Recent commits to derivepassphrase.git (317489552ba4585e773775417b4d3f106538f98b) https://git.schokokeks.org/derivepassphrase.git/tree/317489552ba4585e773775417b4d3f106538f98b Recent commits feed provided by GitList. Extract translatable log messages into separate module Extract all log messages into a separate module, so that they may be translated in a future version. We anticipate the use of such a message in a `logging` call, so we provide a wrapper object that defers the string interpolation until its serialization is called, and caches the result. (This is all as per the recommendation from the standard `logging` module.) Implemented this way, it is easy to run easy transformations on the specific log message template, e.g. substituting a translated message template, or trimming the filename placeholder if the filename is `None`. As an added benefit, this organization also makes it somewhat easy to ensure message consistency across different use sites and to generate diagnostics lists for inclusion in the manpage. While we intend to use the gettext toolset to implement the translation later, we do *not* currently use the standard `_` gettext alias or otherwise mark up the strings in an `xgettext`-compatible manner. Both the GNU version of `xgettext` and the Python work-alike `xgettext.py` suck: the GNU version does not completely understand Python syntax and cannot sensibly parse `black`-/`ruff`-formatted code using implicit string concatenation or trailing commas in function argument lists, and `xgettext.py` is so outdated (even in current Pythons) that it does not support `xgettext`'s `--add-comment` option for extracting extra comments for the translators. So instead of attempting to cram the strings and comments into some formatter-resistant and `xgettext`-compatible shape (a very futile endeavor so far), store enough information that we could generate the `.po` files ourselves with very little additional effort. https://git.schokokeks.org/derivepassphrase.git/commit/317489552ba4585e773775417b4d3f106538f98b software@the13thletter.info (Marco Ricci) Wed, 25 Dec 2024 21:41:22 +0100 317489552ba4585e773775417b4d3f106538f98b Add an actual derivepassphrase-vault(1) manpage, plus better manpage contents The barebones HTML "manpage" for `derivepassphrase` was essentially an HTML-ized version of the help text. In particular, the option descriptions only contained the one-line help text, and many typical sections (FILES, ENVIRONMENT, EXAMPLES, DIAGNOSTICS, AUTHOR, BUGS) were missing. This commit contributes a proper manpage, in `*roff`/`mdoc` format. It was authored using guidance from the `groff_mdoc` documentation, the only sensible-appearing authoritative source on manpage style issues. (Perl's `perlpodstyle`, `groff_man` and `groff_man_style` were also consulted, but ultimately disregarded.) The content changes were also folded back into the HTML version, save for some styling choices that aren't possible in the `*roff` version. In particular, both versions are hand-written, and manually synchronized with each other. The manpages use the option group headings "Passphrase generation" and "Compatibility and extension options" instead of "Password generation" and "Options concerning compatibility with other tools", for better text flow. Accordingly, this phrasing has been adapted in `derivepassphrase_vault` as well. https://git.schokokeks.org/derivepassphrase.git/commit/8154b0ff2bedbc2a7ec7d812091067084555aa31 software@the13thletter.info (Marco Ricci) Wed, 25 Dec 2024 20:55:45 +0100 8154b0ff2bedbc2a7ec7d812091067084555aa31 Make the mutually exclusive options helper function print the correct parameter name The `click.Parameter.human_readable_name` attribute yields the metavar for arguments, and the function parameter name for options. The documentation calls the latter the "name" for the option, perhaps under the assumption that you would never pass an explicit parameter name to the option decorator. I disagree with this, it is horrible design: sometimes the value is usable as a function parameter (options), sometimes it isn't (arguments), and vice versa for constructing a command-line, so it is neither usable as a command-line parameter display name nor as a function parameter name. So what *is* it even good for...? Include our own logic to select an appropriate display name for our options. This requires querying `click.Parameter` attributes that should be public, but are internal. Why...?! https://git.schokokeks.org/derivepassphrase.git/commit/208429075c67c884f55d76474e8c8a4baea616ab software@the13thletter.info (Marco Ricci) Wed, 25 Dec 2024 18:59:32 +0100 208429075c67c884f55d76474e8c8a4baea616ab