search

renovatebot / renovate

Home of the Renovate CLI: Cross-platform Dependency Automation by Mend.io
https://mend.io/renovate
GNU Affero General Public License v3.0
17.74k stars 2.35k forks source link

Switch from openpgp to node crypto #27377

Open viceice opened 9 months ago

viceice commented 9 months ago

Describe the proposed change(s).

We planned already to drop openpgp because of license issue. Now with latest node version the default encryption is broken.

We should switch do a more modern build-in encryption. Eg: ECDH asymetric key and derived AES-GCM key.

I'll soon add some code samples to renovate codebase

HonkingGoose commented 5 months ago

Is this still a thing we want to do?

viceice commented 5 months ago

probably yes, but prio is reduced since we switched the pgp library