@striae-org/striae 5.5.2 → 6.0.1

package/app/components/navbar/case-import/case-import.module.css

@@ -433,7 +433,7 @@
 }
 
 .archivedImportNote {
-  margin-bottom: var(--spaceM);
+  margin: var(--spaceM) 0;
   padding: var(--spaceS) var(--spaceM);
   border-radius: var(--spaceXS);
   background: color-mix(in lab, var(--success) 10%, transparent);
@@ -444,7 +444,7 @@
 }
 
 .archivedRegularCaseRiskNote {
-  margin-bottom: var(--spaceM);
+  margin: var(--spaceM) 0;
   padding: var(--spaceS) var(--spaceM);
   border-radius: var(--spaceXS);
   background: color-mix(in lab, var(--warning) 12%, transparent);

package/app/components/navbar/case-import/case-import.tsx

@@ -239,7 +239,6 @@ export const CaseImport = ({
     if (!user || !importState.selectedFile || !importState.importType) return;
 
     if (importState.importType === 'case' && isArchivedRegularCaseImportBlocked) {
-      setError(ARCHIVED_REGULAR_CASE_BLOCK_MESSAGE);
       return;
     }
     
@@ -260,7 +259,6 @@ export const CaseImport = ({
     casePreview,
     updateImportState,
     executeImport,
-    setError,
   ]);
 
   const handleCancelImport = useCallback(() => {
@@ -333,7 +331,6 @@ export const CaseImport = ({
   // Handle confirmation import
   const handleConfirmImport = useCallback(() => {
     if (isArchivedRegularCaseImportBlocked) {
-      setError(ARCHIVED_REGULAR_CASE_BLOCK_MESSAGE);
       return;
     }
 
@@ -343,7 +340,6 @@ export const CaseImport = ({
     isArchivedRegularCaseImportBlocked,
     executeImport,
     updateImportState,
-    setError,
   ]);
 
   if (!isOpen) return null;
@@ -414,10 +410,6 @@ export const CaseImport = ({
             {/* Import progress */}
             <ProgressSection importProgress={importProgress} />
 
-            {isArchivedRegularCaseImportBlocked && (
-              <div className={styles.error}>{ARCHIVED_REGULAR_CASE_BLOCK_MESSAGE}</div>
-            )}
-
             {/* Success message */}
             {messages.success && (
               <div className={styles.success}>

package/app/components/navbar/case-import/components/CasePreviewSection.tsx

@@ -82,7 +82,7 @@ export const CasePreviewSection = ({
             </div>
           )}
         </div>
-      {casePreview.archived && (
+      {casePreview.archived && !isArchivedRegularCaseImportBlocked && (
         <div className={styles.archivedImportNote}>
           {ARCHIVED_SELF_IMPORT_NOTE}
         </div>

package/app/components/navbar/case-modals/all-cases-modal.tsx

@@ -225,6 +225,14 @@ export const CasesModal = ({
     selectedCase && selectedCase.caseNumber !== currentCase && !selectedCase.isReadOnly
   );
 
+  const deleteSelectedCaseTitle = !selectedCase
+    ? 'Select a case to delete.'
+    : selectedCase.caseNumber === currentCase
+      ? 'Open a different case before deleting this one.'
+      : selectedCase.isReadOnly
+        ? 'Read-only review cases cannot be deleted. Use Clear RO Case under Case Management first.'
+        : undefined;
+
   useEffect(() => {
     setCurrentPage(0);
   }, [preferences.sortBy, preferences.confirmationFilter, preferences.showArchivedOnly]);
@@ -484,12 +492,15 @@ export const CasesModal = ({
   const handleDeleteSelectedCase = async () => {
     if (!selectedCase || !canDeleteSelectedCase) {
       const isCurrentCaseSelection = selectedCase?.caseNumber === currentCase;
+      const isReadOnlyReviewSelection = selectedCase?.isReadOnly === true;
 
