search

renovatebot / renovate

Home of the Renovate CLI: Cross-platform Dependency Automation by Mend.io
https://mend.io/renovate
GNU Affero General Public License v3.0
16.48k stars 2.11k forks source link

Switch from openpgp to node crypto #27377

Open viceice opened 4 months ago

viceice commented 4 months ago

Describe the proposed change(s).

We planned already to drop openpgp because of license issue. Now with latest node version the default encryption is broken.

We should switch do a more modern build-in encryption. Eg: ECDH asymetric key and derived AES-GCM key.

I'll soon add some code samples to renovate codebase

HonkingGoose commented 2 weeks ago

Is this still a thing we want to do?

viceice commented 2 weeks ago

probably yes, but prio is reduced since we switched the pgp library