https://git.schokokeks.org/derivepassphrase.git/tree/c3c2e901e299525d8a42b56169b36583551332b0 Recent commits feed provided by GitList. If we cannot connect to the SSH agent, if it is because we cannot determine its address, then raise a `KeyError`, otherwise pass the original `OSError` through, instead of blindly converting everything to `RuntimeError`. https://git.schokokeks.org/derivepassphrase.git/commit/c3c2e901e299525d8a42b56169b36583551332b0 m@the13thletter.info (Marco Ricci) Sun, 30 Jun 2024 16:37:52 +0200 c3c2e901e299525d8a42b56169b36583551332b0 https://git.schokokeks.org/derivepassphrase.git/commit/22396e0a2949d6766ead804647dbe17e0a0300f4 m@the13thletter.info (Marco Ricci) Sun, 30 Jun 2024 16:37:52 +0200 22396e0a2949d6766ead804647dbe17e0a0300f4 https://git.schokokeks.org/derivepassphrase.git/commit/9dcc9aa9a8e5f82ad121c22c308d1c723ba5b941 m@the13thletter.info (Marco Ricci) Sun, 30 Jun 2024 16:37:52 +0200 9dcc9aa9a8e5f82ad121c22c308d1c723ba5b941 This is Python, not Java. https://git.schokokeks.org/derivepassphrase.git/commit/56ea02d5de542487633a1444cc55ccfb2269a498 m@the13thletter.info (Marco Ricci) Sun, 30 Jun 2024 16:37:52 +0200 56ea02d5de542487633a1444cc55ccfb2269a498 Adhere to standard testing best practices: name tests after the module they test (and move all such tests into the same testing module), group related tests within a module into classes, and move common testing functionality and test data into separate modules. Grouping related tests into classes also means that tests with common prerequisites (such as an available SSH agent) can then be skipped in bulk, if necessary. https://git.schokokeks.org/derivepassphrase.git/commit/bb75e2c43f4f1e88d0c717761e98457b774fb6e8 m@the13thletter.info (Marco Ricci) Sun, 30 Jun 2024 16:27:37 +0200 bb75e2c43f4f1e88d0c717761e98457b774fb6e8 Add a finished command-line interface, with interface parity with vault v0.3. The implementation has 100% coverage, including the tests... even if the tests still contain a lot of manual code and data duplication. The project settings were updated as well, mostly expanding the scope of what is covered by type checking and what is (not) covered by coverage testing. https://git.schokokeks.org/derivepassphrase.git/commit/6e05ad2a2a6d8de341a84dc8257911e21538c64e m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 6e05ad2a2a6d8de341a84dc8257911e21538c64e Currently, we use a one-to-one correspondence between command-line argument name and function argument, via catch-all keyword arguments. This is very unwieldy to use with type checking, it exposes us to name clashes with Python keywords, and it doesn't even save that much typing effort because the arguments still ought to be documented in the documentation anyway. Therefore, introduce an explicit target parameter name for the `click` interface and corresponding explicit function arguments. (The implicit list of (function) arguments that `click` passes to the function is already readily available in the context object.) As a related problem, the code for checking whether incompatible options were specified also relies (excessively cleverly) on command-line argument names and function argument names being equal, and sometimes conflates short and long option names, leading to it missing some examples of incompatible options. Therefore, instead, explicitly build a map of (short and long) option names to option objects and test whether incompatible option objects were used. https://git.schokokeks.org/derivepassphrase.git/commit/09e86bfa6549230d20c41600a57c3a7c37bb9397 m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 09e86bfa6549230d20c41600a57c3a7c37bb9397 In particular, include type guard functions here as well. https://git.schokokeks.org/derivepassphrase.git/commit/1c7c7a74a26be17815a5de3c20375a98400a1d2e m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 1c7c7a74a26be17815a5de3c20375a98400a1d2e Some level of awareness is necessary to support passphrases stored in (JSON) config files. We reject the passphrase if there are multiple Unicode representations (and thus UTF-8 representations) of the same text but with different normalizations. In such a case, a byte string must be used, and the value cannot currently be stored in the JSON config file. https://git.schokokeks.org/derivepassphrase.git/commit/fc134c9aa5519d8cf5b394a0036af8be2a0ecaff m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 fc134c9aa5519d8cf5b394a0036af8be2a0ecaff In vault(1), the passphrase derived from an SSH key signature is *not* just the (framed, binary) SSH signature of the vault UUID. Instead, the payload part of the signature, in binary, is converted to base64, yielding the passphrase. Rewrite the `Vault.phrase_from_signature` method to match vault's behavior, and rename it to `phrase_from_key` to better match the *actual* interface (which takes an SSH key, not a signature). (This design – emitting an SSH signature as payload only, in base64 – is hard-coded into the SSH agent client library used by vault, and likely not a conscious design by vault's primary author.) https://git.schokokeks.org/derivepassphrase.git/commit/d3bdff5889f148f85d644ecfcb3fc9787b0a1aef m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 d3bdff5889f148f85d644ecfcb3fc9787b0a1aef