← Back to home

Changelog

Release notes for all MeowPass projects.

MCP Serverv0.3.02026-05-07

Multi-environment support

  • +env parameter on all 14 tools (list_secrets, get_secret, set_secret, delete_secret, pull, etc.)
  • +AI agents can target specific environments (local, staging, production)
  • >Default env is 'default' when not specified (backwards-compatible)
CLIv0.2.52026-05-14

X25519 team sharing, web app decrypt fix, salt drift fix

  • +X25519 per-member vault key encryption — each team member decrypts with their own master password
  • +mp share now encrypts vault key for each member using their X25519 public key
  • +mp pull auto-detects shared vaults and decrypts with X25519 private key
  • +GET /teams/{id}/members/keys API endpoint for team member public keys
  • +Team members list now shows email and name, with remove button (owner-only)
  • +DELETE /teams/{id}/members/{userId} endpoint for removing members
  • ~Web app reveal/copy: proper ArrayBuffer slicing for Web Crypto API
  • ~Web app unlock: validate only against owned vaults to avoid false errors
  • ~Salt drift: mp login now reuses existing ~/.meowpass/salt instead of regenerating
  • ~Audit logs: cast inet column to text for pgx compatibility
  • ~Vault GET: returns member-specific encrypted key from vault_access for shared vaults
CLIv0.2.42026-05-07

CLI promo code redemption

  • +mp promo redeem CODE — redeem promo codes directly from the CLI
CLIv0.2.32026-05-07

Free tier limits, promo codes, pricing launch

  • +Promo code system: POST /promo/redeem endpoint for 3-month Pro upgrades
  • +Auto-downgrade middleware: reverts to free tier when promo expires
  • +Redeem Promo Code UI in web dashboard settings tab
  • >Free tier now has actual limits: 3 vaults, 50 secrets (was unlimited)
  • >Pro and Team pricing buttons redirect to Discord for free 3-month access
CLIv0.2.22026-05-07

Multi-env secrets, mp shorthand, web dashboard fixes

  • +Multi-environment secrets: mp set KEY val --env production
  • +mp init auto-tags environments from .env file names (.env.local → local)
  • +mp shorthand alias — all commands work with mp instead of meowpass
  • ~Web dashboard reveal/copy buttons now pass env to API (was returning empty)
  • +Env column in web dashboard secret list
  • >All docs and UI updated to use mp shorthand by default
CLIv0.2.12026-05-06

Bug fixes for rotation and rollback

  • ~Vault key rotation now updates server-side encrypted key via PUT /vaults/{id}
  • ~Rollback no longer fails with 500 when nonce is nil
  • +PUT /vaults/{id} endpoint for vault key updates
  • +UpdateVaultKey database method
CLIv0.2.02026-05-05

Major feature release

  • +meowpass init — scan .env files, create vault, encrypt & push in one command
  • +meowpass run — inject decrypted secrets into subprocess (pure in-memory)
  • +meowpass diff — compare local .env with vault, colored output, --exit-on-drift
  • +meowpass doctor — diagnose config, API, auth, salt, and vault health
  • +meowpass history — per-secret version timeline
  • +meowpass rollback — restore previous secret version
  • +meowpass rotate — full vault key rotation + re-encrypt all secrets
  • +meowpass git-hook install — pre-commit drift detection
  • +meowpass set --ttl — secret auto-expiry (24h, 30m, etc.)
  • +Offline cache — auto-save vault snapshots, fallback on API failure
  • +Audit log middleware wired to all vault/secret routes
  • +GET /audit-logs endpoint with vault_id filter
  • +GET /vaults/{id}/secrets/{key}/history endpoint
  • +Secret TTL enforcement — auto-delete expired secrets on read
MCP Server0.2.02026-05-05

14 tools, redacted mode

  • +meowpass_diff — compare local .env with vault secrets
  • +meowpass_init — scan directory for .env files
  • +meowpass_run — run command with injected secrets
  • +meowpass_run_redacted — safe mode, scrubs secret values from output
  • >Now 14 tools total (was 10)
Node.js SDK0.1.12026-05-06

Initial release with README

  • +Full E2E encryption SDK for Node.js (Argon2id + AES-256-GCM)
  • +get, set, delete, list, pull, createVault, whoami methods
  • +Byte-compatible ciphertext with Go CLI
  • +README with API reference and examples
GitHub Actionv12026-05-05

Initial release

  • +Composite GitHub Action for CI/CD secret injection
  • +Export mode (GITHUB_ENV) and env file mode
  • +API key + pre-derived master key authentication
CLIv0.1.42026-05-05

DDoS protection and early access

  • +Rate limiting: 60 req/min general, 10 req/min auth endpoints
  • +Request body size limit (1MB)
  • +Security headers (X-Content-Type-Options, X-Frame-Options)
  • >All plan limits set to unlimited for early access