Skip to content

refactor: Use standard use-local-storage hook#930

Merged
rm-hull merged 14 commits into
mainfrom
chore/use-local-storage
Nov 1, 2025
Merged

refactor: Use standard use-local-storage hook#930
rm-hull merged 14 commits into
mainfrom
chore/use-local-storage

Conversation

@rm-hull
Copy link
Copy Markdown
Owner

@rm-hull rm-hull commented Oct 31, 2025

This commit replaces the custom useLocalStorage implementation with the @rm-hull/use-local-storage package.

This migration allows for better management of serialization logic directly within the hook implementation.

Key changes:

  • The useGeneralSettings hook now returns an object
    { settings, updateSettings } instead of an array.
  • The useOtpParameters hook utilizes the library's Serializer
    interface to handle password-based encryption and decryption
    of stored OTP data.
  • Components consuming these hooks have been updated to use
    object destructuring instead of array destructuring.

@rm-hull
Refactor: Use standard use-local-storage hook
58a9aa7 
This commit replaces the custom `useLocalStorage` implementation
with the `@rm-hull/use-local-storage` package.

This migration allows for better management of serialization logic
directly within the hook implementation.

Key changes:

*   The `useGeneralSettings` hook now returns an object
    `{ settings, updateSettings }` instead of an array.
*   The `useOtpParameters` hook utilizes the library's `Serializer`
    interface to handle password-based encryption and decryption
    of stored OTP data.
*   Components consuming these hooks have been updated to use
    object destructuring instead of array destructuring.
@gemini-code-assist
Copy link
Copy Markdown
Contributor

gemini-code-assist Bot commented Oct 31, 2025

Summary of Changes

Hello @rm-hull, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the application's local storage management by migrating from a custom useLocalStorage hook to a standardized external library. This change streamlines the handling of data serialization, particularly for sensitive OTP parameters, and introduces a more consistent API for general settings, enhancing maintainability and security.

Highlights

  • Standardized Local Storage Hook: The custom useLocalStorage implementation has been replaced with the @rm-hull/use-local-storage package, improving serialization logic management.
  • Hook Return Type Change: The useGeneralSettings hook now returns an object { settings, updateSettings } instead of an array, requiring updates to consuming components.
  • Enhanced OTP Data Encryption: The useOtpParameters hook now leverages the new library's Serializer interface for robust password-based encryption and decryption of stored OTP data.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@rm-hull
Copy link
Copy Markdown
Owner Author

rm-hull commented Oct 31, 2025

See rm-hull/use-local-storage#33

gemini-code-assist[bot]

This comment was marked as outdated.

Sign in to view

@rm-hull
Bump up the jam
6d7ddaf
@rm-hull
Smorgasborg(?) of changes
92fe918
@rm-hull
fix: Throw error on failed OTP decryption
abbd27b 
Ensures that if `CryptoJS.AES.decrypt` fails (e.g., due to a bad
password), we throw an explicit error message rather than relying
on subsequent JSON parsing failure.
@rm-hull
Copy link
Copy Markdown
Owner Author

rm-hull commented Oct 31, 2025

/gemini review

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Oct 31, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request is a great refactoring that replaces a custom useLocalStorage hook with the standard @rm-hull/use-local-storage library. This simplifies the codebase and improves maintainability by leveraging a dedicated library for local storage management. The changes are well-executed, including the introduction of a custom Encrypter serializer and updating consumer components to the new hook API. I've found one high-severity issue related to the handling of a potentially undefined password which could make the application fragile. My suggestion aims to make the implementation more robust.

Comment thread src/hooks/useOtpParameters.ts Outdated
value: otpParams,
setValue: setOtpParams,
error,
} = useLocalStorage<OTP[]>("zaup2.otp-parameters", { serializer: new Encrypter(password!), initialValue: [] });
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Oct 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

Using the non-null assertion password! is risky. Although the application's structure with PasswordProtection currently seems to ensure password is defined when this hook is used, this creates a brittle dependency on the component hierarchy. A small change in the future could lead to a runtime crash if this hook is used where password is undefined.

A more robust approach is to make this hook self-contained and safe by using the disabled option from @rm-hull/use-local-storage when the password is not available. This will prevent any interaction with localStorage and avoid potential crashes.

