Thanks for taking the time to improve Keysoft.
Keysoft is security-sensitive software. Changes should be small, reviewable, and backed by tests when they affect authentication, cryptography, storage, biometrics, import/export, notifications, or release configuration.
bun install
bun run startAndroid development uses Expo Go for day-to-day work. Release-grade validation for Argon2 and native modules requires an EAS/native Android build.
Run:
bun run typecheck
bun run lint
bun run test
bunx expo-doctorFor Android release-related changes, also run:
bunx expo export --platform android --output-dir C:\tmp\keysoft-android-exportThe main branch is protected. External contributors should submit changes
through pull requests; direct pushes are reserved for the repository owner.
Pull requests require the Validate CI check and one approving review before
merge.
- Do not commit keystores, certificates, passwords, tokens,
.envfiles, or anything from.secrets/. - Do not log PINs, vault keys, passwords, note content, backup payloads, or biometric SecureStore values.
- Use
src/utils/cryptoRandom.tsfor randomness. - Keep user-visible strings in both
src/locales/it.tsandsrc/locales/en.ts. - Treat changes to KDF parameters, vault encryption, biometric unlock, and backup formats as security-sensitive.
Use focused PRs with:
- A concise summary of behavior changes.
- Tests run and their results.
- Screenshots only for UI changes.
- Explicit notes for migrations, release config, permissions, or security tradeoffs.