- Modified FORCE_CHAR mode in read_key() to recognize arrow keys and space
- Users can now navigate and select items while typing in search mode
- Improves UX by eliminating need to press Enter before selecting
- ESC key still works to cancel search
This restores V1.19.0 behavior where navigation worked during search
- Previous perf optimization (318c67f) broke real-time search by removing rebuild_view call
- Now calls rebuild_view and triggers full redraw when typing/deleting
- Uses 'continue' to skip drain_pending_input, preserving fast typed characters
- Fixes issue where only first character was effective in search
- Show 'Checking brew dependencies...' spinner while running brew autoremove
- Prevents user confusion when brew cleanup takes time after uninstall
- Improves UX by providing visual feedback during dependency cleanup
- Changed from `command -v PlistBuddy` to `[[ -x /usr/libexec/PlistBuddy ]]`
- PlistBuddy is not in PATH, it's at /usr/libexec/PlistBuddy on macOS
- Previous code would always return early, making Dock cleanup never work
- Also improved fallback logic for already-deleted apps
- Tested and verified Dock icons are now properly removed after uninstall
- Change pnpm store path from incorrect ~/.pnpm-store to correct ~/Library/pnpm/store
- The default pnpm store location on macOS is ~/Library/pnpm/store
- Fixes#319
CRITICAL SECURITY FIX
Enhanced the receipt file parsing in uninstall operations to prevent
accidental deletion of critical system files while maintaining deep
cleanup capabilities.
Changes:
- Tightened whitelist in find_app_receipt_files() to exclude /Users/*,
/usr/*, and /opt/* broad patterns
- Added explicit blacklist for /private/* with safe exceptions for
logs, temp files, and diagnostic data
- Integrated should_protect_path() check for additional protection
- Added file deduplication with sort -u to prevent duplicate deletions
- Removed dry-run feature from batch uninstall (unused entry point)
Path Protection:
✅ Blocked: /etc/passwd, /var/db/*, /private/etc/*, all system binaries
✅ Allowed: /Applications/*, specific /Library/* subdirs, safe /private/* paths
✅ Additional: Keychain files, system preferences via should_protect_path()
This fixes a critical security issue where parsing .bom receipt files
could result in deletion of system files like /etc/passwd and /var/db/*,
leading to system corruption and data loss.
Affects: V1.12.14 and later versions
Testing: Validated against critical system paths, all blocked correctly
Remove -icanon mode from stty settings to fix password authentication
failures when passwords contain special characters like '.' or '@'.
The non-canonical mode (-icanon min 1 time 0) caused character loss
in Terminal.app. Using only -echo keeps canonical mode which provides
more reliable character handling across all terminal emulators.
- Use partial redraw for search input updates instead of full screen refresh
- Reduces flickering when typing in the filter box
- Improve responsiveness of search interaction
- URL-encode paths when matching against Dock persistent-apps
- Fixes issue where apps with spaces in names (e.g. 'Clash Party') were not removed from Dock
Fixes#313
Change browser process detection from pgrep -f (full command line match)
to pgrep -x (exact process name match) to prevent false positives.
Microsoft Teams processes contain 'Microsoft' in their paths and may have
Chromium-based components, which was causing them to be incorrectly
identified as Microsoft Edge during clean operations.
Changes:
- Chrome detection: pgrep -f → pgrep -x
- Edge detection: pgrep -f → pgrep -x
- Edge updater detection: pgrep -f → pgrep -x
This approach is consistent with Firefox detection and prevents Apps like
Microsoft Teams, Microsoft Office, or other Microsoft products from
triggering false Edge detection.
All existing tests pass (9/9 in clean_browser_versions.bats).
Fixes#307
- Add Firefox to DATA_PROTECTED_BUNDLES to prevent cleaning
- Protects IndexedDB, localStorage, and other complex storage
- Prevents Gmail and other web apps from breaking after clean
- Show full project paths (~/www/project) instead of just project names
- Sort artifacts by size descending (largest first)
- Increase path display width for better readability
- Support CMD+Click to open folders in terminal
- Add logic to remove 0-byte files in ~/Library (maxdepth 1)
- Explicitly protect .localized files to preserve Finder localization
- Respect global whitelist patterns
- Add safe cleanup for Antigravity, Filo, and Claude caches in Application Support (Cache, GPUCache, Code Cache only).
- Enhance VS Code cleanup to include deep rendering caches (GPU, Dawn) and extension installers.
- Validated to ensure no user data or pnpm/yarn executables are touched.
- Add Homebrew cask detection and use 'brew uninstall --cask' for proper cleanup
- Add real-time progress feedback during uninstallation
- Optimize scroll performance by only redrawing visible items
- Replace Python-based Dock removal with PlistBuddy for better compatibility
- Add comprehensive tests for Homebrew functionality
Fixes#306
This commit addresses several code quality issues identified in the
recent bash 3.2 compatibility fixes:
1. Remove redundant array length check in is_whitelisted()
- The second check for array length > 0 is unnecessary after
already checking for length == 0
2. Clean up commented dangerous cleanup code in dev.sh
- Replace commented-out code with clear documentation
- Add explicit notes explaining why certain paths are excluded
- Improves maintainability by preventing confusion
3. Enhance test coverage for excluded paths
- Add tests to verify Mix archives are NOT cleaned
- Add tests to verify Stack programs are NOT cleaned
- Add tests to verify VS Code workspace storage is NOT cleaned
- These tests ensure critical data remains protected
All changes pass ShellCheck, syntax validation, and formatting checks.
