Clarification about private keys for passkeys
Hey there, I was doing some reading about passkeys and 1Password and started wondering: does 1Password ever actually store passkey private keys on the device's TPM or Secure Enclave? Or does it only use the cloud-based vault and sync the private keys to the current device as needed, using some local storage as a cache such as Indexed DB (encrypted)? This is within the example context of using the 1Password Chrome extension on a MacBook without the desktop app installed. Reason I'm confused is that some cloud-sync passkey providers such as Apple seem to do both the 1) device-bound Secure Enclave storage AND 2) 'cloud vault' equivalent to sync across devices. I'm only confused because in some 1Password docs/threads I've seen people say that the private key is stored on device while in others I've seen the opposite said. Also, is there a difference in the way the private key is handled if you are just using the extension vs extension + desktop app? Thanks so much for your time
1Password CLI Docker Image Update for Vulnerabilities
I've been working on a minified Ubuntu base image with 1Password CLI pre-installed so I can use it as a base for some homelab projects. The only thing is I'm not able to resolve some of the vulnerabilities present in the final image because they are introduced by 1Password CLI's use of older versions of Golang / modules in Golang. Will the CLI be updated? Ideally it would be great for the official 1Password CLI docker image could be auto updated... As detected by Docker Scout, the latest 1Password CLI has these vulnerabilities, all of which are fixable with updates: CVE-2024-45337, CVE-2024-45338, CVE-2024-45341, CVE-2024-45336, CVE-2025-22866Request for feedback: DMNO 1Password integration - env var/configuration tooling
Hello! TL;DR - If you've ever wanted to use secrets from 1Password in your JavaScript/TypeScript project without the hassle of writing custom scripts then check out our 1Password Plugin. We launched DMNO early this year and we've been continuously expanding our list of plugins and integrations. We're particularly proud of the 1Password plugin because it makes it very easy to retrieve secrets stored in 1Password and use them in your applications with minimal code. In addition to using values stored in 1Password, our plugin gives you: Coercion and validation Leak detection and prevention Log redaction and domain allow/deny lists for individual items Flexible storage in 1Password, from a single .env style blob to individual items Full TypeScript features including detailed IntelliSense docs and autocomplete Drop-in integrations for Remix, Next.js, Astro, Vite, and Node.js Best of all, it's completely free and open source. We'd love for other 1Password users to try it out. If there's a feature you want, we can probably add it for you and your team.