       setActionNotice({
         type: 'warning',
         message: isCurrentCaseSelection
           ? 'Open a different case before deleting this one.'
-          : 'Selected case cannot be deleted.',
+          : isReadOnlyReviewSelection
+            ? 'Read-only review cases cannot be deleted. Use Clear RO Case under Case Management first.'
+            : 'Selected case cannot be deleted.',
       });
       return;
     }
@@ -785,6 +796,7 @@ export const CasesModal = ({
               className={`${styles.secondaryActionButton} ${styles.deleteActionButton}`}
               onClick={handleDeleteSelectedCase}
               disabled={!canDeleteSelectedCase || isRunningAction}
+              title={deleteSelectedCaseTitle}
             >
               Delete Selected
             </button>

package/app/components/navbar/navbar.tsx

@@ -121,6 +121,11 @@ export const Navbar = ({
   const isImageNotesActive = canOpenImageNotes;
   const canDeleteCurrentFile = hasLoadedImage && !isReadOnly;
   const isArchivedRegularReadOnly = Boolean(isReadOnly && archiveDetails?.archived && !isReviewOnlyCase);
+  const caseExportLabel = isArchivedRegularReadOnly
+    ? 'Export Archive'
+    : isReadOnly
+      ? 'Export Confirmations'
+      : 'Export Case Package';
 
   return (
     <>
@@ -179,11 +184,9 @@ export const Navbar = ({
                   type="button"
                   role="menuitem"
                   className={`${styles.caseMenuItem} ${styles.caseMenuItemExport}`}
-                  disabled={!hasLoadedCase || disableLongRunningCaseActions || isArchivedRegularReadOnly}
+                  disabled={!hasLoadedCase || disableLongRunningCaseActions}
                   title={
-                    isArchivedRegularReadOnly
-                      ? 'Export is unavailable for archived cases loaded from your regular case list'
-                      : !hasLoadedCase
+                    !hasLoadedCase
                       ? 'Load a case to export case data'
                       : disableLongRunningCaseActions
                         ? 'Export is unavailable while files are uploading'
@@ -194,7 +197,7 @@ export const Navbar = ({
                     setIsCaseMenuOpen(false);
                   }}
                 >
-                  {isReadOnly ? 'Export Confirmations' : 'Export Case Package'}
+                  {caseExportLabel}
                 </button>
                 <button
                   type="button"

package/app/components/sidebar/cases/case-sidebar.tsx

@@ -258,7 +258,8 @@ const handleImageSelect = (file: FileData) => {
     ? 'Select an image first'
     : undefined;
 
-  const showCaseExportButton = Boolean(currentCase && isReadOnly && !isArchivedCase);
+  const showCaseExportButton = Boolean(currentCase && isReadOnly);
+  const caseExportButtonLabel = isArchivedCase ? 'Export Archive' : 'Export Confirmations';
 
   const exportCaseTitle = isUploading
     ? 'Cannot export while uploading'
@@ -391,7 +392,7 @@ return (
           disabled={isUploading || !currentCase}
           title={exportCaseTitle}
         >
-          Export Confirmations
+          {caseExportButtonLabel}
         </button>
       ) : (
         <button

package/app/components/sidebar/sidebar-container.tsx

@@ -109,6 +109,13 @@ export const SidebarContainer: React.FC<SidebarContainerProps> = (props) => {
                   rel="noopener noreferrer" 
                   className={styles.footerModalLink}>
                   Security Policy
+                </Link>
+                <Link
+                  to="https://community.striae.org"
+                  target="_blank" 
+                  rel="noopener noreferrer" 
+                  className={styles.footerModalLink}>
+                  Striae Community
                 </Link>                
               </div>
 

package/{members.emails.example → app/config-example/members.emails}

@@ -8,4 +8,4 @@
 #
 # Examples:
 # analyst@organization.com
-# @striae.org
+# @striae.org

package/{primershear.emails.example → app/config-example/primershear.emails}

@@ -3,4 +3,4 @@
 # This file is untracked. Run: npm run deploy-primershear to push changes.
 #
 # Example:
-# analyst@organization.com
+# analyst@organization.com

