V1.7.0-5
A massive cumulative release built on top of V1.7.0-4. Big shout-out to
@jleinenbach for driving the upstream-alignment, auth hardening, FMDN
crypto fixes, standalone-CLI rework, i18n parity work, and the new
Bermuda BLE integration guide; and to @tzagim and @hiagocosta for the
community translations that made the i18n sweep possible.
🔐 Authentication & Token Lifecycle Hardening
- DroidGuard / gpsoauth workaround: monkey-patch
gpsoauthto inject
droidguard_results="null", override its defaultdummy123, and
backport the moderngoogle_play_services_version. Resolves
API_KEY_ANDROID_APP_BLOCKEDand<empty> androidPackagefailures
(Fixes #154). - Shared-key lifecycle: canonical caching, reauth-driven invalidation,
automatic renewal, multi-account-safe cache keys, and a warning when
secrets.jsonis missingshared_key(Bug 5). - AAS / OAuth token flow: eager OAuth-cookie → AAS exchange before the
shared-key flow, persist AAS into theoauth_tokenslot after a
successfulgpsoauthexchange, soft-invalidate the AAS token in
standalone mode instead of deleting it, abort CLI startup on stale
OAuth cookies, and clear stale tokens on--reauth. - FCM / GCM register: surface persistent GCM-register 401 as a fatal
auth error, propagate FCM 401/404 from thefirebase_messaging
helpers, defer the fatal flag until the retry budget is exhausted,
cap the supervisor backoff at 120 s, fix the stop-event race and the
blocking sleep inasync_reregister_fcm, replace non-functional AAS
token regeneration with FCM-token regeneration, and remove all
GCM-sender / endpoint switching onPHONE_REGISTRATION_ERRORfor full
upstream alignment. - Exchange-error semantics:
exchange_erroris now retryable with a
tightened auth-marker wrapper;_is_non_retryable_authwas refactored
anderror_kindis now surfaced onadmraises. Tests aligned with
the new classifier semantics.
🛰️ FMDN / EID Resolver Robustness
- Issue #155 (inconsistent location reporting): fixes FMDN decryption
failures, missing location reports, stale candidate lists after key
promotion, seed-freshness edge cases, trusted-anchor bypass on key
promotion, stale identity key inmetadata_updateafter candidate
promotion, and crowdsourced-stats double-counting. Identity key bytes
are now synced when foreign decryption promotes an alternate
candidate, and the full identity-key candidate set is always
generated for crowdsourced reports. - Issue #168 (MAC check failed): AAD-envelope fallback added to both
the early-EIK unwrap path and the shared-key EIK-decryption path;
blind owner-key refresh on stale EIK; defensiveInvalidTagcatches
on owner-key decryption; stale crypto keys cleared on--reauth. - 0x41 frame / legacy-length payload: accepted in BLE battery decode;
modern P256 EIDs supported in battery decoding and XOR mask
computation; corrected FMDN battery-bit extraction and level mapping. - MSB-first bit convention: documented and test-anchored to prevent
false-positive reviews; named constants for the FMDN hashed-flags
bitmask, plus post-audit hardening. - Early-key fallback: now allowed when identity retrieval hits auth
errors;SpotApiEmptyResponseErroris re-raised for reauth
propagation; early-unwrapped key used as fallback on
SpotApiEmptyResponseError.
🧭 Coordinator & Device-Tracker
- Push-merge semantics: push snapshots are now merged into
self.datainstead of replacing it (Issue #152). Ignored devices are
excluded from push merges. Regression tests added. - show_location_age option (new): exposes location age as a device-
tracker attribute with 60 s rounding, translated into all eight
supported languages, excluded from recorder history (performance),
and covered by regression tests. - Defensive entry access:
_opt()helper used in
device_tracker.py;init.pyand the semantic-locations path
defensively access partialConfigEntrymocks. - Fusion jitter guard added; ruff/mypy findings cleared; 24 broken
tests repaired. - Map view:
referrerPolicyadded totileLayerinmap_view.py.
