| Age | Commit message (Collapse) | Author |
|---|
|
this is a contribution from jk (sectore) that I rebased and squashed
into this commit.
the tests were broken in the last few commits to rush out some fixes.
this change may introduce more issues because of
Relay.respond_standard_req.
|
|
in preparation for issuing to crates.io
|
|
|
|
- create yaml file with maintainers and relays
- add maintainers to repo event
- add current user as maintainer
- custom repo relays from cli argument
- save git-server in repo event
|
|
fix breaking changes
|
|
add tests but these currently don't work when run together
|
|
- add client
- use client to send event
- add async functionality - enabler for relay interaction whilst
getting cli input
|
|
- identify commits
- create pull request event
- create patch events
|
|
Enables the user to only handle the nsec upon first use of the tool
by encrypting it with a password and storing it on disk in an
application cache.
The approach to encryption draws heavily from that used by the gossip
nostr client.
- unencrypted nsec is zeroed from memory
- a salt is used to defend against rainbow tables
- computationally expensive key stretching defends against
brute-force attacks of passwords with low entropy.
There is UX trade-off between decryption speed and key-stretching
computation. This UX challenge is exacerbated in a cli tool as
decryption must take place more regularly. Thought was put into the
selected n_log and a heavily reduced value is provided for long
passwords where security benefits are smaller.
A more granular reducing in computation was also considered by
rejected to avoided to revealing just how weak a password is as most
weak passwords are reused.
|
|
Create skeleton for a complete rebuild of the prototype as a production
ready product.
Includes design patterns for:
- dependency injection
- unit testing with dependency mocking
- integration testing
- error handling
- config storage
BREAKING-CHANGE: ground-up redesign with incompatible protocol standards
|
|
|