{"id":50536947,"url":"https://github.com/nuwax-io/nuwault-web","last_synced_at":"2026-06-03T17:01:37.200Z","repository":{"id":303492304,"uuid":"1015653665","full_name":"nuwax-io/nuwault-web","owner":"nuwax-io","description":"Advanced keyword-based password generator with client-side security, privacy focus and PWA support","archived":false,"fork":false,"pushed_at":"2025-12-13T01:08:23.000Z","size":963,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-12-14T15:58:03.918Z","etag":null,"topics":["client-side","cryptography","deterministic","hashing","offline","password-generator","password-strength","privacy-first","pwa","security","web-crypto"],"latest_commit_sha":null,"homepage":"https://nuwault.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nuwax-io.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":"COPYRIGHT","agents":null,"dco":null,"cla":null}},"created_at":"2025-07-07T20:46:15.000Z","updated_at":"2025-12-13T01:08:26.000Z","dependencies_parsed_at":"2025-07-08T00:49:15.443Z","dependency_job_id":"b5330504-32fd-4019-bfc7-6b18f8448f34","html_url":"https://github.com/nuwax-io/nuwault-web","commit_stats":null,"previous_names":["nuwa-x/nuwault","nuwax-io/nuwault-web"],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/nuwax-io/nuwault-web","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nuwax-io%2Fnuwault-web","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nuwax-io%2Fnuwault-web/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nuwax-io%2Fnuwault-web/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nuwax-io%2Fnuwault-web/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nuwax-io","download_url":"https://codeload.github.com/nuwax-io/nuwault-web/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nuwax-io%2Fnuwault-web/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33874679,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-03T02:00:06.370Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["client-side","cryptography","deterministic","hashing","offline","password-generator","password-strength","privacy-first","pwa","security","web-crypto"],"created_at":"2026-06-03T17:01:35.495Z","updated_at":"2026-06-03T17:01:37.191Z","avatar_url":"https://github.com/nuwax-io.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n![Nuwault Logo](public/assets/img/logo/nuwault_logo_horizontal_teal_360px.png)\n\n**Advanced keyword-based password generator with client-side security and privacy focus**\n\n[![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)\n[![Node.js](https://img.shields.io/badge/Node.js-18%2B-339933?logo=node.js\u0026logoColor=white)](https://nodejs.org/)\n[![Vite](https://img.shields.io/badge/Vite-7.1.12-646CFF?logo=vite\u0026logoColor=white)](https://vitejs.dev/)\n[![Tailwind CSS](https://img.shields.io/badge/Tailwind_CSS-4.1.16-38B2AC?logo=tailwind-css\u0026logoColor=white)](https://tailwindcss.com/)\n[![PWA](https://img.shields.io/badge/PWA-Ready-5A0FC8?logo=pwa\u0026logoColor=white)](https://web.dev/progressive-web-apps/)\n\n[Live Demo](https://nuwault.com) • [Documentation](#documentation) • [Features](#features) • [Quick Start](#quick-start)\n\n\u003c/div\u003e\n\n## Overview\n\nNuwault is a secure, privacy-focused password generator that creates deterministic passwords from your keywords. All password generation happens client-side using our advanced [@nuwax-io/nuwault-core](https://github.com/nuwax-io/nuwault-core) algorithm library.\n\n### Why Nuwault?\n\n- **Client-Side Security**: All processing happens in your browser\n- **Deterministic**: Same keywords always generate the same password\n- **No Storage**: Passwords are generated on-demand, never stored\n- **Progressive Web App**: Install as a native app on any device\n- **Works Offline**: No internet connection required after installation (requires browser cache enabled)\n\n## Features\n\n### Core Functionality\n- **Keyword-Based Generation**: Use memorable keywords to create secure passwords\n- **Real-time Strength Analysis**: Advanced password strength meter with detailed feedback\n- **Customizable Options**: Configure length, character types, and complexity\n- **Multi-language Support**: Available in multiple languages\n\n### Security Features\n- **Advanced Algorithm**: Uses [@nuwax-io/nuwault-core](https://github.com/nuwax-io/nuwault-core) for cryptographically secure generation\n- **Client-Side Only**: Your data never leaves your device\n- **Deterministic Generation**: Same inputs always produce same outputs\n- **No Network Requests**: Complete privacy protection\n\n### Progressive Web App\n- **Offline Functionality**: Full functionality without internet (requires browser cache enabled)\n- **Native Experience**: App-like interface and behavior\n- **Cross-Platform**: Works on desktop, mobile, and tablets\n- **Auto-Updates**: Seamless updates in the background\n\n## Quick Start\n\n### Prerequisites\n- Node.js 18+ \n- npm 9+\n\n### Installation\n\n```bash\n# Clone the repository\ngit clone https://github.com/nuwax-io/nuwault-web.git\ncd nuwault\n\n# Install dependencies\nnpm install\n\n# Start development server\nnpm run dev\n```\n\n### Development Commands\n\n```bash\nnpm run dev              # Start development server\nnpm run build            # Build for production\nnpm run build:pwa        # Build with PWA optimization\nnpm run preview          # Preview production build\nnpm run pwa:setup        # Setup PWA features\n```\n\n**Note**: After first build, the app works offline if browser cache is enabled. Private/incognito mode may prevent offline functionality.\n\n## Password Generation Algorithm\n\nNuwault uses the **[@nuwax-io/nuwault-core](https://github.com/nuwax-io/nuwault-core)** library for secure password generation. This advanced algorithm ensures deterministic, secure, and balanced password creation.\n\n### Algorithm Overview\n\n#### Core Process\n1. **Input Validation**: Validates and sanitizes input strings\n2. **Normalization**: Converts inputs to lowercase, removes diacritics\n3. **Hash Generation**: Multiple SHA-512 iterations with unique salts\n4. **Character Distribution**: Advanced algorithms for balanced output\n5. **Deterministic Shuffle**: Consistent results across generations\n\n#### Character Distribution\nThe library uses sophisticated algorithms to ensure balanced character distribution with minimal repetition:\n\n- **Adaptive Distribution**: Different strategies based on password length\n- **Character Repetition Control**: Dynamic maximum repetition limits\n- **Intelligent Character Selection**: Multi-layer selection algorithm\n- **Character Diversity Optimization**: Maximizes unique character usage\n- **Weighted Selection**: Symbols and numbers get higher priority in longer passwords\n- **Deterministic Shuffle**: Fisher-Yates shuffle using hash entropy for consistent results\n\n#### Hash Generation Security\n- **Multiple Iterations**: Configurable iterations (default: 1000) prevent rainbow table attacks\n- **Unique Salt per Iteration**: Each iteration uses a unique salt combining master salt, iteration counter, and previous hash\n- **Master Salt Integration**: When provided, prepended to every iteration for unique password variants\n- **Timing Attack Prevention**: Small delays during first iteration\n- **Input Entropy Validation**: Minimum combined input length requirements\n\n### Security \u0026 Validation\n\n#### Security Features\n- **Multiple Hash Iterations**: Configurable iterations (default: 1000) to prevent rainbow table attacks\n- **Optional Master Salt**: User-provided master salt for additional security (null by default)\n- **Unique Salt per Iteration**: Each hash iteration uses a unique salt combining master salt, iteration counter, and previous hash\n- **Timing Attack Prevention**: Small delays during hash generation\n- **Input Validation**: Comprehensive validation and sanitization\n- **Deterministic Generation**: Same inputs always produce the same password\n\n#### Algorithm Validation\nThe library includes comprehensive validation systems to ensure algorithm consistency across different environments, platforms, and library versions.\n\n#### Stability Guarantees\n- **Deterministic Behavior**: Same inputs always produce identical outputs across all platforms\n- **Version Compatibility**: Algorithm versioning prevents breaking changes\n- **Platform Independence**: Identical results on Node.js vs. Browser vs. Electron across different OS\n- **Future-Proof Design**: SHA-512 algorithm standardized by NIST (FIPS 180-4)\n\n## Technology Stack\n\n- **Frontend**: Vanilla JavaScript (ES6+), no frameworks\n- **Algorithm**: [@nuwax-io/nuwault-core](https://github.com/nuwax-io/nuwault-core) for secure password generation\n- **Styling**: Tailwind CSS 4.1.11 with utility-first approach\n- **Build Tool**: Vite 7.0.0 for fast development and building\n- **PWA**: Service Worker, Web App Manifest\n- **Security**: Web Crypto API for cryptographic operations\n- **Internationalization**: i18next for multi-language support\n\n## Project Structure\n\n```\nsrc/\n├── components/         # UI components\n├── password/           # Password generation logic\n├── utils/              # Utility functions\n├── styles/             # Modular CSS architecture\n├── locales/            # Language files\n└── templates/          # Service worker templates\n```\n\n## Security Architecture\n\n### Password Generation Process\n1. **Input Processing**: Keywords are normalized and validated\n2. **Algorithm Execution**: [@nuwax-io/nuwault-core](https://github.com/nuwax-io/nuwault-core) handles cryptographic operations\n3. **Deterministic Output**: Same inputs always produce same results\n4. **Client-Side Only**: No network communication required\n\n### Security Guarantees\n- **No Data Transmission**: All processing happens locally\n- **No Storage**: Passwords are never stored anywhere\n- **Deterministic**: Reproducible results from same inputs\n- **Cryptographically Secure**: Uses Web Crypto API standards\n- **Algorithm Validation**: Comprehensive compatibility checks\n- **Offline Security**: Complete functionality without network (requires browser cache support)\n\n## Security Policy\n\nWe take security seriously and appreciate responsible disclosure of vulnerabilities. For detailed security information, vulnerability reporting procedures, and security best practices, please see our [Security Policy](SECURITY.md).\n\n### Security Overview\n- **Secure by Design**: SHA-512 hashing with multiple iterations\n- **Deterministic Generation**: Consistent, predictable outputs\n- **Input Validation**: Comprehensive validation and sanitization\n- **Timing Attack Resistance**: Protected against timing-based attacks\n- **Memory Safety**: Best-effort secure memory handling\n\n### Reporting Vulnerabilities\n**Please do not report security vulnerabilities via GitHub issues.**\n\nFor security vulnerabilities, please:\n- Email: [security@nuwault.com](mailto:security@nuwault.com)\n- Follow our coordinated disclosure process\n- Receive acknowledgment within 48 hours\n\n**[Complete Security Policy](SECURITY.md)**\n\n## Password Strength Analysis\n\nThe built-in strength meter evaluates passwords using:\n\n- **Length Analysis**: Exponential strength increase with length\n- **Character Variety**: Uppercase, lowercase, numbers, symbols\n- **Entropy Calculation**: Unique character distribution\n- **Pattern Detection**: Identifies and penalizes weak patterns\n\n### Strength Levels\n- **Very Weak** (0-17): Critical security risk\n- **Weak** (18-34): Security risk present  \n- **Moderate** (35-54): Acceptable level\n- **Strong** (55-74): Good security level\n- **Very Strong** (75-100): Excellent security\n\n## Documentation\n\n- [Contributing Guidelines](CONTRIBUTING.md)\n- [Security Policy](SECURITY.md)\n- [Password Strength Guide](docs/PASSWORD-STRENGTH.md)\n- [PWA Setup Guide](docs/PWA-SETUP.md)\n\n## Browser Support\n\n- **Chrome 88+**: Full PWA support with offline functionality\n- **Firefox 85+**: Core functionality with offline support\n- **Safari 14+**: Limited PWA features, offline support available\n- **Edge 88+**: Full PWA support with offline functionality\n- **IE11**: Not supported\n\n**Note**: Offline functionality requires browser cache enabled. Private/incognito mode may disable caching.\n\n## Contributing\n\nWe welcome contributions! Please read our [Contributing Guidelines](CONTRIBUTING.md) for details on:\n\n- Code standards and style guides\n- Security requirements\n- Pull request process\n- Issue reporting\n\n## Support\n\n- **Bug Reports**: [GitHub Issues](https://github.com/nuwax-io/nuwault-web/issues)\n- **Feature Requests**: [GitHub Discussions](https://github.com/nuwax-io/nuwault-web/discussions)\n- **Security Issues**: [security@nuwault.com](mailto:security@nuwault.com)\n- **General Support**: [support@nuwault.com](mailto:support@nuwault.com)\n\n## Changelog\n\nSee [CHANGELOG.md](CHANGELOG.md) for a detailed history of changes.\n\n## License\n\nThis project is licensed under the GNU General Public License v3.0 - see the [LICENSE](LICENSE) file for details.\n\nCopyright (c) 2025 NuwaX\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n**Built with ❤️ for password security and privacy**\n\n[⭐ Star this project](https://github.com/nuwax-io/nuwault-web) if you find it useful!\n\n\u003c/div\u003e ","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnuwax-io%2Fnuwault-web","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnuwax-io%2Fnuwault-web","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnuwax-io%2Fnuwault-web/lists"}