Skip to content

Remove .idea from VCS, use explicit CSPRNG, fix cross-platform fallback paths#3

Merged
prekucki merged 2 commits into
prek/multi-platformfrom
copilot/review-idea-files
Feb 25, 2026
Merged

Remove .idea from VCS, use explicit CSPRNG, fix cross-platform fallback paths#3
prekucki merged 2 commits into
prek/multi-platformfrom
copilot/review-idea-files

Conversation

Copy link
Copy Markdown

Copilot AI commented Feb 25, 2026
edited
Loading

Addresses three review findings: committed IDE config, unclear RNG security posture, and Unix-style hardcoded fallback paths.

  • .idea/ removed from git, added to .gitignore

  • Explicit CSPRNG for key generation — replaced rand::rng() (ThreadRng) with StdRng::from_os_rng() across all three call sites in keys.rs. SecretKey::generate already enforces CryptoRng at compile time, but the previous code made reviewers second-guess the security properties. StdRng::from_os_rng() is unambiguous: ChaCha12 seeded directly from OS entropy.

// before
let mut rng = rand::rng();
let sk = SecretKey::generate(&mut rng);

// after
let sk = SecretKey::generate(&mut StdRng::from_os_rng());
  • Platform-aware fallback paths — replaced string-literal Unix paths with Path::join() in keys.rs and config.rs. These are only reached when ProjectDirs::from() returns None (rare), but the old form (PathBuf::from(".config/iroh-proxy/secret_key")) was sloppy on Windows.
// before
PathBuf::from(".config/iroh-proxy/config.toml")

// after
PathBuf::from(".config").join("iroh-proxy").join("config.toml")

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

@prekucki
Add .idea/ to .gitignore, use explicit CSPRNG for key generation, fix…
32b3c42 
… fallback paths for cross-platform compatibility

Co-authored-by: prekucki <56750+prekucki@users.noreply.github.com>
Copilot AI changed the title [WIP] Review PR for .idea files and key generation Remove .idea from VCS, use explicit CSPRNG, fix cross-platform fallback paths Feb 25, 2026
Copilot AI requested a review from prekucki February 25, 2026 12:27
@prekucki prekucki marked this pull request as ready for review February 25, 2026 14:36
@prekucki prekucki merged commit ac57f36 into prek/multi-platform Feb 25, 2026
1 check failed
Copilot AI requested a review from prekucki February 25, 2026 14:37
Copilot stopped work on behalf of prekucki due to an error February 25, 2026 14:37
The session was cancelled by the user.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@prekucki prekucki Awaiting requested review from prekucki

Assignees

@prekucki prekucki

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@prekucki