Merge branch 'next' into master

.dependabot/config.yml

@@ -0,0 +1,42 @@
+version: 1
+update_configs:
+  # Dependencies
+  - package_manager: javascript
+    directory: /
+    update_schedule: live
+    default_assignees:
+      - franky47
+    automerged_updates:
+      - match:
+          dependency_type: development
+          update_type: all
+      - match:
+          dependency_type: production
+          update_type: in_range
+      - match:
+          dependency_type: production
+          update_type: security:patch
+  # Demo Dependencies
+  - package_manager: javascript
+    directory: /demo
+    update_schedule: live
+    default_assignees:
+      - franky47
+    automerged_updates:
+      - match:
+          dependency_type: development
+          update_type: all
+      - match:
+          dependency_type: production
+          update_type: in_range
+      - match:
+          dependency_type: production
+          update_type: security:patch
+  # GitHub Actions
+  - package_manager: github_actions
+    directory: /
+    update_schedule: weekly
+    default_reviewers:
+      - franky47
+    default_assignees:
+      - franky47

.github/workflows/cd.yml

@@ -0,0 +1,39 @@
+name: Continuous Delivery
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  cd:
+    name: Continuous Delivery
+    runs-on: ubuntu-latest
+    steps:
+      - id: yarn-cache
+        name: Get Yarn cache path
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+      - uses: actions/checkout@722adc6
+      - uses: actions/setup-node@1c5c137
+        with:
+          node-version: 12.x
+      - uses: actions/cache@70655ec
+        name: Load Yarn cache
+        with:
+          path: ${{ steps.yarn-cache.outputs.dir }}
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+      - run: yarn install --ignore-scripts
+        name: Install dependencies
+      - run: yarn build
+        name: Build package
+
+      # Continuous Delivery Pipeline --
+
+      - uses: codfish/semantic-release-action@a313b22
+        name: Semantic Release
+        id: semantic
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/ci.yml

@@ -0,0 +1,47 @@
+name: Continuous Integration
+
+on:
+  push:
+    branches:
+      - next
+      - feature/*
+      - dependabot/*
+  pull_request:
+    types: [opened, edited, reopened]
+
+jobs:
+  ci:
+    name: Continuous Integration
+    runs-on: ubuntu-latest
+    steps:
+      - id: yarn-cache
+        name: Get Yarn cache path
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+      - uses: actions/checkout@722adc6
+      - uses: actions/setup-node@1c5c137
+        with:
+          node-version: 12.x
+      - uses: actions/cache@70655ec
+        name: Load Yarn cache
+        with:
+          path: ${{ steps.yarn-cache.outputs.dir }}
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+      - run: yarn install --ignore-scripts
+        name: Install dependencies
+      - run: yarn ci
+        name: Run integration tests
+      - uses: coverallsapp/github-action@832e70b
+        name: Report code coverage
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: 8398a7/action-slack@78391c2
+        name: Notify on Slack
+        if: always() # Pick up events even if the job fails or is canceled.
+        with:
+          status: ${{ job.status }}
+          author_name: Continuous Integration
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

.gitignore

@@ -2,6 +2,4 @@ node_modules/
 dist/
 .env
 yarn-error.log
-
-# Docker containers with persistance
-.volumes/
+coverage/

.npmignore

@@ -1,6 +1,9 @@
 **/*.test.ts
 tsconfig.json
-nodemon.json
 .env
 .volumes/
 yarn-error.log
+.github/**
+src/**
+coverage/
+.dependabot/

README.md

@@ -6,10 +6,9 @@
 
 [![NPM](https://img.shields.io/npm/v/session-keystore?color=red)](https://www.npmjs.com/package/session-keystore)
 [![MIT License](https://img.shields.io/github/license/47ng/session-keystore.svg?color=blue)](https://github.com/47ng/session-keystore/blob/master/LICENSE)
-[![Travis CI Build](https://img.shields.io/travis/com/47ng/session-keystore.svg)](https://travis-ci.com/47ng/session-keystore)
+[![Continuous Integration](https://github.com/47ng/session-keystore/workflows/Continuous%20Integration/badge.svg?branch=next)](https://github.com/47ng/session-keystore/actions)
+[![Coverage Status](https://coveralls.io/repos/github/47ng/session-keystore/badge.svg?branch=next)](https://coveralls.io/github/47ng/session-keystore?branch=next)
 [![Dependabot Status](https://api.dependabot.com/badges/status?host=github&repo=47ng/session-keystore)](https://dependabot.com)
-[![Average issue resolution time](https://isitmaintained.com/badge/resolution/47ng/session-keystore.svg)](https://isitmaintained.com/project/47ng/session-keystore)
-[![Number of open issues](https://isitmaintained.com/badge/open/47ng/session-keystore.svg)](https://isitmaintained.com/project/47ng/session-keystore)
 
 Secure cryptographic key storage in the browser and Node.js
 
@@ -22,7 +21,7 @@ E2EE applications.
 - Session-bound: cleared when closing tab/window (browser-only)
 - Survives hard-reloads of the page (browser-only)
 - Optional expiration dates
-- Notification callbacks on key access, change and expiration
+- Event emitter API for key CRUD operations
 
 ## Installation
 
@@ -61,27 +60,35 @@ store.delete('foo')
 store.clear()
 ```
 
-## Notification callbacks
+## CRUD Event Emitter
 
-Pass callbacks to be notified on key access, change or expiration:
+Event types:
+
+- `created`
+- `read`
+- `updated`
+- `deleted`
+- `expired`
+
+Listen to events on a keystore with the `on` method:
 
 ```ts
 import SessionKeystore from 'session-keystore'
 
