Passwords are being stored in clear text

[almereyda]

Coming from the discussion in #44, we have discovered that credential storage is leaking private credentials where unneccessary. A possibility to circumvent that could be a command switch to launch an interactive REPL to query for the password during runtime, instead of leaving it as plain text in the file system.

Where in

ce7737a

we ask ourselves to find a better way to do this, #25 offers a possible implementation route.

[maxlath]

as I see it:

• OAuth would be an improvement as it would lower the power of the credentials we have to handle, but we would still have credentials supposedly secret to handle
• this handling can hardly be done without persisting those credentials to the file system, the alternative proposition to request the password at every session being, in my opinion, not an acceptable solution: as a user, I want to deal with setting up my credentials once and forget about it
• a possible workaround would be to rely on the system password management system (using a module like keytar maybe?), but that would probably require to run the program in sudo mode at some point

[maxlath]

OAuth authentification is now possible (and recommanded!) in wikibase-cli >= v8 \o/
see config documentation