v3.10.4 — Clean release: OAuth Secrets editor, Import JSON, no leaked credentials

2026-05-25 14:14:38 +04:00
parent 7ecfd131f5
commit cce7c2e38c
3 changed files with 24 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,25 @@
 # Changelog

+## v3.10.4 (2026-05-25)
+
+**Security: OAuth Secrets Editor + Import JSON**
+
+### Security
+- **All hardcoded OAuth secrets removed from source code and git history**
+- OAuth client IDs and secrets now stored locally in `~/.config/codex-launcher/oauth-secrets.json`
+- Git history rewritten to scrub all leaked credentials (0 matches verified)
+- Pre-push hook blocks any future commit containing secrets
+- All old Gitea releases deleted (contained leaked secrets in .deb files)
+
+### New Features
+- **OAuth Secrets editor** in GUI — "OAuth Secrets" button in header bar
+- **Import JSON** button — import `client_secret_*.json` downloaded from Google Cloud Console
+- Supports both `"installed"` and `"web"` JSON formats from Google
+
+### Antigravity Fix (from v3.10.3)
+- Antigravity REST API uses slug IDs, not display names
+- Verified all model IDs with live API testing
+
 ## v3.10.3 (2026-05-25)

 **Fix Antigravity 404 Errors — Verified REST Model IDs**