seal() options is not guarded against mutation
kanongil opened this issue · comments
If you want to change the ttl
on each invocation, you can't re-use the same object since the value is not extracted from the options object until after an await
.
Example:
const config = Object.assign({}, Iron.defaults);
config.ttl = 42;
const promise = Iron.seal(object, secret, config);
config.ttl = 4200;
const sealed = await promise;
The resulting object will be sealed with a ttl == 4200
.
I suspect there are similar issues with unseal()
as well.
This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.