package/app/routes/striae/striae.tsx

@@ -19,7 +19,7 @@ import { FilesModal } from '~/components/sidebar/files/files-modal';
 import { NotesEditorModal } from '~/components/sidebar/notes/notes-editor-modal';
 import { UserAuditViewer } from '~/components/audit/user-audit-viewer';
 import { fetchUserApi } from '~/utils/api';
-import { type AnnotationData, type FileData } from '~/types';
+import { type AnnotationData, type FileData, type ExportOptions } from '~/types';
 import { validateCaseNumber, renameCase, deleteCase, checkExistingCase, createNewCase, archiveCase, getCaseArchiveDetails } from '~/components/actions/case-manage';
 import { checkReadOnlyCaseExists, deleteReadOnlyCase } from '~/components/actions/case-review';
 import { canCreateCase, getCaseConfirmationSummary } from '~/utils/data';
@@ -77,15 +77,21 @@ export const Striae = ({ user }: StriaePage) => {
 
   // PDF generation states
   const [isGeneratingPDF, setIsGeneratingPDF] = useState(false);
+
+  // Toast notification states
   const [showToast, setShowToast] = useState(false);
   const [toastMessage, setToastMessage] = useState('');
   const [toastType, setToastType] = useState<ToastType>('success');
   const [toastDuration, setToastDuration] = useState(4000);
+
+  // Modal and sidebar states
   const [isAuditTrailOpen, setIsAuditTrailOpen] = useState(false);
   const [isRenameCaseModalOpen, setIsRenameCaseModalOpen] = useState(false);
   const [isOpenCaseModalOpen, setIsOpenCaseModalOpen] = useState(false);
   const [isListCasesModalOpen, setIsListCasesModalOpen] = useState(false);
   const [isFilesModalOpen, setIsFilesModalOpen] = useState(false);
+
+  // Case management action states
   const [isRenamingCase, setIsRenamingCase] = useState(false);
   const [isDeletingCase, setIsDeletingCase] = useState(false);
   const [isArchivingCase, setIsArchivingCase] = useState(false);
@@ -93,6 +99,8 @@ export const Striae = ({ user }: StriaePage) => {
   const [isOpeningCase, setIsOpeningCase] = useState(false);
   const [openCaseHelperText, setOpenCaseHelperText] = useState('');
   const [isArchiveCaseModalOpen, setIsArchiveCaseModalOpen] = useState(false);
+
+  // Export states
   const [isExportCaseModalOpen, setIsExportCaseModalOpen] = useState(false);
   const [isExportingCase, setIsExportingCase] = useState(false);
   const [isExportConfirmationsModalOpen, setIsExportConfirmationsModalOpen] = useState(false);
@@ -287,7 +295,8 @@ export const Striae = ({ user }: StriaePage) => {
   const handleExport = async (
     exportCaseNumber: string,
     designatedReviewerEmail?: string,
-    onProgress?: (progress: number, label: string) => void
+    onProgress?: (progress: number, label: string) => void,
+    exportOptions?: ExportOptions
   ) => {
     if (!exportCaseNumber) {
       showNotification('Select a case before exporting.', 'error');
@@ -311,7 +320,7 @@ export const Striae = ({ user }: StriaePage) => {
           setShowToast(true);
           onProgress?.(roundedProgress, label);
         },
-        { designatedReviewerEmail }
+        { ...exportOptions, designatedReviewerEmail }
       );
 
       showNotification(`Case ${exportCaseNumber} exported successfully.`, 'success');
@@ -364,6 +373,28 @@ export const Striae = ({ user }: StriaePage) => {
     }
   };
 
+  const handleOpenCaseExport = () => {
+    if (!currentCase) {
+      return;
+    }
+
+    if (isReadOnlyCase) {
+      if (isReviewOnlyCase) {
+        void handleOpenExportConfirmationsModal();
+        return;
+      }
+
+      if (archiveDetails.archived) {
+        void handleExport(currentCase, undefined, undefined, {
+          archivePackageMode: true,
+        });
+        return;
+      }
+    }
+
+    setIsExportCaseModalOpen(true);
+  };
+
   const handleRenameCaseSubmit = async (newCaseName: string) => {
     if (!currentCase) {
       showNotification('Select a case before renaming.', 'error');
@@ -809,13 +840,7 @@ export const Striae = ({ user }: StriaePage) => {
           void handleOpenCaseModal();
         }}
         onOpenListAllCases={() => setIsListCasesModalOpen(true)}
-        onOpenCaseExport={() => {
-          if (isReadOnlyCase) {
-            void handleOpenExportConfirmationsModal();
-          } else {
-            setIsExportCaseModalOpen(true);
-          }
-        }}
+        onOpenCaseExport={handleOpenCaseExport}
         onOpenAuditTrail={() => setIsAuditTrailOpen(true)}
         onOpenRenameCase={() => setIsRenameCaseModalOpen(true)}
         onDeleteCase={() => {
@@ -838,7 +863,7 @@ export const Striae = ({ user }: StriaePage) => {
           onOpenCase={() => {
             void handleOpenCaseModal();
           }}
-          onOpenCaseExport={() => void handleOpenExportConfirmationsModal()}
+          onOpenCaseExport={handleOpenCaseExport}
           imageId={imageId}
           currentCase={currentCase}
           imageLoaded={imageLoaded}

package/app/types/export.ts

@@ -5,4 +5,5 @@ export interface ExportOptions {
   includeUserInfo?: boolean;
   protectForensicData?: boolean;
   designatedReviewerEmail?: string;
+  archivePackageMode?: boolean;
 }

package/app/utils/forensics/SHA256.ts

@@ -6,8 +6,8 @@
 
 import { verifySignaturePayload } from './signature-utils';
 
-export const FORENSIC_MANIFEST_VERSION = '2.0';
-export const FORENSIC_MANIFEST_SIGNATURE_ALGORITHM = 'RSASSA-PKCS1-v1_5-SHA-256';
+export const FORENSIC_MANIFEST_VERSION = '3.0';
+export const FORENSIC_MANIFEST_SIGNATURE_ALGORITHM = 'RSASSA-PSS-SHA-256';
 
 export interface ForensicManifestData {
   dataHash: string;

package/app/utils/forensics/audit-export-signature.ts

@@ -5,7 +5,7 @@ import {
 } from './SHA256';
 import { verifySignaturePayload } from './signature-utils';
 
-export const AUDIT_EXPORT_SIGNATURE_VERSION = '1.0';
+export const AUDIT_EXPORT_SIGNATURE_VERSION = '2.0';
 
 const SHA256_HEX_REGEX = /^[a-f0-9]{64}$/i;
 

package/app/utils/forensics/confirmation-signature.ts

@@ -6,7 +6,7 @@ import {
 } from './SHA256';
 import { verifySignaturePayload } from './signature-utils';
 
-export const CONFIRMATION_SIGNATURE_VERSION = '2.0';
+export const CONFIRMATION_SIGNATURE_VERSION = '3.0';
 
 const SHA256_HEX_REGEX = /^[a-f0-9]{64}$/i;
 

package/app/utils/forensics/signature-utils.ts

@@ -29,6 +29,8 @@ export interface PublicSigningKeyDetails {
   publicKeyPem: string | null;
 }
 
