https://git.schokokeks.org/derivepassphrase.git/tree/695ca1e5dab18a14c2fbe6d3218b571183f8b08e 2025-12-25T11:34:27+01:00 tag:gitlist.org,2012:commit/695ca1e5dab18a14c2fbe6d3218b571183f8b08e 2025-12-25T11:34:27+01:00 Marco Ricci software@the13thletter.info <pre>Fix some testing edge cases: - When re-registering existing SSH agent socket provider names, we now explicitly ensure that the set of (automatically determined) names is actually non-empty. - Using mangled `SSH_AUTH_SOCK` environment variables for test purposes requires `SSH_AUTH_SOCK` to actually be set. We supply a default name that is also invalid as a (non-directory) filename. Fix some unclear debugging aids: - Mangling `SSH_AUTH_SOCK` is (anecdotally) better at detecting faulty test setups, relative to the "unset `SSH_AUTH_SOCK`" entry (because failures in the latter tend to be silent). So, reorder the parametrizations to prioritize the former one over the latter one. - The SSH agent socket provider system was printing distribution names without checking for `None` distributions. - The `spawn_ssh_agent` fixture was printing exception messages directly, without the exception name, or the concrete parametrization. We now special-case `KeyError` instances (but not subclass instances). Fix other phrasings and formattings: - The skip message for SSH agents excluded via the `PERMITTED_AGENTS` environment variable was not a sentence, and just speaking of "agents", not "SSH agents". &lt;/pre&gt; tag:gitlist.org,2012:commit/8b57ef157052400d4642f2f878315ba1fde6f483 2025-12-24T10:37:29+01:00 Marco Ricci software@the13thletter.info <pre>&lt;/pre&gt; tag:gitlist.org,2012:commit/d675b049fd32c5a652f73467f9462f45ddb1ec89 2025-12-17T14:14:03+01:00 Marco Ricci software@the13thletter.info <pre>Using the `ctypes` module, call into The Annoying OS's system libraries and bind the functions necessary to create, read from/write to, and close handles to existing Windows named pipes. We also bind the functions necessary to compute the pipe name for PuTTY/Pageant, and provide convenience functions to connect to PuTTY/Pageant and to OpenSSH, the de facto main SSH implementations on The Annoying OS. One major design question remains: how to discover the (named pipe address for) the SSH agent to use? Tempting options are using `SSH_AUTH_SOCK` again (whether literally or with special notation), and listing the preferred agent addresses in the user configuration file. For certain "well-known" addresses such as PuTTY/Pageant or OpenSSH, we provide specific SSH agent socket provider registry entries that attempt to connect to the respective agent. Other applications could easily register a custom provider that respects their configuration if the final socket (address) depends on external configuration. It is thus not clear to me if the system needs to be more flexible than it currently is, e.g., if the SSH agent socket provider needs to accept arguments that further configure the address or the connection options to the socket or named pipe. This commit contains no specific test code for this functionality; we leave this to follow-up commits. We provide three SSH agent socket providers, two of which have hardcoded addresses (for PuTTY/Pageant and OpenSSH, respectively). For ease of integration with the existing test suite, *as a temporary measure*, the third provider attempts to use `SSH_AUTH_SOCK` directly as the named pipe's name (which will fail unless specifically prepared). Since many of the symbols are undefined on other operating systems, and because the `ctypes` library relies on dynamically generated attributes and is thus mostly invisible to static analysis tools, much of the code needs type checking exemptions and extraneous explicit (C) casts at the Python level. Additionally, because our stub functions use the same CamelCase naming as The Annoying OS's official documentation does, much of the code also needs linting exceptions for the naming policy. &lt;/pre&gt; tag:gitlist.org,2012:commit/2e65c0e60b06a7608aa1d9110eca09683f6cc46e 2025-12-17T14:04:14+01:00 Marco Ricci software@the13thletter.info <pre>The formal name for the named pipe facility on The Annoying OS is "Windows named pipe", and this is the name other developers will expect. Thus, for reasons of clarity, we now strictly refer to them as such, i.e., refer to them as "Windows named pipes" and not "The Annoying OS named pipes". Old names still using the "Annoying OS named pipe" moniker have been adapted accordingly; in particular, this includes the former `WarnMsgTemplate.NO_ANNOYING_OS_NAMED_PIPES` symbol. By a similar token, the machine-local network socket mechanism on POSIX systems is formally called "UNIX domain sockets". For reasons of clarity, we now refer to them as such, and