https://git.schokokeks.org/derivepassphrase.git/tree/7a43a0cf4ea5877b3ff07576d5ee5c3ad36c087b Recent commits feed provided by GitList. When configuring a `vault` service, or the global settings, a new configuration option `--unset FIELD` will unset the specified `FIELD` from the service or global settings prior to and addition to applying the requested settings changes. This way, the user can update all settings on the command-line (except for the "notes") without manually editing and reimporting a configuration export. (It is permissible to only unset settings, without applying any other configuration changes.) https://git.schokokeks.org/derivepassphrase.git/commit/7a43a0cf4ea5877b3ff07576d5ee5c3ad36c087b software@the13thletter.info (Marco Ricci) Fri, 20 Dec 2024 17:00:48 +0100 7a43a0cf4ea5877b3ff07576d5ee5c3ad36c087b Lower the failure/retry rate for data generation by moving all data generation into initialization rules and by removing data restrictions on rule inputs as far as possible, turning the rule effectively into a no-op if necessary. The only currently remaining operation with notable retry rate is the top-level rule selection. https://git.schokokeks.org/derivepassphrase.git/commit/8e7790551f023105c34a02df27bf6358e6d06d52 software@the13thletter.info (Marco Ricci) Fri, 20 Dec 2024 15:06:20 +0100 8e7790551f023105c34a02df27bf6358e6d06d52 Correctly handle empty `key` settings in the `vault` configuration: if at the global level, it is equivalent to eliding the setting, but at the service level, it explicitly disables key usage (even if a global key is set). This implies that both cases need different cleanup steps. Harmonize the warning message for ineffective passphrases for services: always include the affected service name. If during configuration import we find a key shadowing a passphrase, issue the same ineffective passphrase warning as would happen during interactive configuration or interactive use. (The tests need minor modifications and reparametrization to continue to cover all warning cases.) https://git.schokokeks.org/derivepassphrase.git/commit/c9e143e6c04d7b667caa34efa02a210d78e3086a software@the13thletter.info (Marco Ricci) Fri, 20 Dec 2024 11:39:45 +0100 c9e143e6c04d7b667caa34efa02a210d78e3086a https://git.schokokeks.org/derivepassphrase.git/commit/712a1d0d2abca699aae9bf6473dd336a2f3bd55e software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:47:42 +0100 712a1d0d2abca699aae9bf6473dd336a2f3bd55e The type hints for `click.open_file` are so broad that our file objects, intended to be typed as `typing.TextIO`, end up getting typed as `typing.TextIO | typing.IO[typing.Any]` instead. Fix this by casting, explicitly, one level higher. Also document why no further checks for readability or writablility are actually performed. https://git.schokokeks.org/derivepassphrase.git/commit/bc746734305a81187ecbdf856cbaebf34f22c470 software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:27:08 +0100 bc746734305a81187ecbdf856cbaebf34f22c470 The state machine tests appear to have such slow data generation that they trigger `hypothesis` health check errors even in uninstrumented runs (i.e. without a trace function running). https://git.schokokeks.org/derivepassphrase.git/commit/0478233d6e154f2614110d172661b082ba88532d software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:18:58 +0100 0478233d6e154f2614110d172661b082ba88532d Commit d15069d2db4040d444f65d7c3db6a854f4adcb92 extended the internal `key_to_phrase` CLI function, adding more expansive error handling and better error messages. The new error handling still needed to be tested, however. When actually writing tests for this function, it turns out to be cumbersome to trigger the various scenarios directly, because, as an internal function, this means issuing a full CLI call in a high-level mock environment. Instead, we now hoist the function to the outer level, making it easily accessible to tests and easier to isolate and prepare a smaller and more specialized mock environment for. (The primary reason this function was internal before was its use of the `err` error callback, which still is internal to the CLI, but will now be supplied explicitly as a callback.) https://git.schokokeks.org/derivepassphrase.git/commit/5e5c12b78d541fd09e37595f1ba63deb22c82847 software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 5e5c12b78d541fd09e37595f1ba63deb22c82847 As the Unicode normalization form is now set via the central configuration file instead of the `vault` data file, there are currently no defined `derivepassphrase` extensions to the vault configuration file schema. Given the new central configuration file and the commitment to preserve compatibility of the `vault` configuration import/export, we do not anticipate any future `derivepassphrase` extensions to the schema. Thus, retire the `allow_derivepassphrase_extensions` validation option. Also adapt all tests and test datasets accordingly. https://git.schokokeks.org/derivepassphrase.git/commit/ab945d5f3d2fe8264b00fcd68d2a7d2f0314294d software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 ab945d5f3d2fe8264b00fcd68d2a7d2f0314294d https://git.schokokeks.org/derivepassphrase.git/commit/e12e11d25356b047a816149446068c356db083c4 software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 e12e11d25356b047a816149446068c356db083c4 Instead of storing Unicode normalization preferences in the vault configuration file, store these settings in the user configuration file: * For a service `SERVICE`, consult the configuration key `vault.SERVICE.unicode-normalization-form`. * If that is unset, or if there is no service, use `vault.default-unicode-normalization-form`. * If that too is unset, default to `NFC`. https://git.schokokeks.org/derivepassphrase.git/commit/c24003e853bd053cf88b2b9c3d940170dbc332ec software@the13thletter.info (Marco Ricci) Thu, 19 Dec 2024 15:04:11 +0100 c24003e853bd053cf88b2b9c3d940170dbc332ec