Age | Commit message (Collapse) | Author |
|
|
|
GnuPG 2.2.19 added a warning when no command was given.
* src/password-store.sh (reencrypt_path): Add --decrypt to --list-only
* tests/t0300-reencryption.sh (gpg_keys_from_encrypted_file): same
https://bugs.gnupg.org/gnupg/msg9873
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=810adfd47801fc01e45fb71af9f05c91f7890cdb
https://bugzilla.suse.com/show_bug.cgi?id=1028867
|
|
|
|
|
|
|
|
|
|
|
|
Git worktree works with the normal .git directory instead being a
.git file with a reference to the primary git repository.
|
|
When keeping the password-store under git, it can make sense using a git
extension such as git-annex instead of the native git object store to
store the encrypted files. Inter alia, this allows one to selectively
expire old copies of the encrypted data, while otherwise, one would need
to recreate the complete repository when a key should no longer have
access to some of the data.
Since using the git-annex object store means that *.gpg files (and
directories named *.gpg) are kept under .git/… (non-writable), the
reencryption logic used by pass currently fails. To remedy this, we now
ignore everything kept under .git when looking for files to reencrypt or
when grepping.
|
|
|
|
|
|
|
|
|
|
|
|
Passing to tr using the "pick and discard" technique is more straight-
forwardly correct and less error-prone. It also allows users to
select their own character sets to be passed to tr.
|
|
This option can be used to select a different pass repository for
completion. A configuration example is given inside the completion file.
|
|
|
|
This reverts commit fcb92ed69fc191e39379bad715371d8c28410885.
Needs more discussion.
|
|
|
|
|
|
Did this by not passing "-o nospace" to complete. Instead, put
"compopt -o nospace" after a COMPREPLY that shouldn't add a space
when autocompleting the only match
|
|
|
|
|
|
|
|
Folks are lazy and don't want to type very much, so they'd like to have
a default password length to generate that can be configured via
environment variables per usual. I'm making the default 25.
If the user forbids the use of symbols, pwgen will use a-zA-Z0-9,
ensuring that at least one A-Z and at least one 0-9 is used. We want to
have a password of at least 128-bits, so factoring in the issue with "at
least one of this character type", 25 gets us there squarely.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
putput to a file named "-"
|
|
|
|
Uses the PASSWORD_STORE_GPG_OPTS environment variable.
Can be used to (e.g.) change the keyrings or trust model used.
|
|
Multiline insert errors gave a exit code of 0, now correctly propagated.
|
|
|
|
|
|
|
|
instead of cygwin's gpg binary
|
|
|
|
This reverts commit ec8140b0f1a422aad16d41d0c322f3a6ceef74fe.
The needed option is only available on GnuPG 2.1, and we need to support
GnuPG 2.0 too.
|
|
|
|
Symlinks inside password-store make sense when using passff in firefox, and
have the same LDAP password in different websites.
In order to have passff working correctly then, we need to strip the .gpg
extension from symlinks as well. Example output of `pass find site1` or `pass
| grep site1` before this commit:
site1.job.com.gpg -> site2.job.com
and after:
site1.job.com -> site2.job.com
|
|
xclip will return a non-zero exit code if $DISPLAY is not set, which
might happen, for example, if you're running pass in a tmux session
remotely or something like that. xclip itself will also show an error
message ("Can't open display") which provides enough context to figure
out what the problem is.
There might be other reasons for xclip to return a non-zero exit code,
but the man page doesn't list them.
|
|
|
|
|
|
|
|
The latest gpg-agent from the 2.1 series no longer requires these
environment variables and will instead start gpg-agent as it needs.
|
|
over stdin later.
|