{"id":29542495,"url":"https://github.com/caball-ero/passanova","last_synced_at":"2026-05-07T15:33:56.552Z","repository":{"id":302642713,"uuid":"1013130142","full_name":"caball-ero/PassaNova","owner":"caball-ero","description":"PassaNova is a full-featured password manager built with Python and Flask, designed for secure credential storage and retrieval. It emphasizes strong encryption, robust authentication, and modern web practices to ensure data protection and ease of use","archived":false,"fork":false,"pushed_at":"2025-07-03T12:32:44.000Z","size":10,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-03T13:32:44.137Z","etag":null,"topics":["aes-gcm","argon2","flask","html","jinja","pbkdf2","python","sqlite"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/caball-ero.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-07-03T12:03:43.000Z","updated_at":"2025-07-03T12:32:48.000Z","dependencies_parsed_at":"2025-07-03T13:34:25.187Z","dependency_job_id":"10eec815-f320-4c9c-a9fa-96877273fe16","html_url":"https://github.com/caball-ero/PassaNova","commit_stats":null,"previous_names":["caball-ero/passanova"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/caball-ero/PassaNova","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caball-ero%2FPassaNova","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caball-ero%2FPassaNova/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caball-ero%2FPassaNova/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caball-ero%2FPassaNova/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/caball-ero","download_url":"https://codeload.github.com/caball-ero/PassaNova/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caball-ero%2FPassaNova/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265598359,"owners_count":23795312,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes-gcm","argon2","flask","html","jinja","pbkdf2","python","sqlite"],"created_at":"2025-07-17T11:03:11.355Z","updated_at":"2025-10-26T05:44:12.241Z","avatar_url":"https://github.com/caball-ero.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PassaNova\n\n**Secure, modern password manager built with Python \u0026 Flask.**\n\n\u003e PassaNova stores your credentials in an AES‑256‑GCM–encrypted vault, protected by an Argon2‑hashed master password. 100% local encryption, zero plaintext exposure.\n\n---\n\n## Features\n\n- **Argon2‑protected master account** — strong, salted hashing\n- **Full CRUD vault** — create, read, update, delete credentials\n- **AES‑256‑GCM encryption** — per‑entry nonce \u0026 PBKDF2‑derived key\n- **Re‑authentication gates** — sensitive operations prompt for password again\n- **Modular OOP design** — separate `Cipher` (crypto) \u0026 `Vault` (data) classes\n- **Flask Web UI** — clean, responsive templates\n- **Logging \u0026 error handling** — secure logging without leaking secrets\n\n---\n\n## Architecture at a Glance\n\n```\n          +------------+\n          |  Browser   |\n          +-----+------+                +-------------+\n                | HTTP(S) requests      |  Database   |\n+---------------v---------------+       |  (SQLite)   |\n|            Flask              |       +------+------+\n|  ┌──────────────┐   ┌────────┐ |\n|  |  Routes    |   | Render  | |\n|  |  /login    |   |  HTML   | |\n|  └─────────┘   └───────┘ |\n|        | session auth         |       +------+------+\n|  +-----v-----+       +--------v---+   +------+------+\n|  |  Cipher   |\u003c-----\u003e|   Vault    |\u003c--|  Cipher     |\n|  +-----------+       +------------+   +-------------+\n|      (AES‑GCM)         (CRUD ops)         (Argon2)   |\n+------------------------------------------------------+\n```\n\n---\n\n## Tech Stack\n\n| Layer    | Tech                                    |\n| -------- | --------------------------------------- |\n| Language | Python 3.12                             |\n| Web      | Flask, Jinja2                           |\n| Crypto   | `cryptography` (AES‑GCM), `argon2‑cffi` |\n| DB (dev) | SQLite (MySQL planned)                  |\n| Frontend | HTML5, CSS (Bootstrap‑lite)             |\n\n---\n\n## Quickstart\n\n```bash\n# 1. Clone repo\n$ git clone https://github.com/\u003cyour‑user\u003e/PassaNova.git\n$ cd PassaNova\n\n# 2. Create \u0026 activate virtual env\n$ python -m venv venv\n$ source venv/bin/activate  # Windows: venv\\Scripts\\activate\n\n# 3. Install dependencies\n$ pip install -r requirements.txt\n\n# 4. Set a FLASK_SECRET_KEY env var or edit config.py\n\n# 5. Run\n$ python run.py\n```\n\nOpen `http://127.0.0.1:5000` in your browser and create your master account.\n\n---\n\n## Security Notes\n\n1. **Master Password** ➔ Argon2id (time_cost = 3, memory_cost = 64 MB, parallelism = 4)\n2. **Vault Entries** ➔ AES‑256‑GCM with per‑entry 12‑byte nonce\n3. **Key Derivation** ➔ PBKDF2‑HMAC‑SHA256, 100k iterations, unique 16‑byte salt per entry\n4. **No credentials in logs** — errors are logged securely via `logging.exception()`.\n\n---\n\n## Roadmap\n\n- Search \u0026 filtering interface\n- 2‑Factor Authentication (TOTP)\n- Migrate to MySQL for production\n- Encrypted export / import\n- Automated test suite (pytest)\n\n---\n\n## Contributing\n\nPull requests are welcome! Please open an issue first to discuss major changes.\n\n1. Fork the repo \u0026 clone locally.\n2. Create a feature branch: `git checkout -b feature/awesome`.\n3. Commit \u0026 push: `git push origin feature/awesome`.\n4. Open a PR.\n\n---\n\n## License\n\nThis project is licensed under the **MIT License** — see `LICENSE` for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcaball-ero%2Fpassanova","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcaball-ero%2Fpassanova","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcaball-ero%2Fpassanova/lists"}