Closed robin-nitrokey closed 7 months ago
Maybe we can have an allowlist of config changes that don't have side effects, and only warn for the others ?
I’ve added a whitelist that skips the warning and confirmation for known config values without side effects, currently only fido.disable_skip_up_timeout
.
lgtm, I think this is a perfectly sane behavior for a cli tool to just warn, but keep a generic interface - also nicer to test - and for end-users (less-techy-users) nitrokey-app2 should be used anyways...
With the upcoming firmware release for the Nitrokey 3, changing some configuration values can have side effects, namely a reset of the opcard application. We will add new commands with additional information and warnings in the future. For the time being, this patch adds a warning to the set-config command, indicating that it may cause data loss and should only be used for testing and development.
@sosthene-nitrokey We want to release pynitrokey today for some NetHSM fixes. I’d like to include something like this even if we don’t have the proper commands for changing specific config values yet. What do you think?