Dubious external scripts being injected by the plugin

[EnKrypt]

https://github.com/Hmerritt/discord-encryption/blob/a561a63e77256b451222ad5ed6035e95dbe12c69/encryption.plugin.js#L10-L13

This is a terrible practice.

• It puts away code that is a part of the plugin on an external source which hinders proper reviewing. \ (breaks one of the key reasons of why open source exists)
• It hides the intention of what those scripts are supposed to be doing. \ (missing documentation, and the scripts are hosted behind personal domains, instead of a well known cdn)

BetterDiscord has faced issues in the past with 3rd party plugins stealing tokens and performing other malicious activity.

As such, I think transparency and security are important concerns if you are releasing a plugin. \ I initially debated submitting a pull request to fix these issues myself, but decided that it might make more sense to me if I made my own end to end discord encryption plugin from scratch, to fix some other issues along the way as well. \ However, given that this plugin has gained some attention, I request the owner to fix these concerns anyway.

[hmerritt]

I know I am a bit late to the party on this one (when I wrote this plugin I hardly knew how to use git/github)

I wrote this plugin when I was still learning JavaScript/coding in general and realise now that you are absolutely right (I never intended to use bad practises or be sly/dubious when making this plugin).

I firmly believe in open-source and improving each-others knowledge when doing so by opening issues such as this.

Having looked back at the code I am going to just re-write the whole script and hopefully use better practices when doing so