Releases

Changelog

A record of every version — what's new, what's fixed, and what's changed.

V7.1.1 Latest March 2026

Vault Security Upgrade

  • Upgraded to BitWarden-style envelope encryption: a single app-level Master Key is derived via PBKDF2-SHA256 at 600,000 iterations (up from 310,000); each bundle gets a random 256-bit Vault Key wrapped by the Master Key
  • One vault password now unlocks all certificate bundles in a session — no more per-entry prompts
  • Password changes are instant (O(1)) — only the wrapped key file is re-encrypted, certificate files are untouched
  • Fully backward-compatible: existing V1 bundles continue to work with their original per-entry passwords

Certificate Inventory

  • Renewal detection: importing a cert with the same Common Name but a new serial number now prompts to update the existing entry (preserving vault, bundle, notes, and tags) or add it as a separate entry
  • Tags moved to detail header: tag chips are now inline next to the certificate title; a tag icon button opens a compact popover for adding new tags
  • Bundle picker now shows expiry month/year (e.g. "Expires Mar 2026") for each entry so renewals with the same CN are distinguishable; expired entries highlighted in red

PFX Generator

  • Auto-loads FullChain.cer when navigating to the PFX Generator if one is available — no manual click required
  • Private key passphrase field is no longer pre-filled — must be re-entered each time for security
  • Generated PFX is now offered for attachment to an existing certificate bundle, matching the Full Chain Builder behavior

Legal & Compliance

  • Added Legal & Compliance section in Settings with ECCN 5D992.c export classification and scope disclosures
  • Added Security & Legal section in Help / Tutorial with the same disclosures and a link to the compliance page
  • README updated with a ⚖️ Legal & Export Controls section covering certificate scope, local-only processing, user responsibility, and export classification
  • Landing page footer now includes a one-line compliance disclaimer with a link to the Security page

Bug Fixes

  • Removed duplicate "Skip" button from the top-right corner of the Bundle Attach sheet
V7.1.0 macOS March 2026

Certificate Bundles

  • New Certificate Bundle system groups all lifecycle files (CSR, private key, signed cert, full chain, PFX) under one inventory entry
  • Three storage modes: Metadata Only (path references), Master Password Vault (AES-256-GCM + PBKDF2-SHA256 at 310K iterations), and Keychain Vault (private key in macOS Keychain)
  • Pending entries: bundle is created at CSR generation time before a signed cert exists; automatically promoted to a full X.509 entry when the signed cert is attached
  • Bundle Attach Sheet: after building a Full Chain or generating a PFX, PRISM offers to attach the file to an existing bundle in one click
  • Certificate Files section in the inventory detail view shows all attached files with per-file Export buttons
  • Session-level vault unlock prompt on launch when any master-password bundles are present; decrypted keys cached in memory only

License & Activation

  • Simplified to local-only license validation — no periodic network revalidation required after activation
  • License validation fires immediately on activation rather than on next app restart
  • Added multi-product license support to the Windows build

Windows

  • Added code signing to the Windows build pipeline
  • AppInfo.cs is now auto-patched with the correct version at build time via build.bat
  • Improved installer and update flow

Website

  • Legal pages (Privacy Policy, Terms of Service, License) are now self-hosted; broken footer links fixed
  • CMDLAB rebrand applied across all website pages
  • Updated landing page hero with brand image, refined icon sizing, and cleaned up glow effects
V7.0.4 March 2026

Bug Fixes

  • Fixed license activation not triggering validation immediately on macOS

Windows

  • Improved update flow and installer behavior
  • Fixed installer packaging issues affecting clean installs
V7.0.2 March 2026

Monetization

  • Switched payment and license management from LemonSqueezy to Polar.sh
  • Updated checkout flow and license activation for both macOS and Windows

Website

  • Redesigned landing page with simpler layout and OS-aware download buttons
  • Downloads now served from Cloudflare R2 for improved reliability
V7.0.1 March 2026

Help & Tutorial

  • Added Help & Tutorial system on both macOS and Windows with per-tool documentation, keyboard shortcuts, and workflow guides
V7.0.0 March 2026

Major Release

  • Complete macOS rebuild as a native Swift/SwiftUI app (replacing prior Python-based version)
  • New v7 icon and visual identity
  • App Store build variant and direct-distribution DMG build
  • Paid licensing via in-app purchase — first paid release

Certificate Inventory

  • New persistent certificate library with expiry tracking, tags, notes, CSV export, and search/filter
  • Auto-import from CSR Generator
  • Expiry status badges (Valid, Expiring Soon, Expired)

Windows

  • Complete rewrite of the Windows app using C#/WinUI 3 (.NET 9)
  • Feature parity with macOS across CSR generation, Full Chain Builder, PFX Generator, and PFX Extractor