+const RSA_PSS_SALT_LENGTH = 32;
+
 type ManifestSigningConfig = {
   manifest_signing_public_keys?: Record<string, string>;
   manifest_signing_public_key?: string;
@@ -197,7 +199,7 @@ export async function verifySignaturePayload(
       'spki',
       publicKeyPemToArrayBuffer(publicKeyPem, invalidPublicKeyError),
       {
-        name: 'RSASSA-PKCS1-v1_5',
+        name: 'RSA-PSS',
         hash: 'SHA-256'
       },
       false,
@@ -209,7 +211,10 @@ export async function verifySignaturePayload(
     signatureBuffer.set(signatureBytes);
 
     const verified = await crypto.subtle.verify(
-      { name: 'RSASSA-PKCS1-v1_5' },
+      {
+        name: 'RSA-PSS',
+        saltLength: RSA_PSS_SALT_LENGTH
+      },
       key,
       signatureBuffer,
       new TextEncoder().encode(payload)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@striae-org/striae",
-  "version": "5.5.2",
+  "version": "6.0.1",
   "private": false,
   "description": "Striae is a specialized, cloud-native platform designed to streamline forensic firearms identification by providing an intuitive environment for digital comparison image annotation, authenticated confirmations, and automated report generation.",
   "license": "Apache-2.0",
@@ -50,9 +50,7 @@
     "workers/pdf-worker/src/assets/generated-assets.example.ts",
     "!workers/pdf-worker/src/formats/**/*",
     "workers/pdf-worker/src/formats/format-striae.ts",
-    ".env.example",
-    "primershear.emails.example",
-    "members.emails.example",
+    ".env.example",    
     "firebase.json",
     "tsconfig.json",
     "vite.config.ts",

package/scripts/deploy-config.sh

@@ -200,6 +200,36 @@ source "$DEPLOY_CONFIG_VALIDATION_MODULE"
 source "$DEPLOY_CONFIG_SCAFFOLDING_MODULE"
 source "$DEPLOY_CONFIG_PROMPT_MODULE"
 
+EMAIL_LIST_CONFIG_DIR="app/config"
+MEMBERS_EMAILS_FILE="$EMAIL_LIST_CONFIG_DIR/members.emails"
+PRIMERSHEAR_EMAILS_FILE="$EMAIL_LIST_CONFIG_DIR/primershear.emails"
+
+sync_env_var_from_email_list_file() {
+    local env_var_name=$1
+    local file_path=$2
+    local loaded_values=""
+
+    if [ ! -f "$file_path" ]; then
+        echo -e "${YELLOW}⚠️  $file_path not found; keeping existing $env_var_name value in .env${NC}"
+        return 0
+    fi
+
+    loaded_values=$(grep -v '^[[:space:]]*#' "$file_path" | grep -v '^[[:space:]]*$' | sed -e 's/\r$//' -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' | paste -sd ',' - || true)
+
+    write_env_var "$env_var_name" "$loaded_values"
+    export "$env_var_name=$loaded_values"
+
+    local loaded_count
+    loaded_count=$(echo "$loaded_values" | tr ',' '\n' | grep -c '[^[:space:]]' || true)
+    echo -e "${GREEN}✅ Synced $env_var_name from $file_path ($loaded_count entry/entries)${NC}"
+}
+
+sync_email_list_env_vars_from_config() {
+    echo -e "${YELLOW}📧 Syncing optional email list env vars from app/config...${NC}"
+    sync_env_var_from_email_list_file "REGISTRATION_EMAILS" "$MEMBERS_EMAILS_FILE"
+    sync_env_var_from_email_list_file "PRIMERSHEAR_EMAILS" "$PRIMERSHEAR_EMAILS_FILE"
+}
+
 if [ "$validate_only" = "true" ]; then
     echo -e "\n${BLUE}🧪 Validate-only mode enabled${NC}"
     run_validation_checkpoint
@@ -217,6 +247,9 @@ load_admin_service_credentials
 # Always prompt for secrets to ensure configuration
 prompt_for_secrets
 
+# Keep optional email list env vars aligned with app/config source files.
+sync_email_list_env_vars_from_config
+
 # Validate after secrets have been configured
 validate_required_vars
 

package/scripts/deploy-members-emails.sh

@@ -3,7 +3,7 @@
 # ============================================
 # MEMBERS EMAIL LIST DEPLOYMENT SCRIPT
 # ============================================
-# Reads members.emails, updates REGISTRATION_EMAILS in .env,
+# Reads app/config/members.emails, updates REGISTRATION_EMAILS in .env,
 # then deploys that secret directly to Cloudflare Pages (production).
 
