1.0.0 official release

Encrypted backups.
Same everywhere.

FileFerry is an all-Rust CLI for encrypted, compressed, deduplicated backups to local and S3-compatible repositories. It is built for shells, restore drills, and self-hosted operations.

Command
ferry
Mode
CLI-only
Backends
Local + S3
$ ferry init s3://company-backups/laptops
repository initialized · format v0 · encrypted

$ ferry backup ~/Documents --tag laptop --jsonl
{"event":"command_started","command":"backup",...}
{"event":"progress","data":{"phase":"write_commit"},...}
{"event":"command_completed","command":"backup",...}
# stdout stays JSONL · progress stays on stderr

$ ferry restore --latest ~/restore-test
restored · verified bytes · metadata warnings reported

V1 shipped with scoped support evidence.

The 1.0.0 release exercises FileFerry's encrypted backup, restore, check, retention, key-management, machine-output, and release-artifact paths. Platform wording is limited to observed CI, tests, artifacts, and smoke evidence.

Included

Encrypted snapshots

Client-side encrypted, compressed, deduplicated snapshots for local and S3-compatible repositories.

Included

Restore drills

Restore by latest, id, tag, and path with destination safety checks and byte verification.

Included

Operator output

Human output, one-document JSON, newline-delimited JSON events, and documented exit-code families.

Included

Release evidence

Signed checksums, SBOMs, cargo-auditable metadata, manifests, installer scripts, and archive-smoke JSON.

Limited

Metadata restore

Regular-file and directory modified times plus Unix mode bits are applied where representable; other metadata is reported as warnings.

Not included

Non-CLI product modes

No GUI, TUI, daemon, scheduler, server, SaaS dashboard, mobile app, FUSE mount, or format-compatibility mode.

signed v1 artifacts

Download the target archive and verify the attached evidence.

The release attaches archives for Linux x86_64 GNU, Linux ARM64 GNU, macOS x86_64, macOS ARM64, and Windows x86_64 MSVC. Each target includes checksums, a Sigstore bundle, SBOM, manifest, archive-smoke JSON, and installer scripts.

1.0.0 artifact targets
Linux
x86_64-unknown-linux-gnu
Linux
aarch64-unknown-linux-gnu
macOS
x86_64-apple-darwin
macOS
aarch64-apple-darwin
Windows
x86_64-pc-windows-msvc

Built for shells, logs, runbooks, and restore drills.

FileFerry is automation-first. Human progress is optional; stdout is machine output and exit codes are treated as an API surface.

01

Stdout is data

Human progress and diagnostics stay on stderr so scripts can trust stdout.

02

JSON and JSONL

Single-document output for state. Newline-delimited events for long operations.

03

Dry-run destructive work

Forget and prune expose explicit dry-run behavior before object deletion.

04

Restore honesty

Metadata that cannot be applied is reported instead of silently claimed restored.

Encrypted before anything leaves the machine.

FileFerry uses client-side encryption and authenticated repository objects. The 1.0.0 release has tests for wrong-key, wrong-password, tamper, corruption, and redaction paths, but it is not an external audit claim.

Authenticated encryption

Contents, names, directory shape, manifests, indexes, and sensitive config are stored in authenticated encrypted objects.

Original format

FileFerry does not read or write restic, rustic, Borg, Kopia, or rclone-native repository formats.

Append-friendly storage

Immutable objects, retry-safe writes, explicit commit markers, and no required rename assumptions.