-const store = new SessionKeystore({
-  name: 'my-store',
-  onAccess: (keyName: string, callStack?: string) => {
-    console.info('Key access:', keyName, callStack)
-  },
-  onChanged: (keyName: string, callStack?: string) => {
-    console.warn('Key changed:', keyName, callStack)
-  },
-  onExpired: (keyName: string) => {
-    console.warn('Key has expired:', keyName)
-  }
-})
+const store = new SessionKeystore()
+store.on('created', ({ name }) => console.log('Key created: ', name))
+store.on('updated', ({ name }) => console.log('Key updated: ', name))
+store.on('deleted', ({ name }) => console.log('Key deleted: ', name))
+store.on('expired', ({ name }) => console.log('Key expired: ', name))
+store.on('read', ({ name }) => console.log('Key accessed: ', name))
 ```
 
+Note: `deleted` will be called when the key has been manually deleted,
+and `expired` when its expiration date has arrived.
+
+When setting a key that is already expired, `created` or `updated` will
+NOT be called, and `expired` will be called instead.
+
 ## TypeScript
 
 `session-keystore` is written in TypeScript. You can tell a store about the keys it is supposed to hold:
@@ -103,7 +110,7 @@ This can be handy if you have multiple stores, to avoid accidental key leakage.
 Heavily inspired from the [Secure Session Storage](https://github.com/ProtonMail/proton-shared/blob/master/lib/helpers/secureSessionStorage.js#L7) implementation by [ProtonMail](https://protonmail.com),
 itself inspired from Thomas Frank's [SessionVars](https://www.thomasfrank.se/sessionvars.html).
 
-Read the [writeup article on dev.to](https://dev.to/franky47/how-to-store-e2ee-keys-in-the-browser-2550).
+Read the [writeup article](https://francoisbest.com/posts/2019/how-to-store-e2ee-keys-in-the-browser) on [my blog](https://francoisbest.com/posts).
 
 From the ProtonMail documentation:
 

demo/package.json

@@ -10,12 +10,12 @@
   },
   "dependencies": {
     "parcel-bundler": "^1.12.4",
-    "react": "^16.12.0",
-    "react-dom": "^16.12.0",
-    "serve": "^11.2.0"
+    "react": "^16.13.1",
+    "react-dom": "^16.13.1",
+    "serve": "^11.3.0"
   },
   "devDependencies": {
-    "@types/react": "^16.9.16",
-    "@types/react-dom": "^16.9.4"
+    "@types/react": "^16.9.34",
+    "@types/react-dom": "^16.9.7"
   }
 }

demo/yarn.lock

@@ -765,17 +765,17 @@
   resolved "https://registry.yarnpkg.com/@types/q/-/q-1.5.2.tgz#690a1475b84f2a884fd07cd797c00f5f31356ea8"
   integrity sha512-ce5d3q03Ex0sy4R14722Rmt6MT07Ua+k4FwDfdcToYJcMKNtRVQvJ6JCAPdAmAnbRb6CsX6aYb9m96NGod9uTw==
 
-"@types/react-dom@^16.9.4":
-  version "16.9.4"
-  resolved "https://registry.yarnpkg.com/@types/react-dom/-/react-dom-16.9.4.tgz#0b58df09a60961dcb77f62d4f1832427513420df"
-  integrity sha512-fya9xteU/n90tda0s+FtN5Ym4tbgxpq/hb/Af24dvs6uYnYn+fspaxw5USlw0R8apDNwxsqumdRoCoKitckQqw==
+"@types/react-dom@^16.9.7":
+  version "16.9.7"
+  resolved "https://registry.yarnpkg.com/@types/react-dom/-/react-dom-16.9.7.tgz#60844d48ce252d7b2dccf0c7bb937130e27c0cd2"
+  integrity sha512-GHTYhM8/OwUCf254WO5xqR/aqD3gC9kSTLpopWGpQLpnw23jk44RvMHsyUSEplvRJZdHxhJGMMLF0kCPYHPhQA==
   dependencies:
     "@types/react" "*"
 
-"@types/react@*", "@types/react@^16.9.16":
-  version "16.9.16"
-  resolved "https://registry.yarnpkg.com/@types/react/-/react-16.9.16.tgz#4f12515707148b1f53a8eaa4341dae5dfefb066d"
-  integrity sha512-dQ3wlehuBbYlfvRXfF5G+5TbZF3xqgkikK7DWAsQXe2KnzV+kjD4W2ea+ThCrKASZn9h98bjjPzoTYzfRqyBkw==
