todo-app/linux
Krzysztof kuhy Rudnicki 9841aecd32 Store the GitHub sync token in the OS keystore, migrating off plaintext
The token moved from plaintext SharedPreferences into flutter_secure_storage
(Android Keystore / libsecret). Only the non-secret owner/repo/clientId stay in
prefs. Migration is confirm-before-delete: load() reads the keystore first and
falls back to the legacy plaintext token, migrating it only once a secure write
succeeds; save() likewise keeps writing plaintext if no secret service is
available, so we degrade to — never below — the old behaviour.

157 tests, 100% line coverage, analyze clean. Verified on-device: Settings
stays connected and sync succeeds after the one-time migration.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-15 22:57:05 +02:00
..
flutter Store the GitHub sync token in the OS keystore, migrating off plaintext 2026-06-15 22:57:05 +02:00
runner Initial commit: offline-first CRDT notes app (capture + GitHub sync) 2026-06-14 14:20:19 +02:00
.gitignore Initial commit: offline-first CRDT notes app (capture + GitHub sync) 2026-06-14 14:20:19 +02:00
CMakeLists.txt Initial commit: offline-first CRDT notes app (capture + GitHub sync) 2026-06-14 14:20:19 +02:00