Detect and remove leftover LaunchDaemons, LaunchAgents, and
PrivilegedHelperTools from uninstalled apps like Sogou Input,
ClashX, ClashMac, and Nektony App Cleaner.
Previously, apps matching DATA_PROTECTED_BUNDLES patterns (VPNs, dev tools, etc.)
could not be uninstalled because should_protect_path blocked their deletion.
Now use MOLE_UNINSTALL_MODE to distinguish between cleanup and explicit uninstall,
allowing users to remove these apps when they choose to while still protecting
their data during normal cleanup operations.
Also allow deletion of installer receipts in /private/var/db/receipts/.
- Disable sensors data collection (CPU temp already shown in CPU card)
- Remove unused sensor-related functions (collectSensors, prettifyLabel, hasSensorData, renderSensorsCard)
- Remove unused gopsutil/sensors import
- Fix inline spinner disown call with explicit PID
- Update version from 1.22.0 to 1.22.1
- Update SECURITY_AUDIT.md to match new version and date
- Speed up spinner animation from 100ms to 50ms for smoother visuals
- Fix spinner flicker by deferring stop until output is ready
- Remove unnecessary 'Preparing...' spinner at section start
- Hide whitelist-protected items from output (Trash, Finder metadata)
- Add spinner feedback for system diagnostic log cleanup
- Remove redundant stop_section_spinner calls in cleanup modules
The cleanup process now feels significantly faster and more polished,
with continuous visual feedback and no jarring gaps between operations.
- Modified FORCE_CHAR mode in read_key() to recognize arrow keys and space
- Users can now navigate and select items while typing in search mode
- Improves UX by eliminating need to press Enter before selecting
- ESC key still works to cancel search
This restores V1.19.0 behavior where navigation worked during search
- Previous perf optimization (318c67f) broke real-time search by removing rebuild_view call
- Now calls rebuild_view and triggers full redraw when typing/deleting
- Uses 'continue' to skip drain_pending_input, preserving fast typed characters
- Fixes issue where only first character was effective in search
- Show 'Checking brew dependencies...' spinner while running brew autoremove
- Prevents user confusion when brew cleanup takes time after uninstall
- Improves UX by providing visual feedback during dependency cleanup
- Changed from `command -v PlistBuddy` to `[[ -x /usr/libexec/PlistBuddy ]]`
- PlistBuddy is not in PATH, it's at /usr/libexec/PlistBuddy on macOS
- Previous code would always return early, making Dock cleanup never work
- Also improved fallback logic for already-deleted apps
- Tested and verified Dock icons are now properly removed after uninstall
- Change pnpm store path from incorrect ~/.pnpm-store to correct ~/Library/pnpm/store
- The default pnpm store location on macOS is ~/Library/pnpm/store
- Fixes#319
CRITICAL SECURITY FIX
Enhanced the receipt file parsing in uninstall operations to prevent
accidental deletion of critical system files while maintaining deep
cleanup capabilities.
Changes:
- Tightened whitelist in find_app_receipt_files() to exclude /Users/*,
/usr/*, and /opt/* broad patterns
- Added explicit blacklist for /private/* with safe exceptions for
logs, temp files, and diagnostic data
- Integrated should_protect_path() check for additional protection
- Added file deduplication with sort -u to prevent duplicate deletions
- Removed dry-run feature from batch uninstall (unused entry point)
Path Protection:
✅ Blocked: /etc/passwd, /var/db/*, /private/etc/*, all system binaries
✅ Allowed: /Applications/*, specific /Library/* subdirs, safe /private/* paths
✅ Additional: Keychain files, system preferences via should_protect_path()
This fixes a critical security issue where parsing .bom receipt files
could result in deletion of system files like /etc/passwd and /var/db/*,
leading to system corruption and data loss.
Affects: V1.12.14 and later versions
Testing: Validated against critical system paths, all blocked correctly
Remove -icanon mode from stty settings to fix password authentication
failures when passwords contain special characters like '.' or '@'.
The non-canonical mode (-icanon min 1 time 0) caused character loss
in Terminal.app. Using only -echo keeps canonical mode which provides
more reliable character handling across all terminal emulators.
- Use partial redraw for search input updates instead of full screen refresh
- Reduces flickering when typing in the filter box
- Improve responsiveness of search interaction
- URL-encode paths when matching against Dock persistent-apps
- Fixes issue where apps with spaces in names (e.g. 'Clash Party') were not removed from Dock
Fixes#313
Change browser process detection from pgrep -f (full command line match)
to pgrep -x (exact process name match) to prevent false positives.
Microsoft Teams processes contain 'Microsoft' in their paths and may have
Chromium-based components, which was causing them to be incorrectly
identified as Microsoft Edge during clean operations.
Changes:
- Chrome detection: pgrep -f → pgrep -x
- Edge detection: pgrep -f → pgrep -x
- Edge updater detection: pgrep -f → pgrep -x
This approach is consistent with Firefox detection and prevents Apps like
Microsoft Teams, Microsoft Office, or other Microsoft products from
triggering false Edge detection.
All existing tests pass (9/9 in clean_browser_versions.bats).
