Feat/credential secure storage#132
Merged
Merged
Conversation
Passwords were persisted in plaintext via QSettings, and the app shipped default credentials (theengs/theengs). - Add QtKeychain as a bundled submodule (pinned 0.15.0; 0.14.0 fails to build on Qt 6.8+ Android) plus a small SecretStore wrapper that stores secrets in the OS secure store (Keychain on Apple, Credential Store on Windows, libsecret/KWallet on Linux, Android Keystore on Android). - Rework SettingsManager so MQTT/MySQL passwords never touch QSettings, with a one-time migration of any legacy plaintext value into the keychain. - Drop the shipped default credentials (now empty == not configured). - Gate behind ENABLE_SECURE_STORAGE (default ON). Validated on Android (LG H930, Samsung SM-G970U): build, install, launch, plaintext -> Android Keystore migration, and keychain round-trip read; the legacy plaintext password is removed from all app data files. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The first CI run failed on all platforms: QtKeychain 0.15.0 selects Qt5 unless BUILD_WITH_QT6 is set (its BUILD_WITH_QT5 option is vestigial; the logic keys off BUILD_WITH_QT6). Force it ON before add_subdirectory. Also install libsecret-1-dev on the Linux runner — QtKeychain's Linux backend has LIBSECRET_SUPPORT on by default and requires libsecret-1. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
QtKeychain builds its 'basic' autotest under BUILD_TESTING (default ON), and that test executable fails to link on iOS. Force BUILD_TESTING OFF before add_subdirectory; we don't build the dependency's tests anyway. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1technophile
added a commit
that referenced
this pull request
Jun 2, 2026
Documentation fell behind the 1.5.0 release train after PR #130. Fold the four user-facing PRs that landed since into the existing 1.5.0 section of the changelog and refresh the affected pages on the doc site. - use.md: note the new MQTT-down banner in the device list; replace the manual "Permissions/Battery/Unrestricted" walkthrough with the consolidated in-app Background updates screen (background location + exact alarms + battery-optimisation rows); document that the "Update interval" setting now actually drives the Android background scan cadence (one ~60 s window per interval, idle in between). - build.md: require libsecret-1-dev on Linux; add the new ENABLE_SECURE_STORAGE CMake option for QtKeychain-backed credential storage. - privacy.md: bump the last-updated date; note that broker credentials are persisted in the OS-managed secure store rather than plaintext settings. - CHANGELOG.md: under the existing [1.5.0] entry, add the MQTT-down banner, consolidated Background updates page, and AllowWhileIdle exact-alarm scheduler to Added; the scan-cadence fix and the ENABLE_MBEDTLS=OFF guard to Fixed; and credential storage to Security. PRs covered: #131 (MQTT sentinels), #132 (credential secure storage), #133 (background scan cadence), #135 (background-alarm-doze train, including the consolidated Background updates page and the exact AllowWhileIdle scheduler). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1technophile
added a commit
that referenced
this pull request
Jun 6, 2026
Bump the 1.5.0 release date to 2026-06-06 and fold in the user-facing changes that landed between #130 and the cut: TheengsDecoder v2.3.0 (#137), MQTT sentinels + sampling caption (#131), credential secure storage (#132), background-update scheduling and consolidated permissions UI (#133, #135), the About-screen decoder version and build number (#139), the iOS mbedTLS static-link fix (#138), and the device_bm26 ENABLE_MBEDTLS guard (#134). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
3 tasks
1technophile
added a commit
that referenced
this pull request
Jun 6, 2026
Bump the 1.5.0 release date to 2026-06-06 and fold in the user-facing changes that landed between #130 and the cut: TheengsDecoder v2.3.0 (#137), MQTT sentinels + sampling caption (#131), credential secure storage (#132), background-update scheduling and consolidated permissions UI (#133, #135), the About-screen decoder version and build number (#139), the iOS mbedTLS static-link fix (#138), and the device_bm26 ENABLE_MBEDTLS guard (#134). Co-authored-by: Florian <1technophile@users.noreply.github.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description:
Secure credential storage: move MQTT/MySQL passwords to the OS keychain
Passwords were persisted in plaintext via QSettings, and the app shipped
default credentials (theengs/theengs).
build on Qt 6.8+ Android) plus a small SecretStore wrapper that stores
secrets in the OS secure store (Keychain on Apple, Credential Store on
Windows, libsecret/KWallet on Linux, Android Keystore on Android).
with a one-time migration of any legacy plaintext value into the keychain.
Validated on Android (LG H930, Samsung SM-G970U): build, install, launch,
plaintext -> Android Keystore migration, and keychain round-trip read; the
legacy plaintext password is removed from all app data files.
Checklist: