Provider API key saved in session files in the clear #96
Comments
|
I should think about it. Probable solution: add ability to save session files in separate directory (like autosave files). Another probable solution: encrypt/decrypt keys during save/load. But it will make things complicated. Not sure if I want to do it. |
|
Emacs has builtin gpg-support. I wonder if it would "just work" if ellama supported saving with extension |
In interactive mode at least, simply opening a file with the extension .gpg seems to activate encryption/decryption (in Doom Emacs AFAIK). |
I've noticed the session key is saved in the clear with the session data... might need to be taken care of? Not a priority as far as I'm concerned and these files are not supposed to be shared I guess... I also think I would make users aware of
ellama-sessions-directory... it's a wonderful feature and I changed it, so these records are in my org directory and are searchable...The text was updated successfully, but these errors were encountered: