Recent commits to derivepassphrase.git (5e5c12b78d541fd09e37595f1ba63deb22c82847) https://git.schokokeks.org/derivepassphrase.git/tree/5e5c12b78d541fd09e37595f1ba63deb22c82847 Recent commits feed provided by GitList. Hoist and add tests for internal `key_to_phrase` CLI function Commit d15069d2db4040d444f65d7c3db6a854f4adcb92 extended the internal `key_to_phrase` CLI function, adding more expansive error handling and better error messages. The new error handling still needed to be tested, however. When actually writing tests for this function, it turns out to be cumbersome to trigger the various scenarios directly, because, as an internal function, this means issuing a full CLI call in a high-level mock environment. Instead, we now hoist the function to the outer level, making it easily accessible to tests and easier to isolate and prepare a smaller and more specialized mock environment for. (The primary reason this function was internal before was its use of the `err` error callback, which still is internal to the CLI, but will now be supplied explicitly as a callback.) https://git.schokokeks.org/derivepassphrase.git/commit/5e5c12b78d541fd09e37595f1ba63deb22c82847 software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 5e5c12b78d541fd09e37595f1ba63deb22c82847 Retire `allow_derivepassphrase_extensions` argument to `validate_vault_config` As the Unicode normalization form is now set via the central configuration file instead of the `vault` data file, there are currently no defined `derivepassphrase` extensions to the vault configuration file schema. Given the new central configuration file and the commitment to preserve compatibility of the `vault` configuration import/export, we do not anticipate any future `derivepassphrase` extensions to the schema. Thus, retire the `allow_derivepassphrase_extensions` validation option. Also adapt all tests and test datasets accordingly. https://git.schokokeks.org/derivepassphrase.git/commit/ab945d5f3d2fe8264b00fcd68d2a7d2f0314294d software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 ab945d5f3d2fe8264b00fcd68d2a7d2f0314294d Add changelog entry for the introduction of the central configuration file https://git.schokokeks.org/derivepassphrase.git/commit/e12e11d25356b047a816149446068c356db083c4 software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 e12e11d25356b047a816149446068c356db083c4 Turn Unicode normalization preferences into user configuration settings Instead of storing Unicode normalization preferences in the vault configuration file, store these settings in the user configuration file: * For a service `SERVICE`, consult the configuration key `vault.SERVICE.unicode-normalization-form`. * If that is unset, or if there is no service, use `vault.default-unicode-normalization-form`. * If that too is unset, default to `NFC`. https://git.schokokeks.org/derivepassphrase.git/commit/c24003e853bd053cf88b2b9c3d940170dbc332ec software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 c24003e853bd053cf88b2b9c3d940170dbc332ec Introduce a central user configuration file (and division of responsibility) Introduce a new file for centralized user configuration of `derivepassphrase`, which we expect the user to write and maintain, and which we will never attempt to write to. Treat the existing "vault" configuration file as a "data" file, which is `derivepassphrase`'s responsibility to write and to maintain, and which the user shouldn't edit directly. In general, we now divide the configuration file set semantically into "user" files and "data" files with the aforementioned responsibilities: "user" files are managed by the user, "data" files are managed by the application. (This mirrors the distinction in the XDG Base Directory Specification, although we do not use their paths or their environment variables.) We choose TOML as the file format for "user" files, because it is the simplest configuration file format with both a robust parser in the Python standard library and support for comments. The "data" files currently use JSON, but may use other serialization formats in the future as well. We envision some use cases for the user configuration file such as disabling certain expected warnings, or declaring the desired Unicode normalization form of a text string, but as of now, no such configuration is defined or supported. https://git.schokokeks.org/derivepassphrase.git/commit/f02b81ad6df6d92cdcbb3469a7010f5f340afe99 software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 f02b81ad6df6d92cdcbb3469a7010f5f340afe99 Highlight security warnings and risks more prominently in the docs https://git.schokokeks.org/derivepassphrase.git/commit/83df7001d8996914bbfa0beaea8402074c0acd05 software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 83df7001d8996914bbfa0beaea8402074c0acd05 Make obtaining the compatibility config filename more explicit When obtaining the compatibility config filename `settings.json` from `cli._config_filename`, rename the corresponding subsystem from `settings` to `old settings.json`. Furthermore, pass that explicit subsystem upon each call. This frees us up to change the default subsystem in a future commit. Because this is not a public function, this is not a change in the public API. Some reformatting is necessary. https://git.schokokeks.org/derivepassphrase.git/commit/b9849af1b001d25ac62165f88778cfa18aacb547 software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 b9849af1b001d25ac62165f88778cfa18aacb547 Merge topic branch 'usage-fixes' into master * t/usage-fixes: Fix user interface errors if the SSH agent does not work Fix usage of `--debug`, `--verbose` and `--quiet` options https://git.schokokeks.org/derivepassphrase.git/commit/855a758e4f21ce51fec6978b575caece90dd515f software@the13thletter.info (Marco Ricci) Tue, 17 Dec 2024 20:13:49 +0100 855a758e4f21ce51fec6978b575caece90dd515f Fix user interface errors if the SSH agent does not work While the configuration and interactive selection of an SSH key is properly guarded against (i.e., any exceptions are wrapped into proper command-line error messages), the calls to `vault.Vault.phrase_from_key` were not similarly guarded. This has now been fixed. The fix also uncovered an incorrectly specified mock function in the test suite, which has been repaired as well. https://git.schokokeks.org/derivepassphrase.git/commit/d15069d2db4040d444f65d7c3db6a854f4adcb92 software@the13thletter.info (Marco Ricci) Fri, 13 Dec 2024 14:52:17 +0100 d15069d2db4040d444f65d7c3db6a854f4adcb92 Fix usage of `--debug`, `--verbose` and `--quiet` options The three "verbosity" options `--debug`, `--verbose` and `--quiet` set the logging level for `derivepassphrase`, globally. Because `click` does not support mutually exclusive options by default, these options are implemented as boolean flags, and it is possible to override earlier verbosity settings with later options. The previous setup treated the three options as disjointed flags, so each callback was called once, irrespective of the others, so the aforementioned intended overriding behavior was not working properly. In addition, the callback was faulty, always enabling each of the flags. The new setup now links all three options to the same flag, with different flag values. We further expose the option objects at the top level, and unify the three callback functions to a single one. As a side effect, we also fix a misclassified diagnostic during configuration file migration ("vault" derivation scheme). https://git.schokokeks.org/derivepassphrase.git/commit/58f6653d0d7a886d1cf02f70bb005de640a6b0b0 software@the13thletter.info (Marco Ricci) Fri, 13 Dec 2024 14:25:44 +0100 58f6653d0d7a886d1cf02f70bb005de640a6b0b0