opencode icon indicating copy to clipboard operation
opencode copied to clipboard
Published 2 hours ago verified publisher icon anomalyco

feat: store sensitive info in keychain

Open kevcube opened this issue 5 months ago • 2 comments

Stores sensitive information in keychain. Tested on macOS only.

updated to use new bun.secrets API

replaces get() set() all() delete() functions in auth to use keychain instead of file.

pros:

  • increases security

cons:

  • removes text-editability of API keys
  • breaking change to UX, requiring either automatic migrations of secrets into keychain, or users must re-auth to everything.

kevcube avatar Aug 08 '25 05:08 kevcube

this was oneshotted with opencode and gpt-5. if any changes are desired lmk

kevcube avatar Aug 08 '25 10:08 kevcube

@thdxr looking for review here. I have a patch ready to perform automatic migration-into-keychain every time a user accesses a secret.

kevcube avatar Sep 06 '25 11:09 kevcube