cp.nvim

History

Barrett Ruth 0c06b4a55a fix(security): harden credential storage and transmission Problem: credential and cookie files were world-readable (0644), passwords transited via `CP_CREDENTIALS` env var (visible in `/proc/PID/environ`), and Kattis/USACO echoed passwords back through stdout unnecessarily. Solution: set 0600 permissions on `cp-nvim.json` and `cookies.json` after every write, pass credentials via stdin pipe instead of env var, and stop emitting passwords in ndjson from Kattis/USACO `LoginResult` (CSES token emission unchanged).	2026-03-07 18:01:54 -05:00
..
cp	fix(security): harden credential storage and transmission	2026-03-07 18:01:54 -05:00

fix(security): harden credential storage and transmission

Problem: credential and cookie files were world-readable (0644),
passwords transited via `CP_CREDENTIALS` env var (visible in
`/proc/PID/environ`), and Kattis/USACO echoed passwords back
through stdout unnecessarily.

Solution: set 0600 permissions on `cp-nvim.json` and `cookies.json`
after every write, pass credentials via stdin pipe instead of env
var, and stop emitting passwords in ndjson from Kattis/USACO
`LoginResult` (CSES token emission unchanged).

2026-03-07 18:01:54 -05:00

fix(security): harden credential storage and transmission

2026-03-07 18:01:54 -05:00