Make use of new Alfred 5 features

[jovobe]

It would be great to use the new Workflow User Configuration feature.

[skyzyx]

I also took the time to port the original Python 2-based workflow. I wrote mine in Go, you wrote yours in Rust. It's all good.

My only concern with this — and the reason I didn't do it this way with mine — is that credentials should never be stored in plain-text on-disk. They should be encrypted inside a dedicated store — like the Keychain.

From what I was reading, using this feature stores the values to disk, unencrypted. I spend a lot of time working with the Cloud (AWS, specifically), and I learned several years ago that there is an important distinction between parameters and secrets.

I think that this feature of Alfred is great for parameters, but without encryption, I'm extremely hesitant to embrace it for storing secrets, like a personal access token or really even the username/email (since both work together as a pair for authentication). Storing both in the Keychain may admittedly be slightly paranoid, but I think that paranoia about storing a PAT this way is warranted.

From one engineer to another, I'm interested in your thoughts on the matter.

[jovobe]

Generally spoken, I think you are absolutely right! Sensitive information should never be stored in an unencrypted way.

For my implementation, I just wasn't aware of Alfred's way of storing values of environment variables. I somehow assumed Alfred would encrypt them by default.

Do you know a common way of storing these values in a secure location like Keychain?

[skleinei]

Makes sense @skyzyx

It looks like they have it on the roadmap: https://www.alfredforum.com/topic/18719-alfred-5-add-user-configuration-password-field/