Add small fixes to changelog, docstrings and variable names https://git.schokokeks.org/derivepassphrase.git/commit/4bfbfa3c9eb2e4a82707289da46fa3665aa24283 software@the13thletter.info (Marco Ricci) Wed, 25 Dec 2024 17:15:23 +0100 4bfbfa3c9eb2e4a82707289da46fa3665aa24283 Instruct `coverage` to record the test function for each covered line Enable the standard dynamic context setting `test_function` for `coverage`. This is immensely helpful for debugging whether and which tests trigger or don't trigger a certain branch of code in a multi-branch block (`if`/`elif`/`else`, `match`/`case` blocks, dispatch tables, etc.). https://git.schokokeks.org/derivepassphrase.git/commit/bdf02f629dc0dbc1b72d74f56a6edb06d681ab60 software@the13thletter.info (Marco Ricci) Sat, 21 Dec 2024 01:02:34 +0100 bdf02f629dc0dbc1b72d74f56a6edb06d681ab60 Fix formatting, some coverage pragmas and some linting rules in tests Aside from formatting fixes, disable the E501/line-too-long and C419/unnecessary-comprehension-in-call linting rules in tests, where they hinder debuggability of the tests. (See embedded comments for full rationale.) Furthermore, make `coverage` recognize `@overload` lines automatically as lines that should not be included in coverage, like `assert False` and friends. https://git.schokokeks.org/derivepassphrase.git/commit/f36630533e3f8d9932e4b1b2975ec3d8bde7b45a software@the13thletter.info (Marco Ricci) Sat, 21 Dec 2024 00:57:49 +0100 f36630533e3f8d9932e4b1b2975ec3d8bde7b45a Support exporting the `vault` configuration as a POSIX shell script When exporting `vault` configurations via `--export`, a new option `--export-as=FORMAT` allows selecting the export format (defaulting to `json`). Setting `FORMAT` as `sh` selects the new POSIX shell script export format, which yields a sh(1)-compatible script to reimport the existing configuration as a series of calls to the `derivepassphrase` command. Because the output is very regular, the test suite also includes an interpreter specifically for the sh(1) subset emitted during an `sh` export, on top of the usual adaptations to existing tests for the new functionality. https://git.schokokeks.org/derivepassphrase.git/commit/cefe3175dd103226d6d404886a091f6dfe85026f software@the13thletter.info (Marco Ricci) Sat, 21 Dec 2024 00:23:33 +0100 cefe3175dd103226d6d404886a091f6dfe85026f Allow unsetting settings when configuring `vault` When configuring a `vault` service, or the global settings, a new configuration option `--unset FIELD` will unset the specified `FIELD` from the service or global settings prior to and addition to applying the requested settings changes. This way, the user can update all settings on the command-line (except for the "notes") without manually editing and reimporting a configuration export. (It is permissible to only unset settings, without applying any other configuration changes.) https://git.schokokeks.org/derivepassphrase.git/commit/7a43a0cf4ea5877b3ff07576d5ee5c3ad36c087b software@the13thletter.info (Marco Ricci) Fri, 20 Dec 2024 17:00:48 +0100 7a43a0cf4ea5877b3ff07576d5ee5c3ad36c087b Rework `ConfigManagementStateMachine` rules for higher data generation success rates Lower the failure/retry rate for data generation by moving all data generation into initialization rules and by removing data restrictions on rule inputs as far as possible, turning the rule effectively into a no-op if necessary. The only currently remaining operation with notable retry rate is the top-level rule selection. https://git.schokokeks.org/derivepassphrase.git/commit/8e7790551f023105c34a02df27bf6358e6d06d52 software@the13thletter.info (Marco Ricci) Fri, 20 Dec 2024 15:06:20 +0100 8e7790551f023105c34a02df27bf6358e6d06d52 Fix empty key handling in `vault` config, and harmonize warning text Correctly handle empty `key` settings in the `vault` configuration: if at the global level, it is equivalent to eliding the setting, but at the service level, it explicitly disables key usage (even if a global key is set). This implies that both cases need different cleanup steps. Harmonize the warning message for ineffective passphrases for services: always include the affected service name. If during configuration import we find a key shadowing a passphrase, issue the same ineffective passphrase warning as would happen during interactive configuration or interactive use. (The tests need minor modifications and reparametrization to continue to cover all warning cases.) https://git.schokokeks.org/derivepassphrase.git/commit/c9e143e6c04d7b667caa34efa02a210d78e3086a software@the13thletter.info (Marco Ricci) Fri, 20 Dec 2024 11:39:45 +0100 c9e143e6c04d7b667caa34efa02a210d78e3086a