feat(extension): cross-browser secret-sharing extension#310
Conversation
Adds apps/extension, a WXT + Svelte 5 browser extension (Chrome MV3 + Firefox) that creates an encrypted, one-time-view secret link in one click. It's a thin UI over @scrt-link/client — all client-side crypto and the POST /api/v1/secrets call are reused, no backend changes. - Authenticates with a personal API key stored in browser.storage.local - Onboarding, create-secret, and key-settings screens - Brand-matched styling (navy/cream/red) and inlined flame logo - Wires apps/* into the pnpm workspace - Ignores WXT-generated .wxt/.output dirs in the root ESLint config Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
Firefox now rejects new submissions without browser_specific_settings.gecko.data_collection_permissions. scrt.link is zero-knowledge (secrets are E2E-encrypted, API key stays local), so we declare `required: ["none"]`. Scoped to the Firefox build via a per-browser manifest so Chrome doesn't emit an unrecognized-key warning. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Icons are now included; the remaining store-listing items live in the PR description. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Summary
Adds
apps/extension— a WXT + Svelte 5 browser extension (Chrome MV3 + Firefox) that lets users create an encrypted, one-time-view secret link in one click, without opening the site.It's a thin UI over
@scrt-link/client: all client-side crypto and thePOST /api/v1/secretscall are reused. No backend changes.How it works
scrt.link/account/api), stored inbrowser.storage.localonly (neversync, never a content script).https://scrt.link/s#<masterKey>.src/app.css, with the inlined flame logo.Scope / decisions
planLimits.apiAccess). A403surfaces an actionable message linking to the account page.Repo wiring
apps/*topnpm-workspace.yaml..wxt/.outputdirs in the root ESLint config (only the root.gitignoreis read byincludeIgnoreFile).Verification
pnpm --filter @scrt-link/extension build(Chrome MV3) andbuild:firefoxboth succeed with icons bundledpnpm --filter @scrt-link/extension check— 0 type errorspnpm lintclean across the repoapps/extension/README.md.Follow-ups (not in this PR)
🤖 Generated with Claude Code