This repository has been archived on 2026-05-24. You can view files and clone it. You cannot open issues or pull requests or push a commit.

Paperclip 78a6758349 fix(db): generate unique random salt per encryptSecret call (GRO-453) ...

Use a 16-byte random salt per encryption instead of the fixed
"groombook-auth-provider-config" salt. This prevents identical
plaintexts from producing identical ciphertexts, closing the
timing/anagram security gap identified in GRO-452.

New format: salt:iv:ciphertext:authTag (all base64).
Legacy format (iv:ciphertext:authTag) is still accepted for
backward-compatible decryption of existing stored values.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-04 21:37:30 +00:00

..

migrations

feat(db): auth_provider_config table + AES-256-GCM encryption helpers

2026-04-02 17:16:35 +00:00

src

fix(db): generate unique random salt per encryptSecret call (GRO-453)

2026-04-04 21:37:30 +00:00

drizzle.config.ts

Bootstrap monorepo: Hono API, React PWA, Drizzle DB, CI/CD

2026-03-17 16:11:04 +00:00

package.json

chore: add AGPL-3.0 license and update package.json license fields

2026-03-27 18:22:19 +00:00

tsconfig.json

Fix tsconfig rootDir for correct dist output paths

2026-03-18 01:52:26 +00:00