feat(anilist): enforce encrypted token storage and default gnome-libsecret

2026-02-27 18:22:41 -08:00 · 2026-02-23 23:53:53 -08:00
parent b989508ece
commit a2735eaedc
5 changed files with 179 additions and 26 deletions
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -450,6 +450,8 @@ Setup flow details:
 2. Leave `anilist.accessToken` empty and restart SubMiner (or run `--anilist-setup`) to trigger setup.
 3. Approve access in AniList.
 4. Callback flow returns to SubMiner via `subminer://anilist-setup?...`, and SubMiner stores the token automatically.
+   - Encryption backend: Linux defaults to `gnome-libsecret`.
+     Override with `--password-store=<backend>` (for example `--password-store=basic_text`).

 Token + detection notes:

--- a/docs/usage.md
+++ b/docs/usage.md
@@ -94,6 +94,8 @@ SubMiner.AppImage --help                  # Show all options
 - `--background` defaults to quieter logging (`warn`) unless `--log-level` is set.
 - `--background` launched from a terminal detaches and returns the prompt; stop it with tray Quit or `SubMiner.AppImage --stop`.
 - Linux desktop launcher starts SubMiner with `--background` by default (via electron-builder `linux.executableArgs`).
+- On Linux, the app now defaults `safeStorage` to `gnome-libsecret` for encrypted token persistence.
+  Override with e.g. `--password-store=basic_text`.
 - Use both when needed, for example `SubMiner.AppImage --start --dev --log-level debug`.

 ### Launcher Subcommands