Recent commits to derivepassphrase.git (6e2d2728b76c22a0d2280c34a55dba45885084cb)

Shift option parsing and grouping machinery to a separate section

2024-12-07T08:50:03+01:00

We expect to add new option categories that apply to multiple super- and
subcommands, not just the "vault" subcommand.
</pre>

Reimplement deprecated subcommands, properly, in `click`

2024-12-07T08:50:03+01:00

Our previous method of dispatching to subcommands was not tying the
supercommand and the subcommand together properly; each command
essentially ran in its own isolated context.  This lead to unnecessary
double-parsing of the command-line arguments, and to `click` becoming
confused as to what the full command-line actually was; in particular,
the help and usage messages gave a wrong command summary.

Instead, we now use custom `click.Group` objects as the supercommands
which default to the "vault" subcommand (with a deprecation warning) if
no explicit subcommand could be matched, rather than throwing an error;
this all happens internally using the normal mechanism for subcommand
dispatch.  Additionally, if the supercommand callback actually is
invoked -- which only happens if the supercommand is given without any
arguments -- we emit a deprecation warning and dispatch manually to the
"vault" subcommand using the same code path as the `click`
implementation would otherwise do.  We assert that the old and new code
paths work via new tests as necessary, particularly for the
"supercommand without arguments" case.

This implementation necessarily messes with some `click` internals,
duplicating the code as it currently stands.  Being a non-public API,
there is of course no guarantee that this will work with future versions
of `click`.  However, we use this solely to implement a compatibility
interface, which should vanish with `derivepassphrase` v1.0 anyway.  The
alternative -- rewriting `derivepassphrase` for another command-line
framework, or rolling our own command-line interface from scratch --
seems even more expensive/wasteful than this solution.
</pre>

Fix minor formatting quibbles in documentation and code style

2024-11-28T21:30:03+01:00

In particular, in online documentation builds, the URLs are slightly
different, so the CSS rules weren't triggering correctly.
</pre>

Release 0.3.3

2024-11-28T13:47:41+01:00

</pre>

Merge topic branch '033-pre-release-copyediting' into master

2024-11-28T13:38:43+01:00

* t/033-pre-release-copyediting:
  Copyedit tutorials, how-tos and reference pages structure
  Copyedit and reclassify changelog entry for deterministic DSA signatures
</pre>

Copyedit tutorials, how-tos and reference pages structure

2024-11-28T13:34:17+01:00

Includes

  * index pages for the tutorials and how-tos sections
  * adding a "man page" section in the global navigation block
  * dropping the rendundant "tutorial" in the tutorial titles
</pre>

Copyedit and reclassify changelog entry for deterministic DSA signatures

2024-11-28T13:08:34+01:00

Since the behavior is backward-compatible, the changes are API
"additions" and "fixes", not "changes".

Also fix minor spacing errors and typos.
</pre>

Merge topic branch 'ssh-key-howto' into master

2024-11-28T11:32:33+01:00

This includes the 'pageant-deterministic-signatures' topic branch as
well.

* t/ssh-key-howto:
  Add missing tests for `SSHAgentClient.query_extensions` runtime errors
  Retire the use of symlinks for the README and the changelog
  Use canonical test keys in all SSH agent key listings
  Unmark icon- and badge-type external links as external
  Document that `is_suitable_ssh_key` now takes an optional agent client in the changelog
  Add an ecdsa-sha2-nistp521 SSH test key
  Publish polished `is_suitable_ssh_key` and `has_deterministic_dsa_signatures` interfaces
  Let the `running_ssh_agent` test fixture report the agent type
  Decouple deterministic signatures from general SSH agent detection
  Fix test suite to actually test deterministic signature support
  Fix spurious overloaded signature mismatch
  Indicate external links in non-API documentation as well
  Split the SSH key how-to into how-to and reference documents
  Make suitable SSH key listing easier to distinguish
  Add changelog entry for deterministic DSA/ECDSA signature support
  Add how-to for setting up an SSH key for `derivepassphrase vault`
  Purge the info badges for current Python or derivepassphrase versions
  Support the "all signatures are deterministic" feature of some SSH agents
  Support one-off SSH agent client child contexts
</pre>

Add missing tests for `SSHAgentClient.query_extensions` runtime errors

2024-11-27T20:23:06+01:00

Currently, this is still a white-box, maliciously compliant design that
relies heavily on implementation details of the function under test.
That said, the failure cases being triggered here are all SSH agent
protocol violations, which would otherwise be difficult to trigger in
"real" SSH agents.
</pre>

Retire the use of symlinks for the README and the changelog

2024-11-27T18:21:17+01:00

Symlinks interact very poorly with online git repository viewers, and
while they are offline viewable on Unixish systems, readers only see the
source view, not the rendered view.

For the documentation frontpage `docs/index.md`, use the Snippets
extension (Material for MkDocs/Python-Markdownx) to include the contents
of `README.md`.  This will allow future customization of the frontpage
by either appending further content or only embedding parts of the
README.

For the changelog, because we use `scriv` to maintain it
semi-automatically and thus want the changelog snippets to stay out of
the top-level directory, we do not want `docs/changelog.md` to symlink
to or to snippet-include the top-level `CHANGELOG.md`.  Instead, we let
`CHANGELOG.md` point to the `docs` directory (in prose), and purge the
symlinks to the SVG badges.  The original intent was to make the
changelog renderable at the top-level, without the MkDocs machinery, but
this is only really feasible if the changelog is handwritten, which
hasn't been the case anymore for quite some time already.
</pre>