+"@types/react@*", "@types/react@^16.9.34":
+  version "16.9.34"
+  resolved "https://registry.yarnpkg.com/@types/react/-/react-16.9.34.tgz#f7d5e331c468f53affed17a8a4d488cd44ea9349"
+  integrity sha512-8AJlYMOfPe1KGLKyHpflCg5z46n0b5DbRfqDksxBLBTUpB75ypDBAO9eCUcjNwE6LCUslwTz00yyG/X9gaVtow==
   dependencies:
     "@types/prop-types" "*"
     csstype "^2.2.0"
@@ -4481,25 +4481,25 @@ rc@^1.0.1, rc@^1.1.6, rc@^1.2.7:
     minimist "^1.2.0"
     strip-json-comments "~2.0.1"
 
-react-dom@^16.12.0:
-  version "16.12.0"
-  resolved "https://registry.yarnpkg.com/react-dom/-/react-dom-16.12.0.tgz#0da4b714b8d13c2038c9396b54a92baea633fe11"
-  integrity sha512-LMxFfAGrcS3kETtQaCkTKjMiifahaMySFDn71fZUNpPHZQEzmk/GiAeIT8JSOrHB23fnuCOMruL2a8NYlw+8Gw==
+react-dom@^16.13.1:
+  version "16.13.1"
+  resolved "https://registry.yarnpkg.com/react-dom/-/react-dom-16.13.1.tgz#c1bd37331a0486c078ee54c4740720993b2e0e7f"
+  integrity sha512-81PIMmVLnCNLO/fFOQxdQkvEq/+Hfpv24XNJfpyZhTRfO0QcmQIF/PgCa1zCOj2w1hrn12MFLyaJ/G0+Mxtfag==
   dependencies:
     loose-envify "^1.1.0"
     object-assign "^4.1.1"
     prop-types "^15.6.2"
-    scheduler "^0.18.0"
+    scheduler "^0.19.1"
 
 react-is@^16.8.1:
   version "16.12.0"
   resolved "https://registry.yarnpkg.com/react-is/-/react-is-16.12.0.tgz#2cc0fe0fba742d97fd527c42a13bec4eeb06241c"
   integrity sha512-rPCkf/mWBtKc97aLL9/txD8DZdemK0vkA3JMLShjlJB3Pj3s+lpf1KaBzMfQrAmhMQB0n1cU/SUGgKKBCe837Q==
 
-react@^16.12.0:
-  version "16.12.0"
-  resolved "https://registry.yarnpkg.com/react/-/react-16.12.0.tgz#0c0a9c6a142429e3614834d5a778e18aa78a0b83"
-  integrity sha512-fglqy3k5E+81pA8s+7K0/T3DBCF0ZDOher1elBFzF7O6arXJgzyu/FW+COxFvAWXJoJN9KIZbT2LXlukwphYTA==
+react@^16.13.1:
+  version "16.13.1"
+  resolved "https://registry.yarnpkg.com/react/-/react-16.13.1.tgz#2e818822f1a9743122c063d6410d85c1e3afe48e"
+  integrity sha512-YMZQQq32xHLX0bz5Mnibv1/LHb3Sqzngu7xstSM+vrkE5Kzr9xE0yMByK5kMoTK30YVJE61WfbxIFFvfeDKT1w==
   dependencies:
     loose-envify "^1.1.0"
     object-assign "^4.1.1"
@@ -4789,10 +4789,10 @@ saxes@^3.1.9:
   dependencies:
     xmlchars "^2.1.1"
 
-scheduler@^0.18.0:
-  version "0.18.0"
-  resolved "https://registry.yarnpkg.com/scheduler/-/scheduler-0.18.0.tgz#5901ad6659bc1d8f3fdaf36eb7a67b0d6746b1c4"
-  integrity sha512-agTSHR1Nbfi6ulI0kYNK0203joW2Y5W4po4l+v03tOoiJKpTBbxpNhWDvqc/4IcOw+KLmSiQLTasZ4cab2/UWQ==
+scheduler@^0.19.1:
+  version "0.19.1"
+  resolved "https://registry.yarnpkg.com/scheduler/-/scheduler-0.19.1.tgz#4f3e2ed2c1a7d65681f4c854fa8c5a1ccb40f196"
+  integrity sha512-n/zwRWRYSUj0/3g/otKDRPMh6qv2SYMWNq85IEa8iZyAv8od9zDYpGSnpBEjNgcMNq6Scbu5KfIPxNF72R/2EA==
   dependencies:
     loose-envify "^1.1.0"
     object-assign "^4.1.1"
@@ -4855,10 +4855,10 @@ serve-static@^1.12.4:
     parseurl "~1.3.3"
     send "0.17.1"
 
-serve@^11.2.0:
-  version "11.2.0"
-  resolved "https://registry.yarnpkg.com/serve/-/serve-11.2.0.tgz#0405ce95c4e4a6abd9cd3d3a04ebaa7d94638627"
-  integrity sha512-THZcLzDGk3vJqjhAbLkLag43tiE3V0B7wVe98Xtl+1KyAsr+4iShg+9hke4pLZmrCJu0pUg0TrbhJmdqn/MKoA==
+serve@^11.3.0:
+  version "11.3.0"
+  resolved "https://registry.yarnpkg.com/serve/-/serve-11.3.0.tgz#1d342e13e310501ecf17b6602f1f35da640d6448"
+  integrity sha512-AU0g50Q1y5EVFX56bl0YX5OtVjUX1N737/Htj93dQGKuHiuLvVB45PD8Muar70W6Kpdlz8aNJfoUqTyAq9EE/A==
   dependencies:
     "@zeit/schemas" "2.6.0"
     ajv "6.5.3"