https://git.schokokeks.org/derivepassphrase.git/tree/8e7790551f023105c34a02df27bf6358e6d06d52Recent commits to derivepassphrase.git (8e7790551f023105c34a02df27bf6358e6d06d52)2024-12-20T15:06:20+01:00tag:gitlist.org,2012:commit/8e7790551f023105c34a02df27bf6358e6d06d52Rework `ConfigManagementStateMachine` rules for higher data generation success rates2024-12-20T15:06:20+01:00Marco Riccisoftware@the13thletter.info
<pre>Lower the failure/retry rate for data generation by moving all data
generation into initialization rules and by removing data restrictions
on rule inputs as far as possible, turning the rule effectively into
a no-op if necessary.
The only currently remaining operation with notable retry rate is the
top-level rule selection.
</pre>
tag:gitlist.org,2012:commit/c9e143e6c04d7b667caa34efa02a210d78e3086aFix empty key handling in `vault` config, and harmonize warning text2024-12-20T11:39:45+01:00Marco Riccisoftware@the13thletter.info
<pre>Correctly handle empty `key` settings in the `vault` configuration: if
at the global level, it is equivalent to eliding the setting, but at the
service level, it explicitly disables key usage (even if a global key is
set). This implies that both cases need different cleanup steps.
Harmonize the warning message for ineffective passphrases for services:
always include the affected service name.
If during configuration import we find a key shadowing a passphrase,
issue the same ineffective passphrase warning as would happen during
interactive configuration or interactive use.
(The tests need minor modifications and reparametrization to continue to
cover all warning cases.)
</pre>
tag:gitlist.org,2012:commit/712a1d0d2abca699aae9bf6473dd336a2f3bd55eRewrite incompatible option checking for more readability2024-12-19T15:47:42+01:00Marco Riccisoftware@the13thletter.info
<pre></pre>
tag:gitlist.org,2012:commit/bc746734305a81187ecbdf856cbaebf34f22c470Document handling of file objects internally in CLI2024-12-19T15:27:08+01:00Marco Riccisoftware@the13thletter.info
<pre>The type hints for `click.open_file` are so broad that our file objects,
intended to be typed as `typing.TextIO`, end up getting typed as
`typing.TextIO | typing.IO[typing.Any]` instead. Fix this by casting,
explicitly, one level higher. Also document why no further checks for
readability or writablility are actually performed.
</pre>
tag:gitlist.org,2012:commit/0478233d6e154f2614110d172661b082ba88532dFix hypothesis settings for uninstrumented runs2024-12-19T15:18:58+01:00Marco Riccisoftware@the13thletter.info
<pre>The state machine tests appear to have such slow data generation that
they trigger `hypothesis` health check errors even in uninstrumented
runs (i.e. without a trace function running).
</pre>
tag:gitlist.org,2012:commit/5e5c12b78d541fd09e37595f1ba63deb22c82847Hoist and add tests for internal `key_to_phrase` CLI function2024-12-19T15:04:11+01:00Marco Riccisoftware@the13thletter.info
<pre>Commit d15069d2db4040d444f65d7c3db6a854f4adcb92 extended the internal
`key_to_phrase` CLI function, adding more expansive error handling and
better error messages. The new error handling still needed to be tested,
however. When actually writing tests for this function, it turns out to
be cumbersome to trigger the various scenarios directly, because, as an
internal function, this means issuing a full CLI call in a high-level
mock environment. Instead, we now hoist the function to the outer level,
making it easily accessible to tests and easier to isolate and prepare
a smaller and more specialized mock environment for.
(The primary reason this function was internal before was its use of the
`err` error callback, which still is internal to the CLI, but will now
be supplied explicitly as a callback.)
</pre>
tag:gitlist.org,2012:commit/ab945d5f3d2fe8264b00fcd68d2a7d2f0314294dRetire `allow_derivepassphrase_extensions` argument to `validate_vault_config`2024-12-19T15:04:11+01:00Marco Riccisoftware@the13thletter.info
<pre>As the Unicode normalization form is now set via the central
configuration file instead of the `vault` data file, there are currently
no defined `derivepassphrase` extensions to the vault configuration file
schema. Given the new central configuration file and the commitment to
preserve compatibility of the `vault` configuration import/export, we do
not anticipate any future `derivepassphrase` extensions to the schema.
Thus, retire the `allow_derivepassphrase_extensions` validation option.
Also adapt all tests and test datasets accordingly.
</pre>
tag:gitlist.org,2012:commit/e12e11d25356b047a816149446068c356db083c4Add changelog entry for the introduction of the central configuration file2024-12-19T15:04:11+01:00Marco Riccisoftware@the13thletter.info
<pre></pre>
tag:gitlist.org,2012:commit/c24003e853bd053cf88b2b9c3d940170dbc332ecTurn Unicode normalization preferences into user configuration settings2024-12-19T15:04:11+01:00Marco Riccisoftware@the13thletter.info
<pre>Instead of storing Unicode normalization preferences in the vault
configuration file, store these settings in the user configuration file:
* For a service `SERVICE`, consult the configuration key
`vault.SERVICE.unicode-normalization-form`.
* If that is unset, or if there is no service, use
`vault.default-unicode-normalization-form`.
* If that too is unset, default to `NFC`.
</pre>
tag:gitlist.org,2012:commit/f02b81ad6df6d92cdcbb3469a7010f5f340afe99Introduce a central user configuration file (and division of responsibility)2024-12-19T15:04:11+01:00Marco Riccisoftware@the13thletter.info
<pre>Introduce a new file for centralized user configuration of
`derivepassphrase`, which we expect the user to write and maintain, and
which we will never attempt to write to. Treat the existing "vault"
configuration file as a "data" file, which is `derivepassphrase`'s
responsibility to write and to maintain, and which the user shouldn't
edit directly.
In general, we now divide the configuration file set semantically into
"user" files and "data" files with the aforementioned responsibilities:
"user" files are managed by the user, "data" files are managed by the
application. (This mirrors the distinction in the XDG Base Directory
Specification, although we do not use their paths or their environment
variables.) We choose TOML as the file format for "user" files, because
it is the simplest configuration file format with both a robust parser
in the Python standard library and support for comments. The "data"
files currently use JSON, but may use other serialization formats in the
future as well.
We envision some use cases for the user configuration file such as
disabling certain expected warnings, or declaring the desired Unicode
normalization form of a text string, but as of now, no such
configuration is defined or supported.
</pre>