Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

password needs to be securely generated #26

Closed
nhooyr opened this Issue Mar 6, 2019 · 3 comments

Comments

Projects
None yet
4 participants
@nhooyr
Copy link
Collaborator

nhooyr commented Mar 6, 2019

@nhooyr

This comment has been minimized.

@NGTmeaty

This comment has been minimized.

Copy link

NGTmeaty commented Mar 6, 2019

Oops sorry, I brought up the same concerns here: #4 (comment)

@Multishifties

This comment has been minimized.

Copy link
Contributor

Multishifties commented Mar 6, 2019

@nhooyr Given this is in the CLI, I don't believe the window scope for window.crypto.getRandomValues() will be accessible. However we may be able to use https://nodejs.org/dist/latest-v10.x/docs/api/crypto.html#crypto_crypto_randomfillsync_buffer_offset_size instead. It's similar in that according to the docs it also generates cryptographically strong pseudo-random data.

I'll tackle this one. Should have a PR up for this shortly.

UPDATE: PR is here #51

Multishifties added a commit to Multishifties/code-server that referenced this issue Mar 6, 2019

kylecarbs added a commit that referenced this issue Mar 7, 2019

@kylecarbs kylecarbs closed this Mar 7, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.