Sublime Forum

Hardware store for credentials support

#1

Hi,

I recently upgraded my investment (license) from Sublime Text 4 only, to a bundled one including Sublime Merge. So I can use it with my home lab, administration, productivity, study and development laptop.

The laptop happens to have a Secure Enclave where credentials can be stored. I am wondering whether it’s possible please for support to be added to Sublime Merge and/or Sublime Text, so that it supports using credentials in hardware based security? This would be useful for protecting such credentials, especially in highly regulated industries where such credentials must never leave where they are held, as well as security conscious individuals.

0 Likes

#2

Neither Sublime Text nor Sublime Merge store credentials.

Sublime Merge uses git’s default mechanisms to authenticate to remote servers. Thus it is within git’s responsibility to manage and store them in a safe manner.

Sublime Text plugins could theoretically use keyring library to load/store credentials. It supports a wide variety of backends to store them in OS-specific credential stores.

0 Likes

#3

I mean having in the user interface the capacity to when for example, carrying out actions in Git via Sublime Merge. Ensure that the UI enables these functions even if they are handled by Git.

Also utilising OpenSC as a backend would seriously help.

0 Likes

#4

Also utilising OpenSC then permits using PKCS#11 based credential technologies.

@bschaaf Having support for this functionality in Sublime Merge, especially given the new regulations in regards to secure software development and/or maintenance coming or has arrived around the world, which would aid compliance!!

So please add this to Sublime Merge, during the development cycle SublimeHQ development teams.

0 Likes

#5

What specifically are you expecting us to implement? Git just needs to be configured to use whatever credential storage or signing technology you have and then it should work in Sublime Merge.

0 Likes