Secure credential data handling

n8n-io/n8n

Based on 4 comments

Typescript

Always protect sensitive credential data through proper encryption, secure storage, and careful handling in code. Key requirements: 1. Never store credentials in plaintext within source code

Security Typescript

Reviewer Prompt

Always protect sensitive credential data through proper encryption, secure storage, and careful handling in code. Key requirements:

Never store credentials in plaintext within source code
Use appropriate encryption for sensitive fields
Preserve user-configured security settings
Handle credential updates safely

Example - Instead of:

class Config {
  password: string = 'admin';  // BAD: Hardcoded credential
  
  constructor(options) {
    this.tls = {};  // BAD: Overwrites user TLS settings
  }
}

Use: ```typescript class Config { @Env(‘DB_PASSWORD’) // GOOD: Environment variable password: string = ‘’;

constructor(options) { this.tls = options.tls ?? {}; // GOOD: Preserves settings } }

// GOOD: Proper credential field protection class Credentials { @Column({ type: ‘string’, typeOptions: { password: true } // Enables encryption }) sslKey: string; }

Comments Analyzed

Typescript

Primary Language

Security

Secure credential data handling

Reviewer Prompt

Source Discussions

Add Repository

Private Repository