|
|
|
|
|
|
by joshka
454 days ago
|
|
|
> The network aspects of Atuin also gave me the heebie-jeebies. Reasonable people can differ on such matters. The networking stuff can be fully compiled out of Atuin. The client and sync feature flags[1] control this, and it's fairly trivial to confirm that the networking crate (reqwest) is only enabled when the sync feature is enabled.[2] Atuin can also be configured to only talk to your own sync server rather than the Atuin run server, and the history is e2e encrypted, so :shrug:. There's enough good engineering there that I'd not put it as particularly high on my list of security risks. [1]: https://github.com/atuinsh/atuin/blob/e8df3d168e7fb9d6f99d97... [2]: https://github.com/atuinsh/atuin/blob/e8df3d168e7fb9d6f99d97... |
|
|