Important: As of June 2019, Freedom of the Press Foundation has discontinued its work on the Sunder project. For actively maintained implementations of Shamir's Secret Sharing, consider using Mozilla SOPS or Hashicorp Vault.
Sunder is an implementation of Shamir's Secret Sharing based on the RustySecrets library. It is alpha-quality software and has not been audited. Please see the documentation for details.
You will need Node and NPM. We use Node LTS for Sunder development, most recently Node v8.9.4 and NPM v5.6.0. Prior versions of Node and NPM may also work, but we are not trying to maintain compatability with them at this time.
To perform secret splitting and recovery, Sunder depends on rusty-secrets, a native module written in Rust.
This package requires a stable version of the Rust toolchain. Please see the Rust documentation for installation instructions.
If you have questions or comments, you can join us in our Gitter chat room.
- Clone the git repository
npm installnpm run dev
For development use npm run dev. This does two things: it starts an electron instance with development features enabled, and it starts a webpack dev server. The dev server is to enable 'hot module reloading', which means that changes to the source on your file system will be reflected in the running application code in real time.
If you get an error from node-gyp during npm install, note that it expects python to resolve to Python 2.x.
- To run the unit tests:
make test-unit - For development you might enjoy the continuously updating tests:
npm run test-watch - The end-to-end integration suite can be run with
make test-e2e. Note that this runs agains built code, sonpm run build-appwill run beforehand. - To run all tests, use
make test. Again,npm run build-appwill run before the integration tests.
Linux packages are built in a docker container, so they can be built on either Linux or Mac OS X. You will need to install the following prerequisites for the build environment:
Once you have the prerequisites installed, you should be able to
make build-deb
Packages will be found in dist/.
To package up the app for your current platform (e.g. OS X):
make build-dmg
Note that this will run build-app so there's no need to run that beforehand.
Packages will be stored in dist/<platform>.
Code signing is handled automatically by the electron-builder package. All you should need to do is add the signing identity through xcode, and electron-builder will discover it automatically. See Apple documentation and electron-builder documentation for more info.
Install the requirements (use of virtualenv is highly recommended), then pull up a live reload interface for editing:
pip install -r requirements.txt
make docs
You can check for common syntax and formatting errors in the documentation without pushing to CI:
make docs-lint
The linting process will rebuild all local assets from scratch, so it cannot
be used at the same time as make docs.