What's new.

ClauLock now ships a real .dmg installer next to the .app.zip and the brew tap. Drag-to-Applications, eject, launch from Spotlight. The .dmg and the .app inside are both signed with our Apple Developer ID and notarized, so Gatekeeper accepts the install offline.

First-run auto-detection: the UI now opens the onboarding wizard automatically the first time you launch it without an existing vault. No flag, no terminal — drag-to-Applications, double-click, you're in the wizard. The previous CLI-driven onboarding still works exactly the same.

Tray + Dock pattern carried over from v0.5.2: Dock icon visible at launch, menu-bar tray icon also visible, close-to-tray instead of quit. If you prefer a pure-menu-bar boot, set CLAULOCK_BACKGROUND=1.

v0.5.0 ran as a pure menu-bar app (no Dock icon, window hidden at boot). On a fresh launch users saw nothing happen — no Dock bounce, no window. v0.5.2 reverts to the standard Mac layout: Dock icon visible, window opens at launch, menu-bar tray icon also present. Closing the window goes to the tray; quit comes from the tray menu.

Tray click no longer fails on the first try. Earlier versions had a small race where the very first click could miss its anchor and swallow itself; v0.5.2 always opens the popover.

Tray icon now shows "ClauLock" next to it on macOS so it's findable in cluttered menu bars and notch laptops.

Left-click the menu-bar icon for a 320×420 popover that shows vault status, secret count, anything overdue, and one-click actions for Lock now, Add secret, and Open the full window. Right-click for a native menu (Lock now, Open ClauLock, Settings, Quit).

Closing the main window now keeps the process alive in the menu bar — your audit log, status, and quick actions stay one click away. Quit from the tray menu when you actually want to exit.

New branded icons: a cyan lock on a deep-ink background, designed at full 1024×1024 so the macOS .icns and Windows .ico render crisp at every size, plus a monochrome menu-bar template that recolors for light/dark/highlighted states automatically.

Note: v0.5.0 originally launched as a pure menu-bar app (no Dock icon). v0.5.2 reverts to the standard Mac layout — see that entry.

Every macOS binary in the release is signed with our Apple Developer ID and submitted to Apple for notarization before shipping. Gatekeeper accepts ClauLock as "Notarized Developer ID" on every install — no "unidentified developer" warning, no right-click-to-open dance.

Touch ID now drives the vault unlock natively, end-to-end. Earlier macOS releases occasionally fell back to the device passcode when our entitlement didn't match what newer macOS expected; v0.4.0 ships the right entitlement so Touch ID is the only thing you ever see.

Same five steps as the terminal version (welcome → passphrase → unlock method → first secret → done) but in the ClauLock desktop window. Your passphrase only ever lives in the typing field — it's wiped from memory the moment the vault commits.

If you install via `clsec install`, the GUI opens by itself when the install finishes; if it can't reach the desktop app it falls back to the terminal wizard with a one-line pointer. Set CLAULOCK_NO_UI=1 to skip the GUI launch entirely.

Run `clsec setup` and you walk through five screens: welcome (with the never-reveal model in plain English), passphrase + confirmation, unlock method (Touch ID / polkit / passphrase-only), an optional first secret, and a final health checklist. The passphrase is zeroed from memory the moment it's committed.

The wizard works in any terminal — SSH, container, headless CI runner — and the desktop GUI version of the same flow landed in v0.3.1.

`clsec install` now writes binaries atomically — every step (copy, sign, verify, rename) is checked, and the destination only receives a fully-valid file or stays untouched. Filesystem races that occasionally produced zero-byte binaries on APFS are eliminated.

When macOS won't grant the Keychain biometric entitlement we asked for, `clsec install` now degrades cleanly to device-only or passphrase-only mode instead of aborting. The doctor check tells you which mode you're in. v0.4.0's Developer ID notarization removes the underlying issue entirely.

Launching the background daemon now has a foreground fallback: if launchd refuses to bootstrap the agent, `clsec install` keeps running with the daemon in the foreground and tells you what to look at. No more silent "I/O error" dead-ends.

The placeholder-substitution and output-scrubber hooks now ship inside the release tarball at a stable path, and `clsec install` finds them automatically. Without these, Claude's Bash tool calls would lose the never-reveal guarantee — keeping them in the tarball makes the invariant a default, not a configuration step.

The doctor check now distinguishes "no Keychain entry by design" (you chose `--no-keychain`) from "Keychain entry missing" (something broke). And the cosmetic "SHA256SUMS not found" warning on signed builds is silenced.

The marketing site now opens with the leak, not the architecture: "You pasted a GitHub token into chat last week, didn't you?" Five new home sections walk through how a real paste plays out — the popup, the comparison vs. cloud password managers, common Claude workflows, an audit-log preview, and a public Founders wall. A new blog post tells the story end to end (EN + ES).

