-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is this package secure? #72
Comments
I mean, it's called "kooky" for a reason. You'd be crazy to use it! 😂 |
@kkHAIKE Do you have any specific concerns or questions about this codebase? |
Just a bit anxious, but there are no other options. Worried that he might be manipulated by malicious packages or PR control. |
I really like the idea of trying to keep the dependencies as minimal as possible, but I'm not knowledgeable enough about the various cookie and secret stores to remove any of the current dependencies easily. 😞 |
there is other way to get cookies, at least for chrome |
rod asks a running chrome instance for the cookies afaik. break down of the few dependencies: # needed for decryption # needed for pure go sqlite # for firefox (querying profile location in profiles.ini config file) # for example program # for firefox host field in the sqlite db - see #69 # ESE parsing for old IE/Edge cookie stores # official x packages |
A low star count doesn't mean bad security. |
I noticed that some packages with very low stars have been included. I think this repository should prioritize security.
The text was updated successfully, but these errors were encountered: