Authenticator [FIX] Seconds not properly prevented from being negative

The current code ...

https://github.com/Authenticator-Extension/Authenticator/blob/6511920bac98576e3c97fe2d213b23e9dc899422/src/store/Accounts.ts#L90

... fails in these two examples:

0 - 61 + 60 < 0
59 - 120 + 60 < 0

The offset (middle value) can be as low as -300.

https://github.com/Authenticator-Extension/Authenticator/blob/6511920bac98576e3c97fe2d213b23e9dc899422/src/syncTime.ts#L27

So the least you can have is -241 (59 - 300), the + 60 is not enough to make a positive number.

Without this fix, in the examples given above, the effect will be:

Countdown circle animation may be out of sync with the current time step because animationDelay will be stuck at 0s.

https://github.com/Authenticator-Extension/Authenticator/blob/6511920bac98576e3c97fe2d213b23e9dc899422/src/components/Popup/EntryComponent.vue#L22-L29

timeout class will never activate unless entry.period < 5 because the left side of the < condition will be stuck at entry.period.

https://github.com/Authenticator-Extension/Authenticator/blob/6511920bac98576e3c97fe2d213b23e9dc899422/src/components/Popup/EntryComponent.vue#L59

Sep 17 '24 00:09 olfek

Requesting review @Sneezry @mymindstorm

Sep 17 '24 15:09 olfek

It's on my to-do list, but might take me a while to get to this

Sep 17 '24 22:09 mymindstorm

🛎️🛎️🛎️ @Sneezry @mymindstorm

Oct 04 '24 11:10 olfek

@mymindstorm 📟📟📟

Oct 19 '24 11:10 olfek

It looks like I don't have permission to push to your branch to fix the lint issues.

Oct 21 '24 01:10 mymindstorm

@mymindstorm I've added you as a collaborator.

Oct 21 '24 06:10 olfek

FYI, I've never been a fan of prettier, it's too opinionated. The actual code is important, how it's formatted can always be corrected later.

Oct 21 '24 14:10 olfek

@mymindstorm I think we're good to go here

Oct 23 '24 16:10 olfek

@mymindstorm ...

After running prettier with the --write option, I get this from git diff --stat :

 src/store/Accounts.ts | 79 +++++++++++++++++++++++++--------------------------
 1 file changed, 38 insertions(+), 41 deletions(-)

Would you like me to commit this? - It will pollute the PR diff a little, I await your decision.

Oct 23 '24 17:10 olfek

That doesn't seem right, have you tried running npm run chrome? It will automatically format it using our configs.

Oct 23 '24 19:10 mymindstorm

@mymindstorm You have collaborator access to my fork, can you take over from here?

Oct 23 '24 19:10 olfek

@mymindstorm ...

That doesn't seem right, have you tried running npm run chrome? It will automatically format it using our configs.

I don't think you have any prettier configs (https://prettier.io/docs/en/configuration)

Oct 23 '24 19:10 olfek

When you use prettier outright instead of through npm run, depending on how your system is configured it might use a different version which may have different rules.

Oct 23 '24 19:10 mymindstorm

I'll get to this when I can just am extremely busy.

Oct 23 '24 19:10 mymindstorm

@mymindstorm ...

When you use prettier outright instead of through npm run, depending on how your system is configured it might use a different version which may have different rules.

https://prettier.io/docs/en/configuration says

Prettier intentionally doesn’t support any kind of global configuration. This is to make sure that when a project is copied to another computer, Prettier’s behavior stays the same. Otherwise, Prettier wouldn’t be able to guarantee that everybody in a team gets the same consistent results.

Oct 23 '24 19:10 olfek

@mymindstorm ...

I propose temporarily (or permanently?) suspending the Prettier CI step until you set up a config file.

Oct 23 '24 19:10 olfek

@mymindstorm ...

After running prettier with the --write option, I get this from git diff --stat :
 src/store/Accounts.ts | 79 +++++++++++++++++++++++++--------------------------
 1 file changed, 38 insertions(+), 41 deletions(-)
Would you like me to commit this? - It will pollute the PR diff a little, I await your decision.

@mymindstorm ...

So ... I was getting a big diff because I was using npx to run prettier like this:

npx prettier --check ./src/* ./src/**/* ./src/**/**/* ./sass/*.scss

... without running npm install, meaning the latest version of prettier (3.3.3) was being used instead of the package.json declared 2.2.1.

The default rules have changed since 2.2.1. See:

https://github.com/prettier/prettier/blob/2.2.1/src/language-js/options.js https://github.com/prettier/prettier/blob/3.3.3/src/language-js/options.js

https://github.com/prettier/prettier/blob/2.2.1/src/main/core-options.js https://github.com/prettier/prettier/blob/3.3.3/src/main/core-options.evaluate.js

Nov 08 '24 14:11 olfek

@mymindstorm Can you run CI again?

Nov 08 '24 14:11 olfek

@mymindstorm 📣📣📣

Nov 18 '24 13:11 olfek

@mymindstorm If you're too busy to work on this project, you think maybe it's time to pass it on to someone who can?

Dec 01 '24 19:12 olfek

@mymindstorm If you're too busy to work on this project, you think maybe it's time to pass it on to someone who can?

Given the sensitive nature of this project, we aren't going to take into account external calls for new maintainers. We don't want to be the next xz.

Life happens and circumstances require me to put Authenticator on hold outside of high urgency tasks. We appreciate your contributions, and we're working to get them merged as soon as we can.

Dec 02 '24 02:12 mymindstorm

@mymindstorm

That was an interesting read, I didn't know about it, but with all due respect, there are probably more good cases of handing over the reins than bad, and the potential risks in unmaintained security software has far greater odds I would guess.

Dec 02 '24 08:12 olfek

@mymindstorm @Sneezry 🔔 🔔 🔔

Mar 13 '25 18:03 olfek