 set -e
@@ -26,12 +26,12 @@ trap 'echo -e "\n${RED}❌ deploy-members-emails.sh failed near line ${LINENO}${
 
 # ── Read emails file ──────────────────────────────────────────────────────────
 
-EMAILS_FILE="$PROJECT_ROOT/members.emails"
+EMAILS_FILE="$PROJECT_ROOT/app/config/members.emails"
 
 if [ ! -f "$EMAILS_FILE" ]; then
     echo -e "${RED}❌ members.emails not found at: $EMAILS_FILE${NC}"
     echo -e "${YELLOW}   Create it with one email address or @domain.com wildcard per line.${NC}"
-    echo -e "${YELLOW}   See members.emails.example for the format.${NC}"
+    echo -e "${YELLOW}   See app/config-example/members.emails for the format.${NC}"
     exit 1
 fi
 
@@ -45,7 +45,7 @@ if [ -z "$REGISTRATION_EMAILS" ]; then
 fi
 
 ENTRY_COUNT=$(echo "$REGISTRATION_EMAILS" | tr ',' '\n' | grep -c '[^[:space:]]' || true)
-echo -e "${GREEN}✅ Loaded $ENTRY_COUNT entry(ies) from members.emails${NC}"
+echo -e "${GREEN}✅ Loaded $ENTRY_COUNT entry(ies) from app/config/members.emails${NC}"
 
 # ── Update .env ───────────────────────────────────────────────────────────────
 

package/scripts/deploy-primershear-emails.sh

@@ -3,7 +3,7 @@
 # ============================================
 # PRIMERSHEAR EMAIL LIST DEPLOYMENT SCRIPT
 # ============================================
-# Reads primershear.emails, updates PRIMERSHEAR_EMAILS in .env,
+# Reads app/config/primershear.emails, updates PRIMERSHEAR_EMAILS in .env,
 # then deploys that secret directly to Cloudflare Pages (production).
 
 set -e
@@ -26,7 +26,7 @@ trap 'echo -e "\n${RED}❌ deploy-primershear-emails.sh failed near line ${LINEN
 
 # ── Read emails file ──────────────────────────────────────────────────────────
 
-EMAILS_FILE="$PROJECT_ROOT/primershear.emails"
+EMAILS_FILE="$PROJECT_ROOT/app/config/primershear.emails"
 
 if [ ! -f "$EMAILS_FILE" ]; then
     echo -e "${RED}❌ primershear.emails not found at: $EMAILS_FILE${NC}"
@@ -44,7 +44,7 @@ if [ -z "$PRIMERSHEAR_EMAILS" ]; then
 fi
 
 EMAIL_COUNT=$(echo "$PRIMERSHEAR_EMAILS" | tr ',' '\n' | grep -c '[^[:space:]]' || true)
-echo -e "${GREEN}✅ Loaded $EMAIL_COUNT email address(es) from primershear.emails${NC}"
+echo -e "${GREEN}✅ Loaded $EMAIL_COUNT email address(es) from app/config/primershear.emails${NC}"
 
 # ── Update .env ───────────────────────────────────────────────────────────────
 

package/workers/audit-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "audit-worker",
-  "version": "5.5.2",
+  "version": "6.0.1",
   "private": true,
   "scripts": {
     "deploy": "wrangler deploy",

package/workers/audit-worker/wrangler.jsonc.example

@@ -7,7 +7,7 @@
   "name": "AUDIT_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/audit-worker.ts",
-  "compatibility_date": "2026-04-10",
+  "compatibility_date": "2026-04-12",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/workers/data-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "data-worker",
-  "version": "5.5.2",
+  "version": "6.0.1",
   "private": true,
   "scripts": {
     "deploy": "wrangler deploy",

