electron-clear-data
Advanced tools
Comparing version
{ | ||
"name": "electron-clear-data", | ||
"version": "1.0.2", | ||
"description": "Clears user data for your electron application", | ||
"version": "1.0.3", | ||
"description": "Securely clears user data for your Electron application.", | ||
"homepage": "https://github.com/standardnotes/electron-clear-data#readme", | ||
"repository": { | ||
"type": "git", | ||
"url": "https://github.com/standardnotes/electron-clear-data.git" | ||
}, | ||
"bugs": { | ||
"url": "https://github.com/standardnotes/electron-clear-data/issues", | ||
"email": "security@standardnotes.org" | ||
}, | ||
"keywords": [ | ||
@@ -11,16 +20,38 @@ "electron", | ||
"wipe", | ||
"application" | ||
"application", | ||
"leveldb" | ||
], | ||
"license": "MIT", | ||
"author": "Johnny Almonte <johnny@standardnotes.org>", | ||
"main": "main.js", | ||
"main": "dist/main.js", | ||
"typings": "dist/main.d.ts", | ||
"scripts": { | ||
"test": "echo \"Error: no test specified\" && exit 1" | ||
"test": "jest", | ||
"coverage": "npm run test -- --coverage", | ||
"watch": "tsc -w", | ||
"build": "tsc", | ||
"prepublish": "npm run build" | ||
}, | ||
"devDependencies": { | ||
"fs-extra": "^9.1.0" | ||
"@jest-runner/electron": "^3.0.1", | ||
"@types/fs-extra": "^9.0.10", | ||
"@types/jest": "^26.0.22", | ||
"@types/node": "^14.14.37", | ||
"electron": "^9.4.0", | ||
"fs-extra": "^9.1.0", | ||
"jest": "^26.6.3", | ||
"spectron": "^11.0.0", | ||
"ts-jest": "^26.5.4", | ||
"ts-node": "^9.1.1", | ||
"typescript": "^4.2.4" | ||
}, | ||
"peerDependencies": { | ||
"electron": ">= 9.4.0" | ||
"electron": ">= 1.2.2" | ||
}, | ||
"files": [ | ||
"dist" | ||
], | ||
"engines": { | ||
"node": ">= 10.0.0" | ||
} | ||
} |
@@ -5,4 +5,54 @@ # electron-clear-data | ||
Clears user data for your electron application. | ||
Securely clears user data for your Electron application. | ||
## Why? | ||
Electron applications are web applications running in the Chromium engine. The Chromium engine uses [leveldb](https://github.com/google/leveldb) under the hood to store IndexedDB, localStorage, and Session Storage data. Each one of these is stored in a database. A database is represented by a set of files stored in a directory. Below is an example of a `leveldb` database: | ||
``` | ||
Local Storage/ | ||
└── leveldb | ||
├── 000003.log | ||
├── CURRENT | ||
├── LOCK | ||
├── LOG | ||
└── MANIFEST-000001 | ||
``` | ||
Our main interests here are the [Log files](###log-files) and [Sorted tables](###sorted-tables). These files, which contain a log of updates made to localStorage and IndexedDB, including key/values in plaintext, are not deleted when localStorage or IndexedDB is cleared. _This may expose private information from previous sessions, which is a security hazard._ | ||
In addition, even deleting records from IndexedDB does not remove those records from the log file. Please see [this open issue](https://github.com/google/leveldb/issues/783) on the leveldb repo for more. | ||
The only sure-fire way to clear sensitive data that was once written to localStorage or IndexedDB is to delete the underlying files manually, and restart the application so that these files are recreated. This is precisely what this package does. | ||
The core code involved in this package is not difficult to write yourself. However, it can be difficult to do safely, and to ascertain the correctness of your code. For this reason we've created this package to be as safe and reliable as possible. We've composed tests that ensure this functionality always works as you would expect and does not regress. The code is written in TypeScript to maximize compile-time safety. We'll also keep this package up to date with other Electron data-related vulnerabilities as and when they are discovered. | ||
--- | ||
## leveldb files | ||
Each database is represented by a set of files stored in a directory. There are several different types of files as documented below (all of which will be deleted by `electron-clear-data`): | ||
### Log files | ||
> A log file (*.log) stores a sequence of recent updates. Each update is appended to the current log file. When the log file reaches a pre-determined size (approximately 4MB by default), it is converted to a sorted table and a new log file is created for future updates. | ||
### Sorted tables | ||
> A sorted table (*.ldb) stores a sequence of entries sorted by key. Each entry is either a value for the key or a deletion marker for the key. (Deletion markers are kept around to hide obsolete values present in older sorted tables). | ||
### Manifest | ||
> A MANIFEST file lists the set of sorted tables that make up each level, the corresponding key ranges, and other important metadata. A new MANIFEST file (with a new number embedded in the file name) is created whenever the database is reopened. The MANIFEST file is formatted as a log, and changes made to the serving state (as files are added or removed) are appended to this log. | ||
### Current | ||
> CURRENT is a simple text file that contains the name of the latest MANIFEST file. | ||
### Info logs | ||
> Informational messages are printed to files named LOG and LOG.old. | ||
See [leveldb implementation](https://github.com/google/leveldb/blob/master/doc/impl.md) for a more detailed implementation document. | ||
## Installation | ||
@@ -24,10 +74,22 @@ | ||
* To delete sensitive [LevelDB related files](##leveldb-files) only (from the user data directory): | ||
```javascript | ||
import { clearUserData } from 'electron-clear-data'; | ||
import { clearSensitiveDirectories } from 'electron-clear-data'; | ||
... | ||
clearUserData(); | ||
clearSensitiveDirectories(); | ||
``` | ||
* To delete the entire user data directory: | ||
```javascript | ||
import { clearUserDataDirectory } from 'electron-clear-data'; | ||
... | ||
clearUserDataDirectory(); | ||
``` | ||
## Contributing | ||
@@ -45,2 +107,2 @@ | ||
See the [LICENSE](LICENSE.md) file for license rights and limitations (MIT). | ||
See the [LICENSE](LICENSE.md) file for license rights and limitations (MIT). |
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
8853
203.6%57
200%0
-100%0
-100%106
146.51%1
-50%11
1000%