Zefer 0.7.0

Highlights

🔌 MCP everywhere (/mcp)

• zefer-cli as a Model Context Protocol server — setup guide with global and npx variants
• Per-tool accordions: Claude Code (incl. claude mcp add), Claude Desktop, Cursor, Windsurf, VS Code, Zed and generic stdio clients
• One-click install buttons for Cursor and VS Code (official deep links)
• Rich tool reference: parameter chips, returns, call examples for the 5 exposed tools

🎨 Syntax highlighting site-wide

• Dependency-free tokenizer (JSON + bash) with theme-variable colors and hover copy buttons — applied to /mcp and /install

☕ Donations FAB

• Floating Buy Me a Coffee button with a periodic invitation bubble (icon-only, primary glow, session-dismissable)

⚔️ Comparisons refreshed

• New rows on all five /vs pages: password generator & analysis, encrypted-file inspector, AI integration (MCP) — honest per-competitor statuses
• Fixed: Zefer does have a CLI (Picocrypt comparison)

🧭 Navigation & polish

• "Desarrollo" dropdown (project + author), trimmed footer, interrogative headings fixed across es/pt (¿Cómo usar Zefer?, ¿Cómo reportar?…), zero nested glass cards, dev stale-chunk SW fix

See CHANGELOG.md for details.

Zefer 0.6.0

Highlights

🔑 Password Lab (/generator)

• Two tabs: Generator and Analyzer
• 7 key types: Unicode, Secure, Alphanumeric, Hex, Base58 Readable (no 0 O I l), PIN, UUID v7 — shared with the home popover
• Stop-slider length control (16–1024 presets + custom up to 2048), quantity 1–50
• Advanced options (persisted): exclude ambiguous/custom characters, guarantee all classes, no consecutive repeats, dash grouping
• Every key scored and sorted high → low; copy-all and .txt download
• Security report: 4 attack scenarios (10²–10¹⁵ guesses/s), NIST SP 800-63B / OWASP / AES-128 / post-quantum (Grover) compliance, total keyspace, comparison vs an average human password — with plain-language tooltips (es/en/pt)

🔍 Deep .zefer Analyzer (/analyzer)

• Structural integrity (chunk-framing walk, corruption detection), ciphertext randomness (Shannon entropy), salt/IV hex, file SHA-256, KDF resistance table derived from the file's PBKDF2 iterations, severity-tagged security observations
• "Decrypt this file" hands the analyzed file straight to the decrypt form

📱 Mobile header redesign

• Scroll-aware liquid-glass app bar, live E2E pill, morphing hamburger, staggered drawer reveal, encrypt CTA

⚙️ Realistic device limits

• File-size limits now tiered by RAM + CPU threads: workstations reach 10 GB (previously every machine was capped at ~1.5 GB by the V8 heap heuristic)

🧭 Navigation & docs

• "Proyecto" dropdown (desktop + drawer accordion), Buy Me a Coffee FAB, /how section explaining the generation engine
• 161 tests (100% line coverage, password engine now gated), full documentation pass

See CHANGELOG.md for the complete list.

v0.2.0 - 2026-04-11

New

• Key generator preferences — Your chosen mode (Unicode, Secure, Alpha, Hex, UUID) and length (64-1024) are now remembered across sessions
• AI assistants guide — New /install/guide page with step-by-step instructions for using Zefer with AI tools
• Passphrase visibility toggle — Show/hide buttons on all passphrase input fields
• Character requirements — Clear minimum length indicators on passphrase fields
• Author section — Social links and profile information on the install page
• Professional documentation — Security policy, Code of Conduct, Changelog, Contributing guide, issue template chooser
• JSON-LD structured data — WebApplication schema with author, version, and language information for search engines
• Per-page SEO metadata — Every route now has its own title, description, keywords, OpenGraph, Twitter card, and canonical URL
• PWA screenshots — Manifest now includes screenshots for the install prompt on mobile devices

Improved

• Share links are now safer — When a reveal key is set, the share link uses only the reveal key instead of exposing the main passphrase
• URL parameters respect target tab — Encrypt params are ignored when t=decrypt and vice versa, preventing the wrong form from consuming and clearing params
• Touch targets — All icon-only buttons now meet 36x36px minimum (theme toggle, language selector, copy, close, file remove, passphrase toggle)
• Heading hierarchy — Footer section labels changed from <h4> to <p> to avoid skipping heading levels
• Aria labels — All toggle buttons now have dynamic aria-labels ("Show/Hide passphrase"), expand/collapse buttons have aria-expanded
• Social preview images — Redesigned OpenGraph, Twitter/X, and Apple touch icon with ambient glows, grid overlay, version badge, and tech pills
• Search engine indexing — Legal pages (/privacy, /terms) now have noindex, follow robots directive and are excluded from the sitemap
• Input styles — Better focus states and accessibility across encrypt and decrypt forms
• Documentation — All docs have cross-navigation, corrected counts (24 components, ~415 translations), SEO rules, accessibility rules, and new route guide
• Dependencies — All packages updated to latest stable versions with ~ (patch-only) ranges; TypeScript updated from 5 to 6

Fixed

• Share link security — Main passphrase no longer leaked in the URL when a reveal key was configured
• Decrypt auto-fill — Passphrase from /?t=decrypt&p=... URLs now correctly populates the input field
• Form param collision — EncryptForm no longer reads and clears URL params meant for DecryptForm (and vice versa)