sequence number.
• Backup logging to per-run .log files.
• CLI support for backup (-backup) and restore (-restore) modes.