Skip to content

Whisper v1.0
Compare
Choose a tag to compare
@github-actions github-actions released this 15 Jul 23:11
· 48 commits to main since this release
v1.0
e472b4a
This commit was signed with the committer’s verified signature. The key has expired.
bbengfort Benjamin Bengfort
GPG key ID: 6737E124F0D6AB12
Expired
Learn about vigilant mode.

This is the initial release of the Whisper API that does what it says on the package: you can create secrets, fetch them, and destroy them. The secrets API supports passwords, fixed number of attempts and unlimited numbers of attempts, expirations and lifetimes, and filenames. Secrets are currently stored in Google Secret Manager and passwords are verified with the Argon2 derived key algorithm.

This release also has a CLI application that makes it easy to interact with the API inside of a development environment. We're hoping it's a very strong start to this internal development service!

Changelog

e472b4a Documentation and Postman
a2e8910 Secret Manager Integration (#6)
d873e55 Deployment Configuration (#5)
21d1c83 fix codecov badge
c311a52 Adds argon2 derived key password checking (#4)
463abdc Complete API logic and accesses limit (#3)
28c959c Create and Fetch Secrets (#1)
a066c28 API versioning and v1 data structures

About

The whisper service is an internal helper tool used at Rotational Labs to share
secrets and secret files securely. We've made the code open source and are happy to
have general contributions that enhance the project, and have made these releases
freely available with no warranty to anyone who would like to use them.

Please note that because this service is primarily internal to Rotational Labs it is
focused on the needs of Rotational's engineering team. Rotational Labs makes no
guarantees or warranties about the security of this software project and provides
all compiled binaries as is for general use. Use at your own risk!

Assets 11
Loading