From 16854e8b24a3b00d9d5dbd285bbe3b93ee47ce1c Mon Sep 17 00:00:00 2001 From: Gab Virebent Date: Mon, 6 Jul 2026 16:34:47 +0200 Subject: Guard key material in RAM with memguard, add Markdown preview for message field Reader now keeps the private key bytes and the per-submission ECDH/HKDF secrets in memguard.LockedBuffer (mlock + guaranteed wipe) instead of a manual zero loop. Added a regression test for the decrypt path. Message field gets a self-hosted Markdown toggle preview (no external library): headers, bold/italic, inline code, code blocks, blockquotes, lists, links. Output is HTML-escaped and link schemes are whitelisted before rendering. Submitted content is still the raw Markdown source, unchanged on the wire. --- go.mod | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'go.mod') diff --git a/go.mod b/go.mod index 2401581..1a89b6f 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,12 @@ module nymdrop go 1.26.2 require ( - golang.org/x/crypto v0.51.0 // indirect - golang.org/x/net v0.54.0 // indirect + github.com/awnumar/memguard v0.23.0 + golang.org/x/crypto v0.51.0 + golang.org/x/net v0.54.0 +) + +require ( + github.com/awnumar/memcall v0.4.0 // indirect + golang.org/x/sys v0.44.0 // indirect ) -- cgit v1.2.3