package/workers/data-worker/src/signature-utils.ts

@@ -5,6 +5,8 @@ export interface WorkerSignatureEnvelope {
   value: string;
 }
 
+const RSA_PSS_SALT_LENGTH = 32;
+
 function base64UrlEncode(value: Uint8Array): string {
   let binary = '';
   for (const byte of value) {
@@ -57,7 +59,7 @@ export async function signPayload(
     'pkcs8',
     parsePkcs8PrivateKey(privateKey),
     {
-      name: 'RSASSA-PKCS1-v1_5',
+      name: 'RSA-PSS',
       hash: 'SHA-256'
     },
     false,
@@ -65,7 +67,10 @@ export async function signPayload(
   );
 
   const signature = await crypto.subtle.sign(
-    { name: 'RSASSA-PKCS1-v1_5' },
+    {
+      name: 'RSA-PSS',
+      saltLength: RSA_PSS_SALT_LENGTH
+    },
     signingKey,
     new TextEncoder().encode(payload)
   );

package/workers/data-worker/src/signing-payload-utils.ts

@@ -52,10 +52,10 @@ export interface AuditExportSigningPayload {
   hash: string;
 }
 
-export const FORENSIC_MANIFEST_VERSION = '2.0';
-export const CONFIRMATION_SIGNATURE_VERSION = '2.0';
-export const AUDIT_EXPORT_SIGNATURE_VERSION = '1.0';
-export const FORENSIC_MANIFEST_SIGNATURE_ALGORITHM = 'RSASSA-PKCS1-v1_5-SHA-256';
+export const FORENSIC_MANIFEST_VERSION = '3.0';
+export const CONFIRMATION_SIGNATURE_VERSION = '3.0';
+export const AUDIT_EXPORT_SIGNATURE_VERSION = '2.0';
+export const FORENSIC_MANIFEST_SIGNATURE_ALGORITHM = 'RSASSA-PSS-SHA-256';
 
 const SHA256_HEX_REGEX = /^[a-f0-9]{64}$/i;
 

package/workers/data-worker/wrangler.jsonc.example

@@ -5,7 +5,7 @@
   "name": "DATA_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/data-worker.ts",
-  "compatibility_date": "2026-04-10",
+  "compatibility_date": "2026-04-12",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/workers/image-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "image-worker",
-  "version": "5.5.2",
+  "version": "6.0.1",
   "private": true,
   "scripts": {
     "deploy": "wrangler deploy",

package/workers/image-worker/wrangler.jsonc.example

@@ -2,7 +2,7 @@
   "name": "IMAGES_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/image-worker.ts",
-  "compatibility_date": "2026-04-10",
+  "compatibility_date": "2026-04-12",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/workers/pdf-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pdf-worker",
-  "version": "5.5.2",
+  "version": "6.0.1",
   "private": true,
   "scripts": {
     "generate:assets": "node scripts/generate-assets.js",

package/workers/pdf-worker/wrangler.jsonc.example

@@ -2,7 +2,7 @@
   "name": "PDF_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/pdf-worker.ts",
-  "compatibility_date": "2026-04-10",
+  "compatibility_date": "2026-04-12",
   "compatibility_flags": [
     "nodejs_compat"
   ],

package/workers/user-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "user-worker",
-  "version": "5.5.2",
+  "version": "6.0.1",
   "private": true,
   "scripts": {
     "deploy": "wrangler deploy",

package/workers/user-worker/wrangler.jsonc.example

@@ -2,7 +2,7 @@
   "name": "USER_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/user-worker.ts",
-  "compatibility_date": "2026-04-10",
+  "compatibility_date": "2026-04-12",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/wrangler.toml.example

@@ -1,6 +1,6 @@
 #:schema node_modules/wrangler/config-schema.json
 name = "PAGES_PROJECT_NAME"
-compatibility_date = "2026-04-10"
+compatibility_date = "2026-04-12"
 compatibility_flags = ["nodejs_compat"]
 pages_build_output_dir = "./build/client"