v23.10.2

CHANGELOG.txt

@@ -1,3 +1,10 @@
+#----v23.10.2----#
+-Local notes are now also encrypted
+-Better key management
+-Improve shared notes
+-Improve UI/UX
+-Bug fixes
+
 #----v23.10.1----#
 -Add public notes
 -Bug fixes for self-hosting

README.md

@@ -4,7 +4,7 @@
 <h1 align="center">Bloc-notes</h1>
 
 <p align="center">
-<b>Bloc-notes</b> is a free, open source and encrypted notebook. Bloc-notes aims for security and privacy.
+<b>Bloc-notes</b> is a free, open source and encrypted notebook.
 </p>
 
 <p align="center">
@@ -25,30 +25,28 @@
 *   [For developers](#for-developers)
 
 ## Why?
-When I was looking for a note-taking application, I faced several difficulties: Google Keep and OneNote don't respect privacy, Standard Notes and Obsidian can be light without having to pay (no Markdown or no Sync). So I decided to create my own notebook that respects users' privacy and GDPR.
+When I was looking for a note-taking application, I faced several difficulties: Google Keep and OneNote don't respect privacy, Standard Notes and Obsidian can be light without having to pay (no Markdown or no Sync). So I decided to create my own notebook that respects users' privacy and easy to use.
 
 ## Features
-The user can save and edit notes locally in JSON, change notes color, copy notes and use [Markdown](https://github.com/seguinleo/Bloc-notes/wiki/Markdown) to create titles, lists, links, todos or import images from another website.
+All notes are encrypted with ``AES-256-GCM``.
 
-The user can also sign in to sync all notes between their devices or browsers and encrypt content with ``AES-256-GCM`` in a database. The user can also hide the content of their notes. A button allows the user to make a note public and share it via a random URL.
+The user can save and edit notes, change color, copy, export and use [Markdown](https://github.com/seguinleo/Bloc-notes/wiki/Markdown).
 
-This website is a PWA (Progressive Web App), the user can install it as an application. Service Worker has automatic updates. Be sure to change the language before installing the application.
+The user can also sign in to sync all notes between their devices or browsers in a database. The user can also make a note public and share it via a random URL. No email is required, only a username and a strong password.
+
+This website is a PWA (Progressive Web App), the user can install it as an application. Service Worker has automatic updates.
 
 ## Design
-The website is fully responsible for mobile devices and UI/UX inspired by [Material Design v3](https://m3.material.io/). The icons come from [Fontawesome](https://github.com/FortAwesome/Font-Awesome). The website is also accessible for people with disabilities thanks to high-contrast colors, ARIA modules and focusable elements. A light/dark mode is also available with local storage.
+The website is fully responsible for mobile devices. The icons come from [Fontawesome](https://github.com/FortAwesome/Font-Awesome). The website is also accessible for people with disabilities thanks to high-contrast colors, ARIA modules and focusable elements. A light/dark mode is also available.
 
 ## Security and Privacy
-The user's connection is maintained by a secure cookie with a shelf life of 1 week.
-
-The website is hosted in France by OVHcloud on my personal server. The website is always up to date with the latest security patches.
-
-Passwords are hashed with bcrypt before being sent to the database.
+The user's connection for online sync is maintained by a secure cookie with a shelf life of 1 week. The website is hosted in France by OVHcloud on my personal server. The website is always up to date with the latest security patches.
 
-Each user has their own randomly generated 32-byte encryption key that uses SHA256 as the hash function and the randomly generated salt. Once logged in, the user can change their password or delete their account. Security measures are in place against XSS, CSRF and SQL injections.
+Passwords are hashed with the latest algorithms before being sent to the database.
 
-Bloc-notes stores the username, hashed password, and encrypted notes in a secure database until the user deletes this data themselves. Only the user has access to the content of their encrypted notes via their unique keys. The website editor disclaims any responsibility for the content of user notes.
+Each user has their own randomly generated 32-byte encryption key and salt. Once logged in, the user can change their password or delete their account according to the GDPR. Security measures are in place against XSS, CSRF and SQL injections.
 
-[Legal notice / Privacy policy](https://leoseguin.fr/mentionslegales/)
+Bloc-notes stores the username, hashed password, and encrypted notes in a secure database until the user deletes this data themselves. Only the user has access to the content of their encrypted notes. The website editor disclaims any responsibility for the content of user notes.
 
 > [!WARNING]
 > Never store passwords or too personal data in your notes regardless of the service.
@@ -57,17 +55,19 @@ Bloc-notes stores the username, hashed password, and encrypted notes in a secure
 🇫🇷French, 🇬🇧English, 🇩🇪German
 
 ## Todo
-- [x]  Share notes with a random link
+- [x] Share notes with a random link
 - [x] Export notes in text file
-- [ ]  Spanish translation
+- [ ] Pin notes
+- [ ] Spanish translation
+- [ ] ...
 
 ## Community
 If you find [issues](https://github.com/seguinleo/Bloc-notes/issues), [vulnerabilities](https://github.com/seguinleo/Bloc-notes/security) or if you have any suggestions to improve this project, feel free to [discuss](https://github.com/seguinleo/Bloc-notes/discussions)!
 
 ## For developers
 Documentation: [W3C](https://www.w3.org/), [MDN Web Docs](https://developer.mozilla.org/en-US/), [OWASP](https://cheatsheetseries.owasp.org/), [PHP Delusions](https://phpdelusions.net/)
 
-Technologies: JavaScript, PHP PDO and MySQL
+Technologies: JavaScript, PHP and MySQL
 
 Dependencies: ESLint, PHP_CodeSniffer, Sass and [Showdownjs](https://github.com/showdownjs/showdown) (modified)