Hello and good day,
I just got aware that the couchdb URL is fully exposed in the config.cson file.
Would it be a good idea to seperate the user and PW fields so the PW can be hashed and encrypted in the settings file?
The encryption potentially could be done with the inkdrop credentials(?)
In the current state another application could potentially read the settings.
All the best, I love what you are doing