Skip to content

Comments

Replace keytar with @napi-rs/keyring for OS keychain access#7

Open
chocholous wants to merge 1 commit intoapify:mainfrom
chocholous:replace-keytar-with-napi-keyring
Open

Replace keytar with @napi-rs/keyring for OS keychain access#7
chocholous wants to merge 1 commit intoapify:mainfrom
chocholous:replace-keytar-with-napi-keyring

Conversation

@chocholous
Copy link

Summary

  • Replaces deprecated keytar package with @napi-rs/keyring for OS keychain access
  • keytar has persistent native module build issues across platforms; @napi-rs/keyring ships prebuilt binaries via napi-rs and is actively maintained
  • All keychain operations (store/read/delete for OAuth client info, tokens, session headers, proxy bearer tokens) are migrated to the new API

Changes

  • src/lib/auth/keychain.ts — migrated from keytar async API (keytar.setPassword/getPassword/deletePassword) to @napi-rs/keyring sync API (new Entry(service, account).setPassword/getPassword/deletePassword)
  • package.json — replaced keytar: ^7.9.0 with @napi-rs/keyring: ^1.2.0

Test plan

  • npm run build passes
  • npm test (unit + E2E) passes
  • Manual verification of @napi-rs/keyring API: setPassword, getPassword, deletePassword all work correctly on macOS
  • Verify OAuth login/logout flow with a real MCP server
  • Verify on Linux (may need libsecret like keytar)

🤖 Generated with Claude Code

keytar is deprecated and has persistent build issues with native modules
across different platforms. @napi-rs/keyring is a modern, actively
maintained alternative with prebuilt binaries via napi-rs.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant