Dougniel commented on PR #332: URL: https://github.com/apache/commons-compress/pull/332#issuecomment-1334843789
@kinow, @garydgregory, Thanks for your reviews, I just pushed corrections that you suggested and I changed the place where `Cipher` is initialized in order to not store password in a clear way (following @kinow [advice](https://github.com/apache/commons-compress/pull/332#discussion_r1037484243)), let me know what do you think about that. With these changes, the implementation between decryption and encryption is less homogeneous. In my opinion the decryption could be aligned in the encryption way for the same concern about password storage, but also to reduce the complexity of [decode](https://github.com/apache/commons-compress/blob/0cbe431fe13e40735ccba054bab8fe4a83062b37/src/main/java/org/apache/commons/compress/archivers/sevenz/AES256SHA256Decoder.java#L36) method _(ex: replace `coder` and `password` parameters with `options` as done in `encode` method). But as theses changes will introduce a lot of changes, maybe it could be easier to do it in another PR Cheers, Daniel -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