Performance + privacy foundation: scroll-reveal animations honor `prefers-reduced-motion`, fonts are self-hosted instead of a third-party CDN (faster paint, no font-loading privacy leak), and the install picker now follows the visitor's OS for both the primary and the secondary download paths.

Windows .msi installer is in beta — drag-to-run on Windows 10+, supply-chain story identical to every other artifact (minisign + cosign). The Authenticode signing certificate isn't live yet, so SmartScreen will show a one-time warning on first launch.

ClauLock now syncs secrets across your machines without ever giving the relay anything but encrypted blobs. The sync key is derived locally from your passphrase, separately from your local and backup keys; the relay can store and serve, but it can't read. The MCP server can't call sync either — only your CLI and UI can — so an exfiltration attempt from a compromised model can't reach the network path.

Pairing a new device uses SPAKE2 with a six-word code (or a QR you can scan from your phone). Vault format moves to v2 with per-record timestamps for clean last-writer-wins on simultaneous edits; older vaults open transparently and upgrade in place on the next write.

Pro tier (hosted): a relay we run for you, Stripe-billed, with the same never-reveal guarantee as the local install. Pricing and the Founder offer live on the pricing page.

Enterprise tier (self-hosted): the same relay binary, packaged with a Postgres + object-store bundle and an offline-verified license. License expiry flips the relay to read-only — it never bricks, you can always migrate off. Custom pricing.

On the desktop side, the ClauLock UI gains a Pair page and a sync status card that counts what was pulled, pushed, kept, and rejected.

ClauLock is now a tri-platform tool. The Windows port adds native binaries with a Windows-native keystore (DPAPI), a Windows-native IPC transport (Named Pipes) with peer authentication, and locked memory for the encryption key — symmetric with the macOS Keychain and Linux secret-service paths that have shipped since v0.1.0.

Install on Windows: `irm https://claulock.com/install.ps1 | iex`. The PowerShell installer mirrors the macOS / Linux flow — verify, extract to your user-local app data, add to PATH. macOS and Linux paths are unchanged.

Outstanding for upcoming releases: a fully Rust-native installer flow for Windows, a Microsoft Store / winget submission, and a desktop UI Windows bundle.

Three CRITICAL fixes that unblocked the public install paths:

1) install.sh shipped with a literal `__MINISIGN_PUBKEY_PLACEHOLDER__` — the build never substituted it, so curl-pipe-sh fell through to a runtime fetch from a path that 404'd. Fix: embed the real pubkey (id 82B01474F764C7B2) in the proper two-line minisign format and correct the fallback URL to where the mirror actually stores it.

2) v0.1.0 release tarballs were missing the `clsec-scrub` binary, which `clsec install` requires. Fix: add `clsec-scrub` to release.yml's CLAULOCK_BINARIES and the tap formula's File.exist? install loop. v0.1.1+ tarballs ship all five binaries.

3) .deb / .rpm / .pkg builders hardcoded LICENSE-MIT in their file lists, but LICENSE-MIT was removed in the v0.1.0 license restructure. Fix: handle both the legacy v0.1.0 set (LICENSE-MIT + LICENSE-APACHE) and the v0.1.1+ set (LICENSE-APACHE + LICENSE-BSL + NOTICE) gracefully.

Plus a sweep of audit findings: README badges, SECURITY.md verification URLs, packaging/keys/README.md, CLA.md, threat-model cosign example, brand-page key-link 404s — all corrected to point at github.com/Mackint0uch/claulock-releases (the public mirror) instead of the still-private source repo.

ClauLock is now public. Install with `curl -fsSL https://claulock.com/install.sh | sh` on macOS 13+ or a modern Linux.

What's in the box: encrypted vault (XChaCha20-Poly1305 + Argon2id), local daemon, 16 MCP tools for Claude Code, Tauri UI for unlock/reveal/approve, importers for .env / 1Password / Doppler, rotation queue with overdue notifications, per-secret usage timeline, audit log with deep-link filtering.

Release artifacts are signed with minisign + Sigstore cosign and include SLSA provenance. Verify by hand following packaging/RELEASE.md.

The Tauri UI now surfaces rotation due-dates prominently: a red banner on the Secrets page counts every overdue secret and deep-links to a filtered rotation queue. The queue itself is sortable and shows 'days overdue' at a glance.

Each secret has a new usage timeline panel showing the last 30 days of unlocks, reveals, and exec uses, with one click to open the audit log pre-filtered to that secret.

Metadata (tags, rotation policy, description) is editable inline from the Secrets detail drawer — no modal, no round-trip.

The scrubber watches every byte leaving the wrapped command and replaces any substring matching a vault secret with the original {{NAME}} placeholder before it reaches Claude. This catches the common leak path where a tool prints the value it was given (auth failures, debug output, badly scoped set -x).

Error messages across CLI + UI now flow through a single formatter so 'vault is locked' reads identically whether it's a Bash tool call or a /secrets page load.