Follow along with releases, improvements, and fixes to the keychain-auth daemon, CLI, and wire protocol.Documentation Index
Fetch the complete documentation index at: https://theseventeen-2abbdf80.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
keychain-auth 1.0 is here
The first stable release of keychain-auth ships this week, alongside a bigger protocol, a safer approval workflow, and broader platform coverage.New
- keychain-auth 1.0 (GA). The security-hardened daemon is now stable and recommended for production use. Versioning support has landed so you can pin to specific releases. Install via the installation guide.
- Prefix matching for bulk operations. Add
"match": "prefix"to a request to read, delete, or search multiple keys in a single round-trip. Prefix reads return both targets and plaintext values when the binary hascan_search: true. See the request reference. - Pending approval workflow. Unregistered binaries are no longer silently dropped — they’re queued to
~/.config/keychain-auth/pending.jsonfor 24 hours. Inspect the queue withkeychain-auth list-pendingand authorize trusted tools withkeychain-auth approve <hash>. - Windows support. The daemon now runs on Windows via named pipes, with Credential Manager as the keychain backend. Read the Windows guide.
- Headless Linux fallback. On servers and WSL environments without a D-Bus session, keychain-auth automatically falls back to a secure file-based keyring. Details in the Linux guide.
- Forensic audit log. Every approved request, denial, and search is now written as structured JSON. Plaintext secret values are never logged. See the audit log reference.
Updated
- Delete now requires write permission. Destructive operations are gated by
allowed_write_services— a read-only binary can no longer remove or poison secrets. Review your permissions. - Tightened batch atomicity. Requests remain all-or-nothing: the daemon evaluates every target against policy before touching the OS keychain, so a single denied target rejects the whole batch.
- Search returns targets only. Standard
searchresponses never include plaintext values — fetching a secret requires an explicitread, keeping the audit trail granular.
Fixed
- macOS keychain build. Removed an unused import that prevented some Darwin builds from compiling cleanly.
- Socket path resolution. Fixed an issue with the daemon socket path on certain platform configurations.
- Release pipeline. The release workflow now triggers on tags only, preventing accidental publishes on branch pushes.