🖥️ Standalone CLI Mode
- First-run flow: standalone CLI now boots without
secrets.json,
auto-extracts the user email from the Chrome session, registers its
own FCM receiver, and cleans up partially-started Chrome windows on
failed driver strategies. - HA stub layer: virtual
googlefindmypackage with lazy
__getattr__,ModuleTypesubclass for__getattr__, auto-generated
HA exception stubs and submodules,MetaPathFinder-based injection
that only fires whenhomeassistantis truly unavailable. Adds
sync_popand anall()method to the file-backed_FileCache. - CLI ergonomics:
--reauthflag, loop back to tracker selection
after each location query, fix silent CLI exit after location
request, restore the--entryCLI flag, auto-select single cache
entry, logsecrets.jsonload failures, accept emptyentry_idin
the FCM receiver / empty namespace inlocation_request, register
a file-backedTokenCache, package-qualified imports for-m
compatibility, X-Android-Package / X-Android-Cert headers for
Firebase API calls. - Sync facades repaired for CLI usage (
get_aas_token,
get_owner_key,register_esp32withcachepropagation, typed
mock in tests,make sync-raisestest made async). email.pyrenamed toemail_utils.pyto avoid shadowing the stdlib
module.
🌍 Internationalization
- Hebrew (he) translation added based on contribution #158 by
@tzagim, completed to 100 % coverage (323/323 keys), with the empty
container stubs required bytranslation_key_check. - Portuguese-BR (pt-BR): 16 native-speaker improvements adopted from
contribution #160 by @hiagocosta. - Eight-locale parity sweep: key ordering aligned with
strings.jsonacross all eight supported locales; English
contributor_modedescription resynced; contributor-mode help text
corrected to match the code-levelDEFAULT_CONTRIBUTOR_MODE. show_location_agetranslated into all eight supported
languages.- Locale parity gate codified in
docs/AI_TASKLIST.mdtogether with
thesync_translations.pyworkflow.
📖 Documentation
- Bermuda BLE integration guide added at
docs/BERMUDA_INTEGRATION.mdwith a README pointer, including an
explicitIMPORTANTcallout that the FMDN-Finder Google-side upload
remains experimental and currently blocked (DroidGuard attestation
unavailable,FMDN_UPLOAD_ENABLED = False). - Shared-key retrieval architecture and FCM-derivation limitations
documented; OAuth fallback architecture documented in
Auth/AGENTS.md; audit documentation added; scalar-derivation docs
fixed.
🧪 Test Infrastructure
- Canonical
make_config_entry()fixture introduced. 48+ named
ConfigEntrystub classes migrated to the fixture across three
waves, plus an AP-6 hotfix fortest_config_flow_reconfigure. The
convention is documented inAGENTS.md. Regression tests added for
show_location_age, push-merge filtering, and ignored-device
semantics. mypytype errors and thepycaresimport in CI cleared; ruff
PLR0912 / PLR2004 / PLR0915 / E402 / I001 findings resolved.
🐛 Closed Issues
- Fixes #152 — No location, multiple errors.
- Fixes #154 —
API_KEY_ANDROID_APP_BLOCKED/<empty>androidPackage. - Fixes #155 — Inconsistent location reporting.
- Fixes #168 — MAC check failed (workaround included).
- Closes #159, #162 (carried in via PR #171).
🙏 Acknowledgements
- @jleinenbach — drove the upstream-alignment, auth hardening,
FMDN crypto fixes, standalone-CLI rework, Bermuda integration guide
and i18n parity work. - @tzagim — Hebrew translation (#158).
- @hiagocosta — Portuguese-BR native-speaker improvements (#160).
- Chen Ye — i18n review co-authorship.
- Tomasz Hemperek, Simon Smith — additional commits.
🧬 Bermuda Companion Fork
For local BLE presence detection with the EID resolver / FMDN Finder
listener, see the matching Bermuda fork release:
https://github.com/jleinenbach/bermuda/releases/tag/v0.6.8-GoogleFindMy-HA-5
Full Changelog: V1.7.0-4...V1.7.0-5