To get access to a repository that needs credentials, the Chocolatey package scripts may need access to encrypted values. In the case of https://github.com/chocolatey/choco/issues/3101, this is API keys, but I can see this being useful for encrypted config values too.
Describe The Solution. Why is it needed?
Allows access to encrypted values in the Chocolatey package scripts.,
Additional Context
On the surface this seems like a good idea, however there are many things security-wise to consider. For example you could create a package that simply dumps on the API keys to the screen which isn't going to be good. So maybe you add a field that allows the key to be used in a package script, or you just use encrypted values etc.
Thought needs to be put in here, and it could end up that we can't do this.
Checklist
Is Your Feature Request Related To A Problem? Please describe.
This is taken from https://github.com/chocolatey/choco/issues/3101
To get access to a repository that needs credentials, the Chocolatey package scripts may need access to encrypted values. In the case of https://github.com/chocolatey/choco/issues/3101, this is API keys, but I can see this being useful for encrypted config values too.
Describe The Solution. Why is it needed?
Allows access to encrypted values in the Chocolatey package scripts.,
Additional Context
On the surface this seems like a good idea, however there are many things security-wise to consider. For example you could create a package that simply dumps on the API keys to the screen which isn't going to be good. So maybe you add a field that allows the key to be used in a package script, or you just use encrypted values etc.
Thought needs to be put in here, and it could end up that we can't do this.
Related Issues