not by their C constant name `AF_UNIX` (or "AfUnix", or similar). Old names have been adapted accordingly; in particular, this includes the former `WarnMsgTemplate.NO_AF_UNIX` symbol. &lt;/pre&gt; tag:gitlist.org,2012:commit/4880384a6daf204c5e36dc9467129602099de982 2025-12-13T15:57:40+01:00 Marco Ricci software@the13thletter.info <pre>* fix-key_to_phrase-missing-callback: Add changelog entry for the `key_to_phrase` missing callback argument fix Add missing `warning_callback` argument to `key_to_phrase` call &lt;/pre&gt; tag:gitlist.org,2012:commit/eeaf964acf1c64649c26b0a1b46f422d90a7025d 2025-12-13T15:56:49+01:00 Marco Ricci software@the13thletter.info <pre>&lt;/pre&gt; tag:gitlist.org,2012:commit/79d06d839d033c327f58b965f7413ee151324886 2025-12-13T15:47:45+01:00 Marco Ricci software@the13thletter.info <pre>The callback parameters in `cli_helpers.key_to_phrase` for handling warning and error messages are now mandatory to specify. All calls in production code and in test code(!) now explicitly handle warnings and errors. Since changing `cli_helpers.key_to_phrase` in 2413d9dc10ede315c295ab7520a19b21d597a668 to support exception groups, the function takes additional callback parameters to do its warning and error handling/reporting. For compatibility reasons, the signature included default values which suppressed warning messages and exited the process on error messages. However, these default values made it too easy to *forget* proper handling of warning and error messages in the new implementation. In particular, two call sites in production code, just several lines apart, had differing warning handling, and the test suite had two major areas where warning handling was completely absent, relying on the "suppressed warning messages" default. All these behaviors were unwanted and wrong, but difficult to spot, because the test code too was wrong. By making the error and warning handling callbacks mandatory to specify and removing the implicit suppression behavior, inadvertent suppression of warning and error messages becomes much more difficult. To further ensure this doesn't happen again accidentally, the tests now also assert that certain expected warning messages are emitted, i.e., that the callback is actually exercised. &lt;/pre&gt; tag:gitlist.org,2012:commit/f3e8f02ae7ead012f3054d0cfb8d7450ee6c8728 2025-11-30T15:06:57+01:00 Marco Ricci software@the13thletter.info <pre>* modularize-and-refactor-test-machinery: (40 commits) Move the tests for the stubbed SSH agent socket to the machinery tests Add module docstrings for the tests hierarchy. Add a changelog entry for the test suite refactoring Format and lint all files Fix type errors due to click 8.2.0 Fix typing of the dummy vault configuration settings in the constructor Add CPython 3.14 to the list of test environments Fix more broken tests on The Annoying OS Fix broken links in the documentation caused by renaming or splitting modules Split the basic command-line tests, again Fix missing documentation in the test suite Fix some documentation issues with the heavy-duty command-line inteface tests Refactor the heavy-duty command-line interface tests Refactor the "all CLIs" command-line interface tests Refactor the basic command-line interface tests Fix miscellaneous imports, types and hyperlinks in the CLI machinery and tests Refactor the testing machinery tests Refactor the SSH agent tests Refactor the `exporter` tests Refactor the `vault` and `sequin` tests ... &lt;/pre&gt; tag:gitlist.org,2012:commit/e737a9ebaaf48e2b741791cc730b36ca30b7bbf2 2025-11-30T14:23:54+01:00 Marco Ricci software@the13thletter.info <pre>Even though the stubbed SSH agent socket exists to test the `derivepassphrase.ssh_agent` module, it is still a piece of testing machinery at its core, and thus belongs in the same place as the other testing machinery tests belong. Additionally, although the "basic" tests for the `derivepassphrase.ssh_agent` module are already a giant mixed bag of non-heavy-duty tests that all involve functionality from the `derivepassphrase.ssh_agent` module, the stubbed SSH agent socket tests differ from the other tests insofar as the other tests focus on establishing correctness of the `derivepassphrase.ssh_agent` machinery, whereas the stubbed SSH agent socket tests focus on the stubbed SSH agent socket. This, too, suggests that the stubbed SSH agent socket tests do not belong in the same test module as the `derivepassphrase.ssh_agent` tests. &lt;/pre&gt; tag:gitlist.org,2012:commit/0a0ba0a96164e824353bf55aecdf64a013133af5 2025-11-30T13:54:36+01:00 Marco Ricci software@the13thletter.info <pre>Consistently add docstrings to all modules in the tests hierarchy that would appear in the (developer setup) documentation. &lt;/pre&gt;