- Guard against empty ROFI_INFO before calling decode_info to prevent IndexError
- Use .get() chain for password field access to prevent KeyError
- Raise ValueError for unknown field names instead of silently returning empty string
- Validate config keybinding values against allowed fields (password, username, totp)
- Warn to stderr when config file exists but has invalid structure
- Set history file permissions to 0o600
- Extract shared prepare_entries() helper to deduplicate selector logic
- Add --version flag
- Delete legacy src/bitwarden.py and src/main.py
- Update CLAUDE.md to reflect pyyaml dependency
Replace bw-serve/Ansible-based implementation with a clean rewrite:
- rbw CLI wrapper for listing entries and fetching credentials
- Rofi script-mode and fzf selectors with history-first sorting
- JSON-backed frecency history at ~/.cache/bw-menu/
- Clipboard support via wl-copy/xclip auto-detection
- uv + hatchling packaging with bw-menu entry point
