Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(persistState): added encryption configuration for data persistence #1084

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat(persistState): added encryption configuration for data persistence #1084

wants to merge 1 commit into from

Conversation

lucbevilaqua
Copy link

PR Checklist

PR Type

What kind of change does this PR introduce?

[ ] Bugfix
[x] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Build related changes
[ ] CI related changes
[ ] Documentation content changes
[ ] Other... Please describe:

What is the current behavior?

Prior to this change, sensitive data could be stored in the storage without any encryption security. This meant that any data, regardless of its sensitivity, was stored in plain text, making it vulnerable to unauthorized access and potential data breaches

What is the new behavior?

With the new change, sensitive data is now stored securely using encryption. This means that before any data is stored, it is first encrypted using a secure encryption algorithm. This significantly enhances the security of the data, making it much harder for unauthorized individuals to access or decipher the stored data. This is particularly beneficial for sensitive data, as it adds an extra layer of protection against potential data breaches.
In addition to the encryption feature, it is strongly recommended to personalize the security key in the project. This key can be obtained from an .env file, GitHub secrets, or other secure sources. Using a personalized security key greatly enhances the security of the encryption. It is not advised to use the default encryption secretKey, as this could potentially weaken the security of the stored data. By using a unique and secure key, you ensure that your encrypted data remains as secure as possible.

Does this PR introduce a breaking change?

[ ] Yes
[x] No

@salesforce-cla Salesforce CLA
Copy link

Thanks for the contribution! Before we can merge this, we need @lucbevilaqua to sign the Salesforce Inc. Contributor License Agreement.

@anish anish closed this Jun 14, 2024
@anish anish reopened this Jun 14, 2024
@anish
Copy link

anish commented Jun 14, 2024

fixed @lucbevilaqua

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
cla:signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lucbevilaqua @anish