Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Replace recommended storage engine for secure storage on react-native#1465

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Open
heg2 wants to merge1 commit intort2zz:master
base:master
Choose a base branch
Loading
fromheg2:master

Conversation

@heg2
Copy link

@heg2heg2 commentedFeb 2, 2024

The previously recommendedredux-persist-sensitive-storage only encrypts the data on iOS; on Android it is stored in clear text and readable via the file browser. There exists an alpha-Branch which solves the problem, but this is in alpha years now and not updated anymore. Also, this branch fails on Android 9 and older.

We switched toreact-native-encrypted-storage in all our projects; it solves the problems mentioned above and works fine.

This would be a better suggestion than the currently suggested storage library, which has a high risk for security breaches for Android users.

react-native-encrypted-storage instead of redux-persist-sensitive-storage: the latter does not store data encrypted on android!
@losh11
Copy link

FYI react-native-encrypted-storage has been deprecated. It hasn't been maintained in over a year, and has been archived by the repo creators.

@heg2
Copy link
Author

I can't find any notes of it being deprecated or archived?
While it's true that it has not been updated for a year, it is a working solution (unlike the currently recommended redux-persist-sensitive-storage, which by the way has not been updated for seven years).

However, this repo here seems pretty abandoned too, so... 🤷

@losh11
Copy link

If you open up the encrypted-storage repo ongithub, you can see there's a banner on the top that says that the repo has been archived.

heg2 reacted with thumbs up emoji

@evanwalsh
Copy link

FWIW, this is the thin wrapper aroundreact-native-keychain that I use:

import{getGenericPassword,resetGenericPassword,setGenericPassword,}from'react-native-keychain'constKeychainPersistStore={asyncgetItem(key:string):Promise<string|undefined>{constvalue=awaitgetGenericPassword({service:key})if(value){returnvalue.password}},asyncsetItem(key:string,value:string):Promise<void>{awaitsetGenericPassword('data',value,{service:key})},asyncremoveItem(key:string):Promise<void>{awaitresetGenericPassword({service:key})},}

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@heg2@losh11@evanwalsh
[8]ページ先頭
©2009-2025 Movatter.jp