Suggested change
} = useLocalStorage<OTP[]>("zaup2.otp-parameters", { serializer: new Encrypter(password!), initialValue: [] });
} = useLocalStorage<OTP[]>("zaup2.otp-parameters", { serializer: password ? new Encrypter(password) : undefined, initialValue: [], disabled: !password });

@rm-hull
feat: Add loading state and global toaster
b2cc3e5 
Exposes the `isLoading` status from `useLocalStorage` via
`useOtpParameters` to allow consumer components to handle
initial data hydration states properly.

Also integrates the global `Toaster` component for displaying
notifications across the application.
@rm-hull
refactor: Extract serializer classes
68939d1 
Extract `Encrypter` logic into `CryptoJsSerializer` to clean up the
`useOtpParameters` hook.

This commit also introduces the `WebCryptoSerializer` utility which
provides functions to decrypt data originally encrypted by CryptoJS
using the browser's native `window.crypto` methods (AES-CBC +
EVP_BytesToKey derivation).

This prepares the codebase for potentially migrating away from
`crypto-js`.
@rm-hull
imports
6eabc7f
@rm-hull
Merge branch 'main' into chore/use-local-storage
79e8be9
@rm-hull
Merge branch 'main' into chore/use-local-storage
db77fd1
@rm-hull
Merge branch 'main' of github.com:rm-hull/zaup2 into chore/use-local-…
1dfce64 
…storage

* 'main' of github.com:rm-hull/zaup2:
  refactor: Improve alert structure and data flow (#931)
@rm-hull
feat: Handle OTP loading and decryption errors
3a3afd3 
Introduces robust error handling for data retrieval and decryption:

*   Displays an error toast notification if the OTP data fails to load
    in the UI (`Group.tsx`).
*   Catches decryption/parsing failures in `CryptoJsSerializer` and
    throws an error that includes the original exception as the cause,
    improving debugging capabilities.
@coveralls
Copy link
Copy Markdown

coveralls commented Nov 1, 2025
edited
Loading

Pull Request Test Coverage Report for Build 19000948021

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 1887 unchanged lines in 1 file lost coverage.
  • Overall coverage remained the same at 2.442%
Files with Coverage Reduction New Missed Lines %
.pnp.cjs 1887 2.37%
Totals Coverage Status
Change from base Build 19000941118: 0.0%
Covered Lines: 98
Relevant Lines: 4198
💛 - Coveralls

@rm-hull
feat: Proactively block serialization on bad password
19121d2 
Refactors the `WebCryptoSerializer` to track password verification
status.

- Serialization is blocked if the password previously failed
  decryption checks.
- Decryption failures now set the internal bad password state and
  throw a richer error.

Also, removed local error handling (toasting) in `<Group />` component
to ensure data loading errors are propagated via `throw error;` for
centralized error boundary management.
@rm-hull
refactor: Remove WebCrypto/CryptoJS serializer
748cb27 
The custom WebCrypto/CryptoJS based serializer was deleted.

This file contained complex logic to ensure decryption compatibility
with data originally encrypted using CryptoJS, including MD5-based
`EVP_BytesToKey` derivation. This implementation is no longer
required.
@rm-hull rm-hull force-pushed the chore/use-local-storage branch from 541e6a8 to 748cb27 Compare November 1, 2025 18:18
@rm-hull rm-hull changed the title Refactor: Use standard use-local-storage hook refactor: Use standard use-local-storage hook Nov 1, 2025
@rm-hull rm-hull merged commit 2f36a91 into main Nov 1, 2025
2 checks passed
@rm-hull rm-hull deleted the chore/use-local-storage branch November 1, 2025 18:35
rm-hull added a commit that referenced this pull request Nov 2, 2025
@rm-hull
Merge branch 'main' of github.com:rm-hull/zaup2 into feat/webcrypto
743a440 
* 'main' of github.com:rm-hull/zaup2:
  chore: Update chakra-error-fallback dependency
  chore: Extract ErrorFallback to external lib
  refactor: Use standard `use-local-storage` hook (#930)
  feat: Enhance error fallback with source maps (#932)
  refactor(Redirect): Condense logic and return null
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rm-hull @coveralls