New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace deprecated crypto.createDecipher()
and crypto.createCipher()
Node.js methods
#76
Conversation
Can you explain how it manages that?
That's meaningless as the decryption key can be easily found in the JS code of the app. |
In the other PR, already existed data (encrypted with
Yes, but this is no more because of sindresorhus/conf. Now the security is assured by this package (random IV, strong data encryption). This is now the developer of the application which shoud take care of the password security if it want to use this package for security purposes. If the key used to decrypt the data is stored with To resume, this PR resolve the depreciation by a way that is transparent for the user and without break existing implementations. Is it more understandable? ;) |
Hi @sindresorhus, Is my proposal okey for you ? Do you require some changes or additional clarification ? Thanks |
Yes, makes sense. I think indeed this is the best solution. Can you add a test that ensures a config encrypted with the existing version will be correctly decrypted with this version? Just commit a small config fixture encrypted with the current version (in master). |
@sindresorhus done. Do you think we should update this in
|
Sure |
@sindresorhus is all okey for you now ? |
Filename |
crypto.createDecipher()
and crypto.createCipher()
crypto.createDecipher()
and crypto.createCipher()
crypto.createDecipher()
and crypto.createCipher()
Node.js methods
A new release is out. Can you add this to electron-store too in form of a dependency bump and readme updates? |
Yes, I will do it. Thanks for reviews and merge ;) Edit: done in sindresorhus/electron-store#72. |
Fix sindresorhus/electron-store#67
It is better than #72 in this way: