# SPDX-FileCopyrightText: 2025 Marco Ricci <software@the13thletter.info>
#
# SPDX-Licence-Identifier: MIT
"""Internal module. Do not use. Contains error strings and functions."""
from __future__ import annotations
import contextlib
import datetime
import enum
import functools
import gettext
import inspect
import os
import string
import sys
import textwrap
import types
from typing import TYPE_CHECKING, NamedTuple, Protocol, TextIO, Union, cast
from typing_extensions import TypeAlias, override
import derivepassphrase as dpp
if TYPE_CHECKING:
from collections.abc import Iterable, Iterator, Mapping, Sequence
from typing_extensions import Any, Self
__author__ = dpp.__author__
__version__ = dpp.__version__
__all__ = ('PROG_NAME',)
PROG_NAME = 'derivepassphrase'
def load_translations(
localedirs: list[str] | None = None,
languages: Sequence[str] | None = None,
class_: type[gettext.NullTranslations] | None = None,
) -> gettext.NullTranslations: # pragma: no cover
"""Load a translation catalog for derivepassphrase.
Runs [`gettext.translation`][] under the hood for multiple locale
directories. `fallback=True` is implied.
Args:
localedirs:
A list of directories to run [`gettext.translation`][]
against. Defaults to `$XDG_DATA_HOME/locale` (usually
`~/.local/share/locale`), `{sys.prefix}/share/locale` and
`{sys.base_prefix}/share/locale` if not given.
languages:
Passed directly to [`gettext.translation`][].
class_:
Passed directly to [`gettext.translation`][].
Returns:
A (potentially dummy) translation catalog.
"""
if localedirs is None:
if sys.platform.startswith('win'):
xdg_data_home = os.environ.get(
'APPDATA',
os.path.expanduser('~'),
)
elif os.environ.get('XDG_DATA_HOME'):
xdg_data_home = os.environ['XDG_DATA_HOME']
else:
xdg_data_home = os.path.join(
os.path.expanduser('~'), '.local', 'share'
)
localedirs = [
os.path.join(xdg_data_home, 'locale'),
os.path.join(sys.prefix, 'share', 'locale'),
os.path.join(sys.base_prefix, 'share', 'locale'),
]
for localedir in localedirs:
with contextlib.suppress(OSError):
return gettext.translation(
PROG_NAME,
localedir=localedir,
languages=languages,
class_=class_,
)
return gettext.NullTranslations()
translation = load_translations()
_debug_translation_message_cache: dict[
tuple[str, str],
tuple[MsgTemplate, frozenset],
] = {}
class DebugTranslations(gettext.NullTranslations):
"""A debug object indicating which known message is being requested.
Each call to the `*gettext` methods will return the enum name if the
message is a known translatable message for the `derivepassphrase`
command-line interface, or the message itself otherwise.
"""
@staticmethod
def _load_cache() -> None:
cache = _debug_translation_message_cache
for enum_class in MSG_TEMPLATE_CLASSES:
for member in enum_class.__members__.values():
value = cast('TranslatableString', member.value)
queue: list[tuple[TranslatableString, frozenset[str]]] = [
(value, frozenset())
]
value2 = value.maybe_without_filename()
if value != value2:
queue.append((value2, frozenset({'filename'})))
for v, trimmed in queue:
singular = v.singular
plural = v.plural
context = v.l10n_context
cache.setdefault((context, singular), (member, trimmed))
# Currently no translatable messages use plural forms
if plural: # pragma: no cover
cache.setdefault((context, plural), (member, trimmed))
@classmethod
def _locate_message(
cls,
message: str,
/,
*,
context: str = '',
message_plural: str = '',
n: int = 1,
) -> str:
try:
enum_value, trimmed = _debug_translation_message_cache[
context, message
]
except KeyError:
return message if not message_plural or n == 1 else message_plural
return cls._format_enum_name_maybe_with_fields(
enum_name=str(enum_value),
ts=cast('TranslatableString', enum_value.value),
trimmed=trimmed,
)
@staticmethod
def _format_enum_name_maybe_with_fields(
enum_name: str,
ts: TranslatableString,
trimmed: frozenset[str] = frozenset(),
) -> str:
formatter = string.Formatter()
fields: dict[str, int] = {}
for _lit, field, _spec, _conv in formatter.parse(ts.singular):
if field is not None and field not in fields:
fields[field] = len(fields)
sorted_fields = sorted(fields.keys(), key=fields.__getitem__)
formatted_fields = [
f'{f}=None' if f in trimmed else f'{f}={{{f}!r}}'
for f in sorted_fields
]
return (
'{!s}({})'.format(enum_name, ', '.join(formatted_fields))
if formatted_fields
else str(enum_name)
)
@override
def gettext(
self,
message: str,
/,
) -> str: # pragma: no cover
return self._locate_message(message)
@override
def ngettext(
self,
msgid1: str,
msgid2: str,
n: int,
/,
) -> str: # pragma: no cover
return self._locate_message(msgid1, message_plural=msgid2, n=n)
@override
def pgettext(
self,
context: str,
message: str,
/,
) -> str:
return self._locate_message(message, context=context)
@override
def npgettext(
self,
context: str,
msgid1: str,
msgid2: str,
n: int,
/,
) -> str: # pragma: no cover
return self._locate_message(
msgid1,
context=context,
message_plural=msgid2,
n=n,
)
class TranslatableString(NamedTuple):
l10n_context: str
singular: str
plural: str = ''
flags: frozenset[str] = frozenset()
translator_comments: str = ''
@staticmethod
def _maybe_rewrap(
string: str,
/,
*,
fix_sentence_endings: bool = True,
) -> str:
string = inspect.cleandoc(string)
if not any(s.strip() == '\b' for s in string.splitlines()):
string = '\n'.join(
textwrap.wrap(
string,
width=float('inf'), # type: ignore[arg-type]
fix_sentence_endings=fix_sentence_endings,
)
)
else:
string = ''.join(
s
for s in string.splitlines(True) # noqa: FBT003
if s.strip() != '\b'
)
return string
def maybe_without_filename(self) -> Self:
"""Return a new translatable string without the "filename" field.
Only acts upon translatable strings containing the exact
contents `": {filename!r}"`. The specified part will be
removed. This is correct usage in English for messages like
`"Cannot open file: {error!s}: {filename!r}."`, but not
necessarily in other languages.
"""
filename_str = ': {filename!r}'
ret = self
a, sep1, b = self.singular.partition(filename_str)
c, sep2, d = self.plural.partition(filename_str)
if sep1:
ret = ret._replace(singular=(a + b))
# Currently no translatable messages use plural forms
if sep2: # pragma: no cover
ret = ret._replace(plural=(c + d))
return ret
def rewrapped(self) -> Self:
"""Return a rewrapped version of self.
Normalizes all parts assumed to contain English prose.
"""
msg = self._maybe_rewrap(self.singular, fix_sentence_endings=True)
plural = self._maybe_rewrap(self.plural, fix_sentence_endings=True)
context = self.l10n_context.strip()
comments = self._maybe_rewrap(
self.translator_comments, fix_sentence_endings=False
)
return self._replace(
singular=msg,
plural=plural,
l10n_context=context,
translator_comments=comments,
)
def with_comments(self, comments: str, /) -> Self:
"""Add or replace the string's translator comments.
The comments are assumed to contain English prose, and will be
normalized.
Returns:
A new [`TranslatableString`][] with the specified comments.
"""
if not comments.lstrip().startswith( # pragma: no cover
'TRANSLATORS:'
):
comments = 'TRANSLATORS: ' + comments.lstrip()
comments = self._maybe_rewrap(comments, fix_sentence_endings=False)
return self._replace(translator_comments=comments)
def validate_flags(self, *extra_flags: str) -> Self:
"""Add all flags, then validate them against the string.
Returns:
A new [`TranslatableString`][] with the extra flags added,
and all flags validated.
Raises:
ValueError:
The flags failed to validate. See the exact error
message for details.
Examples:
>>> TranslatableString('', 'all OK').validate_flags()
... # doctest: +NORMALIZE_WHITESPACE
TranslatableString(l10n_context='', singular='all OK', plural='',
flags=frozenset(), translator_comments='')
>>> TranslatableString('', '20% OK').validate_flags(
... 'no-python-format'
... )
... # doctest: +NORMALIZE_WHITESPACE
TranslatableString(l10n_context='', singular='20% OK', plural='',
flags=frozenset({'no-python-format'}),
translator_comments='')
>>> TranslatableString('', '%d items').validate_flags()
... # doctest: +ELLIPSIS
Traceback (most recent call last):
...
ValueError: Missing flag for how to deal with percent character ...
>>> TranslatableString('', '{braces}').validate_flags()
... # doctest: +ELLIPSIS
Traceback (most recent call last):
...
ValueError: Missing flag for how to deal with brace character ...
>>> TranslatableString('', 'no braces').validate_flags(
... 'python-brace-format'
... )
... # doctest: +ELLIPSIS
Traceback (most recent call last):
...
ValueError: Missing format string parameters ...
"""
all_flags = frozenset(
f.strip() for f in self.flags.union(extra_flags)
)
if '{' in self.singular and not bool(
all_flags & {'python-brace-format', 'no-python-brace-format'}
):
msg = (
f'Missing flag for how to deal with brace character '
f'in {self.singular!r}'
)
raise ValueError(msg)
if '%' in self.singular and not bool(
all_flags & {'python-format', 'no-python-format'}
):
msg = (
f'Missing flag for how to deal with percent character '
f'in {self.singular!r}'
)
raise ValueError(msg)
if (
all_flags & {'python-format', 'python-brace-format'}
and '%' not in self.singular
and '{' not in self.singular
):
msg = f'Missing format string parameters in {self.singular!r}'
raise ValueError(msg)
return self._replace(flags=all_flags)
def translatable(
context: str,
single: str,
# /,
flags: Iterable[str] = (),
plural: str = '',
comments: str = '',
) -> TranslatableString:
"""Return a [`TranslatableString`][] with validated parts.
This factory function is really only there to make the enum
definitions more readable.
"""
flags = (
frozenset(flags)
if not isinstance(flags, str)
else frozenset({flags})
)
return (
TranslatableString(context, single, plural=plural, flags=flags)
.rewrapped()
.with_comments(comments)
.validate_flags()
)
class TranslatedString:
def __init__(
self,
template: (
str
| TranslatableString
| MsgTemplate
),
args_dict: Mapping[str, Any] = types.MappingProxyType({}),
/,
**kwargs: Any, # noqa: ANN401
) -> None:
if isinstance(template, MSG_TEMPLATE_CLASSES):
template = cast('TranslatableString', template.value)
self.template = template
self.kwargs = {**args_dict, **kwargs}
self._rendered: str | None = None
def __bool__(self) -> bool:
return bool(str(self))
def __eq__(self, other: object) -> bool: # pragma: no cover
return str(self) == other
def __hash__(self) -> int: # pragma: no cover
return hash(str(self))
def __repr__(self) -> str: # pragma: no cover
return (
f'{self.__class__.__name__}({self.template!r}, '
f'{dict(self.kwargs)!r})'
)
def __str__(self) -> str:
if self._rendered is None:
# raw str support is currently unneeded, so excluded from coverage
if isinstance(self.template, str): # pragma: no cover
context = None
template = self.template
else:
context = self.template.l10n_context
template = self.template.singular
if context is not None:
template = translation.pgettext(context, template)
else: # pragma: no cover
template = translation.gettext(template)
kwargs = {
k: str(v) if isinstance(v, TranslatedString) else v
for k, v in self.kwargs.items()
}
self._rendered = template.format(**kwargs)
return self._rendered
def maybe_without_filename(self) -> Self:
"""Return a new string without the "filename" field.
Only acts upon translated strings containing the exact contents
`": {filename!r}"`. The specified part will be removed. This
acts upon the string *before* translation, i.e., the string
without the filename will be used as a translation base.
"""
new_template = (
self.template.maybe_without_filename()
if not isinstance(self.template, str)
else self.template
)
if (
not isinstance(new_template, str)
and self.kwargs.get('filename') is None
and new_template != self.template
):
return self.__class__(new_template, self.kwargs)
return self
class _TranslatedStringConstructor(Protocol):
def __call__(
self,
context: str,
single: str,
# /,
flags: Iterable[str] = (),
plural: str = '',
comments: str = '',
) -> TranslatableString: ...
def _Commented( # noqa: N802
comments: str = '',
# /
) -> _TranslatedStringConstructor:
"""A "decorator" for readably constructing commented enum values.
This is geared towards the quirks of the API documentation extractor
`mkdocstrings-python`/`griffe`, which reformat and trim enum value
declarations in somewhat weird ways. Chains of function calls are
preserved, though, so use this to our advantage to suggest
a specific formatting.
This is not necessarily good code style, and it is
(quasi-)unnecessarily heavyweight.
""" # noqa: DOC201
return functools.partial(translatable, comments=comments)
class Label(enum.Enum):
DEPRECATION_WARNING_LABEL = _Commented(
comments=r"""
TRANSLATORS: This is a short label that will be prepended to
a warning message, e.g., "Deprecation warning: A subcommand will
be required in v1.0."
""",
)(
context='Label :: Diagnostics :: Marker',
single='Deprecation warning',
)
WARNING_LABEL = _Commented(
comments=r"""
TRANSLATORS: This is a short label that will be prepended to
a warning message, e.g., "Warning: An empty service name is not
supported by vault(1)."
""",
)(
context='Label :: Diagnostics :: Marker',
single='Warning',
)
CANNOT_UPDATE_SETTINGS_METAVAR_SETTINGS_TYPE_GLOBAL = (
_Commented(
comments=r"""
TRANSLATORS: This is one of two values of the settings_type
metavar used in the CANNOT_UPDATE_SETTINGS_NO_SETTINGS
entry. It is only used there. The full sentence then
reads: "Cannot update the global settings without any given
settings."
""",
)(
context='Label :: Error message :: Metavar',
single='global settings',
)
)
CANNOT_UPDATE_SETTINGS_METAVAR_SETTINGS_TYPE_SERVICE = (
_Commented(
comments=r"""
TRANSLATORS: This is one of two values of the settings_type
metavar used in the CANNOT_UPDATE_SETTINGS_NO_SETTINGS
entry. It is only used there. The full sentence then
reads: "Cannot update the service-specific settings without
any given settings."
""",
)(
context='Label :: Error message :: Metavar',
single='service-specific settings',
)
)
DERIVEPASSPHRASE_01 = _Commented(
comments=r"""
TRANSLATORS: This is the first paragraph of the command help
text, but it also appears (in truncated form, if necessary) as
one-line help text for this command. The translation should
thus be as meaningful as possible even if truncated.
""",
)(
context='Label :: Help text :: Explanation',
single="""
Derive a strong passphrase, deterministically, from a master secret.
""",
)
DERIVEPASSPHRASE_02 = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single="""
The currently implemented subcommands are "vault" (for the
scheme used by vault) and "export" (for exporting foreign
configuration data). See the respective `--help` output for
instructions. If no subcommand is given, we default to "vault".
""",
)
DERIVEPASSPHRASE_03 = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single="""
Deprecation notice: Defaulting to "vault" is deprecated.
Starting in v1.0, the subcommand must be specified explicitly.
""",
)
DERIVEPASSPHRASE_EPILOG_01 = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single=r"""
Configuration is stored in a directory according to the
`DERIVEPASSPHRASE_PATH` variable, which defaults to
`~/.derivepassphrase` on UNIX-like systems and
`C:\Users\<user>\AppData\Roaming\Derivepassphrase` on Windows.
""",
)
DERIVEPASSPHRASE_EXPORT_01 = _Commented(
comments=r"""
TRANSLATORS: This is the first paragraph of the command help
text, but it also appears (in truncated form, if necessary) as
one-line help text for this command. The translation should
thus be as meaningful as possible even if truncated.
""",
)(
context='Label :: Help text :: Explanation',
single="""
Export a foreign configuration to standard output.
""",
)
DERIVEPASSPHRASE_EXPORT_02 = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single="""
The only available subcommand is "vault", which implements the
vault-native configuration scheme. If no subcommand is given,
we default to "vault".
""",
)
DERIVEPASSPHRASE_EXPORT_03 = DERIVEPASSPHRASE_03
DERIVEPASSPHRASE_EXPORT_VAULT_01 = _Commented(
comments=r"""
TRANSLATORS: This is the first paragraph of the command help
text, but it also appears (in truncated form, if necessary) as
one-line help text for this command. The translation should
thus be as meaningful as possible even if truncated.
""",
)(
context='Label :: Help text :: Explanation',
single="""
Export a vault-native configuration to standard output.
""",
)
DERIVEPASSPHRASE_EXPORT_VAULT_02 = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single="""
Depending on the configuration format, {path_metavar!s} may
either be a file or a directory. We support the vault "v0.2",
"v0.3" and "storeroom" formats.
""",
flags='python-brace-format',
)
DERIVEPASSPHRASE_EXPORT_VAULT_03 = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single="""
If {path_metavar!s} is explicitly given as `VAULT_PATH`, then
use the `VAULT_PATH` environment variable to determine the
correct path. (Use `./VAULT_PATH` or similar to indicate
a file/directory actually named `VAULT_PATH`.)
""",
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_01 = _Commented(
comments=r"""
TRANSLATORS: This is the first paragraph of the command help
text, but it also appears (in truncated form, if necessary) as
one-line help text for this command. The translation should
thus be as meaningful as possible even if truncated.
""",
)(
context='Label :: Help text :: Explanation',
single="""
Derive a passphrase using the vault derivation scheme.
""",
)
DERIVEPASSPHRASE_VAULT_02 = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single="""
If operating on global settings, or importing/exporting
settings, then {service_metavar!s} must be omitted. Otherwise
it is required.
""",
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_EPILOG_01 = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single="""
WARNING: There is NO WAY to retrieve the generated passphrases
if the master passphrase, the SSH key, or the exact passphrase
settings are lost, short of trying out all possible
combinations. You are STRONGLY advised to keep independent
backups of the settings and the SSH key, if any.
""",
)
DERIVEPASSPHRASE_VAULT_EPILOG_02 = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single="""
The configuration is NOT encrypted, and you are STRONGLY
discouraged from using a stored passphrase.
""",
)
DEPRECATED_COMMAND_LABEL = _Commented(
comments=r"""
TRANSLATORS: We use this format string to indicate, at the
beginning of a command's help text, that this command is
deprecated.
""",
)(
context='Label :: Help text :: Marker',
single='(Deprecated) {text}',
flags='python-brace-format',
)
DEBUG_OPTION_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='also emit debug information (implies --verbose)',
)
EXPORT_VAULT_FORMAT_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The defaults_hint is
Label.EXPORT_VAULT_FORMAT_DEFAULTS_HELP_TEXT, the metavar is
Label.EXPORT_VAULT_FORMAT_METAVAR_FMT.
""",
)(
context='Label :: Help text :: One-line description',
single=r"""
try the following storage format {metavar!s}; may be
specified multiple times, formats will be tried in order
{defaults_hint!s}
""",
flags='python-brace-format',
)
EXPORT_VAULT_FORMAT_DEFAULTS_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: See EXPORT_VAULT_FORMAT_HELP_TEXT. The format
names/labels "v0.3", "v0.2" and "storeroom" should not be
translated.
""",
)(
context='Label :: Help text :: One-line description',
single=r"""
(default: v0.3, v0.2, storeroom)
""",
)
EXPORT_VAULT_KEY_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The defaults_hint is
Label.EXPORT_VAULT_KEY_DEFAULTS_HELP_TEXT, the metavar is
Label.EXPORT_VAULT_KEY_METAVAR_K.
""",
)(
context='Label :: Help text :: One-line description',
single=r"""
use {metavar!s} as the storage master key {defaults_hint!s}
""",
flags='python-brace-format',
)
EXPORT_VAULT_KEY_DEFAULTS_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: See EXPORT_VAULT_KEY_HELP_TEXT.
""",
)(
context='Label :: Help text :: One-line description',
single=r"""
(default: check the `VAULT_KEY`, `LOGNAME`, `USER`, or
`USERNAME` environment variables)
""",
)
HELP_OPTION_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='show this help text, then exit',
)
QUIET_OPTION_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='suppress even warnings, emit only errors',
)
VERBOSE_OPTION_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='emit extra/progress information to standard error',
)
VERSION_OPTION_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='show applicable version information, then exit',
)
DERIVEPASSPHRASE_VAULT_PHRASE_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='prompt for a master passphrase',
)
DERIVEPASSPHRASE_VAULT_KEY_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='select a suitable SSH key from the SSH agent',
)
DERIVEPASSPHRASE_VAULT_LENGTH_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.PASSPHRASE_GENERATION_METAVAR_NUMBER.
""",
)(
context='Label :: Help text :: One-line description',
single='ensure a passphrase length of {metavar!s} characters',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_REPEAT_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.PASSPHRASE_GENERATION_METAVAR_NUMBER.
""",
)(
context='Label :: Help text :: One-line description',
single='forbid any run of {metavar!s} identical characters',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_LOWER_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.PASSPHRASE_GENERATION_METAVAR_NUMBER.
""",
)(
context='Label :: Help text :: One-line description',
single='ensure at least {metavar!s} lowercase characters',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_UPPER_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.PASSPHRASE_GENERATION_METAVAR_NUMBER.
""",
)(
context='Label :: Help text :: One-line description',
single='ensure at least {metavar!s} uppercase characters',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_NUMBER_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.PASSPHRASE_GENERATION_METAVAR_NUMBER.
""",
)(
context='Label :: Help text :: One-line description',
single='ensure at least {metavar!s} digits',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_SPACE_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.PASSPHRASE_GENERATION_METAVAR_NUMBER.
""",
)(
context='Label :: Help text :: One-line description',
single='ensure at least {metavar!s} spaces',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_DASH_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.PASSPHRASE_GENERATION_METAVAR_NUMBER.
""",
)(
context='Label :: Help text :: One-line description',
single='ensure at least {metavar!s} "-" or "_" characters',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_SYMBOL_HELP_TEXT = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.PASSPHRASE_GENERATION_METAVAR_NUMBER.
""",
)(
context='Label :: Help text :: One-line description',
single='ensure at least {metavar!s} symbol characters',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_NOTES_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='spawn an editor to edit notes for {service_metavar!s}',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_CONFIG_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='save the given settings for {service_metavar!s}, or global',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_DELETE_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='delete the settings for {service_metavar!s}',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_DELETE_GLOBALS_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='delete the global settings',
)
DERIVEPASSPHRASE_VAULT_DELETE_ALL_HELP_TEXT = _Commented(
comments='',
)(
context='Label :: Help text :: One-line description',
single='delete all settings',
)
DERIVEPASSPHRASE_VAULT_EXPORT_HELP_TEXT = _Commented(
comments="""
TRANSLATORS: The metavar is
Label.STORAGE_MANAGEMENT_METAVAR_SERVICE.
""",
)(
context='Label :: Help text :: One-line description',
single='export all saved settings to {metavar!s}',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_IMPORT_HELP_TEXT = _Commented(
comments="""
TRANSLATORS: The metavar is
Label.STORAGE_MANAGEMENT_METAVAR_SERVICE.
""",
)(
context='Label :: Help text :: One-line description',
single='import saved settings from {metavar!s}',
flags='python-brace-format',
)
DERIVEPASSPHRASE_VAULT_OVERWRITE_HELP_TEXT = _Commented(
comments="""
TRANSLATORS: The corresponding option is displayed as
"--overwrite-existing / --merge-existing", so you may want to
hint that the default (merge) is the second of those options.
""",
)(
context='Label :: Help text :: One-line description',
single='overwrite or merge (default) the existing configuration',
)
DERIVEPASSPHRASE_VAULT_UNSET_HELP_TEXT = _Commented(
comments="""
TRANSLATORS: The corresponding option is displayed as
"--unset=phrase|key|...|symbol", so the "given setting" is
referring to "phrase", "key", "lower", ..., or "symbol",
respectively. "with --config" here means that the user must
also specify "--config" for this option to have any effect.
""",
)(
context='Label :: Help text :: One-line description',
single="""
with --config, also unsets the given setting; may be specified
multiple times
""",
)
DERIVEPASSPHRASE_VAULT_EXPORT_AS_HELP_TEXT = _Commented(
comments="""
TRANSLATORS: The corresponding option is displayed as
"--export-as=json|sh", so json refers to the JSON format
(default) and sh refers to the POSIX sh format.
""",
)(
context='Label :: Help text :: One-line description',
single='when exporting, export as JSON (default) or POSIX sh',
)
EXPORT_VAULT_FORMAT_METAVAR_FMT = _Commented(
comments='',
)(
context='Label :: Help text :: Metavar :: export vault',
single='FMT',
)
EXPORT_VAULT_KEY_METAVAR_K = _Commented(
comments=r"""
TRANSLATORS: See Label.EXPORT_VAULT_KEY_HELP_TEXT.
""",
)(
context='Label :: Help text :: Metavar :: export vault',
single='K',
)
EXPORT_VAULT_METAVAR_PATH = _Commented(
comments=r"""
TRANSLATORS: Used as "path_metavar" in
Label.DERIVEPASSPHRASE_EXPORT_VAULT_02 and others.
""",
)(
context='Label :: Help text :: Metavar :: export vault',
single='PATH',
)
PASSPHRASE_GENERATION_METAVAR_NUMBER = _Commented(
comments=r"""
TRANSLATORS: This metavar is also used in a matching epilog.
""",
)(
context='Label :: Help text :: Metavar :: vault',
single='NUMBER',
)
STORAGE_MANAGEMENT_METAVAR_PATH = _Commented(
comments=r"""
TRANSLATORS: This metavar is also used in multiple one-line help
texts.
""",
)(
context='Label :: Help text :: Metavar :: vault',
single='PATH',
)
VAULT_METAVAR_SERVICE = _Commented(
comments=r"""
TRANSLATORS: This metavar is also used in multiple one-line help
texts, as "service_metavar".
""",
)(
context='Label :: Help text :: Metavar :: vault',
single='SERVICE',
)
CONFIGURATION_EPILOG = _Commented(
comments='',
)(
context='Label :: Help text :: Explanation',
single='Use $VISUAL or $EDITOR to configure the spawned editor.',
)
PASSPHRASE_GENERATION_EPILOG = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.PASSPHRASE_GENERATION_METAVAR_NUMBER.
""",
)(
context='Label :: Help text :: Explanation',
single=r"""
Use {metavar!s}=0 to exclude a character type from the output.
""",
flags='python-brace-format',
)
STORAGE_MANAGEMENT_EPILOG = _Commented(
comments=r"""
TRANSLATORS: The metavar is
Label.STORAGE_MANAGEMENT_METAVAR_PATH.
""",
)(
context='Label :: Help text :: Explanation',
single=r"""
Using "-" as {metavar!s} for standard input/standard output
is supported.
""",
flags='python-brace-format',
)
COMMANDS_LABEL = _Commented(
comments='',
)(
context='Label :: Help text :: Option group name',
single='Commands',
)
COMPATIBILITY_OPTION_LABEL = _Commented(
comments='',
)(
context='Label :: Help text :: Option group name',
single='Compatibility and extension options',
)
CONFIGURATION_LABEL = _Commented(
comments='',
)(
context='Label :: Help text :: Option group name',
single='Configuration',
)
LOGGING_LABEL = _Commented(
comments='',
)(
context='Label :: Help text :: Option group name',
single='Logging',
)
OPTIONS_LABEL = _Commented(
comments='',
)(
context='Label :: Help text :: Option group name',
single='Options',
)
OTHER_OPTIONS_LABEL = _Commented(
comments='',
)(
context='Label :: Help text :: Option group name',
single='Other options',
)
PASSPHRASE_GENERATION_LABEL = _Commented(
comments='',
)(
context='Label :: Help text :: Option group name',
single='Passphrase generation',
)
STORAGE_MANAGEMENT_LABEL = _Commented(
comments='',
)(
context='Label :: Help text :: Option group name',
single='Storage management',
)
VERSION_INFO_TEXT = _Commented(
comments='',
)(
context='Label :: Info Message',
single=r"""
{PROG_NAME!s} {__version__}
""", # noqa: RUF027
flags='python-brace-format',
)
CONFIRM_THIS_CHOICE_PROMPT_TEXT = _Commented(
comments=r"""
TRANSLATORS: There is no support for "yes" or "no" in other
languages than English, so it is advised that your translation
makes it clear that only the strings "y", "yes", "n" or "no" are
supported, even if the prompt becomes a bit longer.
""",
)(
context='Label :: Interactive prompt',
single='Confirm this choice? (y/N)',
)
SUITABLE_SSH_KEYS_LABEL = _Commented(
comments=r"""
TRANSLATORS: This label is the heading of the list of suitable
SSH keys.
""",
)(
context='Label :: Interactive prompt',
single='Suitable SSH keys:',
)
YOUR_SELECTION_PROMPT_TEXT = _Commented(
comments='',
)(
context='Label :: Interactive prompt',
single='Your selection? (1-{n}, leave empty to abort)',
flags='python-brace-format',
)
class DebugMsgTemplate(enum.Enum):
BUCKET_ITEM_FOUND = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "storeroom"-type configuration directories. The
system stores entries in different "buckets" of a hash table.
Here, we report on a single item (path and value) we discovered
after decrypting the whole bucket. (We ensure the path and
value are printable as-is.)
""",
)(
context='Debug message',
single='Found bucket item: {path} -> {value}',
flags='python-brace-format',
)
DECRYPT_BUCKET_ITEM_INFO = _Commented(
comments=r"""
TRANSLATORS: "AES256-CBC" and "PKCS#7" are, in essence, names of
formats, and should not be translated. "IV" means
"initialization vector", and is specifically a cryptographic
term, as are "plaintext" and "ciphertext".
""",
)(
context='Debug message',
single="""
Decrypt bucket item contents:
\b
Encryption key (master key): {enc_key}
Encryption cipher: AES256-CBC with PKCS#7 padding
Encryption IV: {iv}
Encrypted ciphertext: {ciphertext}
Plaintext: {plaintext}
""",
flags='python-brace-format',
)
DECRYPT_BUCKET_ITEM_KEY_INFO = _Commented(
comments='',
)(
context='Debug message',
single="""
Decrypt bucket item:
\b
Plaintext: {plaintext}
Encryption key (master key): {enc_key}
Signing key (master key): {sign_key}
""",
flags='python-brace-format',
)
DECRYPT_BUCKET_ITEM_MAC_INFO = _Commented(
comments=r"""
TRANSLATORS: The MAC stands for "message authentication code",
which guarantees the authenticity of the message to anyone who
holds the corresponding key, similar to a digital signature.
The acronym "MAC" is assumed to be well-known to the English
target audience, or at least discoverable by them; they *are*
asking for debug output, after all. Please use your judgement
as to whether to translate this term or not, expanded or not.
""",
)(
context='Debug message',
single="""
Decrypt bucket item contents:
\b
MAC key: {sign_key}
Authenticated content: {ciphertext}
Claimed MAC value: {claimed_mac}
Computed MAC value: {actual_mac}
""",
flags='python-brace-format',
)
DECRYPT_BUCKET_ITEM_SESSION_KEYS_INFO = _Commented(
comments=r"""
TRANSLATORS: "AES256-CBC" and "PKCS#7" are, in essence, names of
formats, and should not be translated. "IV" means
"initialization vector", and is specifically a cryptographic
term, as are "plaintext" and "ciphertext".
""",
)(
context='Debug message',
single="""
Decrypt bucket item session keys:
\b
Encryption key (master key): {enc_key}
Encryption cipher: AES256-CBC with PKCS#7 padding
Encryption IV: {iv}
Encrypted ciphertext: {ciphertext}
Plaintext: {plaintext}
Parsed plaintext: {code}
""",
flags='python-brace-format',
)
DECRYPT_BUCKET_ITEM_SESSION_KEYS_MAC_INFO = _Commented(
comments=r"""
TRANSLATORS: The MAC stands for "message authentication code",
which guarantees the authenticity of the message to anyone who
holds the corresponding key, similar to a digital signature.
The acronym "MAC" is assumed to be well-known to the English
target audience, or at least discoverable by them; they *are*
asking for debug output, after all. Please use your judgement
as to whether to translate this term or not, expanded or not.
""",
)(
context='Debug message',
single="""
Decrypt bucket item session keys:
\b
MAC key (master key): {sign_key}
Authenticated content: {ciphertext}
Claimed MAC value: {claimed_mac}
Computed MAC value: {actual_mac}
""",
flags='python-brace-format',
)
DERIVED_MASTER_KEYS_KEYS = _Commented(
comments='',
)(
context='Debug message',
single="""
Derived master keys' keys:
\b
Encryption key: {enc_key}
Signing key: {sign_key}
Password: {pw_bytes}
Function call: pbkdf2(algorithm={algorithm!r}, length={length!r}, salt={salt!r}, iterations={iterations!r})
""", # noqa: E501
flags='python-brace-format',
)
DIRECTORY_CONTENTS_CHECK_OK = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "storeroom"-type configuration directories, while
"assembling" the items stored in the configuration according to
the item's "path". Each "directory" in the path contains a list
of children it claims to contain, and this list must be matched
against the actual discovered items. Now, at the end, we
actually confirm the claim. (We would have already thrown an
error here otherwise.)
""",
)(
context='Debug message',
single='Directory contents check OK: {path} -> {contents}',
flags='python-brace-format',
)
MASTER_KEYS_DATA_MAC_INFO = _Commented(
comments=r"""
TRANSLATORS: The MAC stands for "message authentication code",
which guarantees the authenticity of the message to anyone who
holds the corresponding key, similar to a digital signature.
The acronym "MAC" is assumed to be well-known to the English
target audience, or at least discoverable by them; they *are*
asking for debug output, after all. Please use your judgement
as to whether to translate this term or not, expanded or not.
""",
)(
context='Debug message',
single="""
Master keys data:
\b
MAC key: {sign_key}
Authenticated content: {ciphertext}
Claimed MAC value: {claimed_mac}
Computed MAC value: {actual_mac}
""",
flags='python-brace-format',
)
POSTPONING_DIRECTORY_CONTENTS_CHECK = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "storeroom"-type configuration directories, while
"assembling" the items stored in the configuration according to
the item's "path". Each "directory" in the path contains a list
of children it claims to contain, and this list must be matched
against the actual discovered items. When emitting this
message, we merely indicate that we saved the "claimed" list for
this directory for later.
""",
)(
context='Debug message',
single='Postponing directory contents check: {path} -> {contents}',
flags='python-brace-format',
)
SETTING_CONFIG_STRUCTURE_CONTENTS = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "storeroom"-type configuration directories, while
"assembling" the items stored in the configuration according to
the item's "path". We confirm that we set the entry at the
given path to the given value.
""",
)(
context='Debug message',
single='Setting contents: {path} -> {value}',
flags='python-brace-format',
)
SETTING_CONFIG_STRUCTURE_CONTENTS_EMPTY_DIRECTORY = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "storeroom"-type configuration directories, while
"assembling" the items stored in the configuration according to
the item's "path". We confirm that we set up a currently empty
directory at the given path.
""",
)(
context='Debug message',
single='Setting contents (empty directory): {path}',
flags='python-brace-format',
)
VAULT_NATIVE_EVP_BYTESTOKEY_INIT = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "native"-type configuration directories: in v0.2,
the non-standard and deprecated "EVP_bytestokey" function from
OpenSSL must be reimplemented from scratch. The terms "salt"
and "IV" (initialization vector) are cryptographic terms.
""",
)(
context='Debug message',
single="""
evp_bytestokey_md5 (initialization):
\b
Input: {data}
Salt: {salt}
Key size: {key_size}
IV size: {iv_size}
Buffer length: {buffer_length}
Buffer: {buffer}
""",
flags='python-brace-format',
)
VAULT_NATIVE_EVP_BYTESTOKEY_RESULT = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "native"-type configuration directories: in v0.2,
the non-standard and deprecated "EVP_bytestokey" function from
OpenSSL must be reimplemented from scratch. The terms "salt"
and "IV" (initialization vector) are cryptographic terms.
This function reports on the updated buffer length and contents
after executing one round of hashing.
""",
)(
context='Debug message',
single="""
evp_bytestokey_md5 (result):
\b
Encryption key: {enc_key}
IV: {iv}
""",
flags='python-brace-format',
)
VAULT_NATIVE_EVP_BYTESTOKEY_ROUND = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "native"-type configuration directories: in v0.2,
the non-standard and deprecated "EVP_bytestokey" function from
OpenSSL must be reimplemented from scratch. The terms "salt"
and "IV" (initialization vector) are cryptographic terms.
This function reports on the updated buffer length and contents
after executing one round of hashing.
""",
)(
context='Debug message',
single="""
evp_bytestokey_md5 (round update):
\b
Buffer length: {buffer_length}
Buffer: {buffer}
""",
flags='python-brace-format',
)
VAULT_NATIVE_CHECKING_MAC_DETAILS = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "native"-type configuration directories. It is
preceded by the info message PARSING_IV_PAYLOAD_MAC; see the
commentary there concerning the terms and thoughts on
translating them.
""",
)(
context='Debug message',
single="""
MAC details:
\b
MAC input: {mac_input}
Expected MAC: {mac}
""",
flags='python-brace-format',
)
VAULT_NATIVE_PADDED_PLAINTEXT = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "native"-type configuration directories. "padding"
and "plaintext" are cryptographic terms.
""",
)(
context='Debug message',
single='Padded plaintext: {contents}',
flags='python-brace-format',
)
VAULT_NATIVE_PARSE_BUFFER = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "native"-type configuration directories. It is
preceded by the info message PARSING_IV_PAYLOAD_MAC; see the
commentary there concerning the terms and thoughts on
translating them.
""",
)(
context='Debug message',
single="""
Buffer: {contents}
\b
IV: {iv}
Payload: {payload}
MAC: {mac}
""",
flags='python-brace-format',
)
VAULT_NATIVE_PLAINTEXT = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "native"-type configuration directories.
"plaintext" is a cryptographic term.
""",
)(
context='Debug message',
single='Plaintext: {contents}',
flags='python-brace-format',
)
VAULT_NATIVE_PBKDF2_CALL = _Commented(
comments='',
)(
context='Debug message',
single="""
Master key derivation:
\b
PBKDF2 call: PBKDF2-HMAC(password={password!r}, salt={salt!r}, iterations={iterations!r}, key_size={key_size!r}, algorithm={algorithm!r})
Result (binary): {raw_result}
Result (hex key): {result_key!r}
""", # noqa: E501
flags='python-brace-format',
)
VAULT_NATIVE_V02_PAYLOAD_MAC_POSTPROCESSING = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "native"-type configuration directories. It is
preceded by the info message PARSING_IV_PAYLOAD_MAC and the
debug message PARSING_NATIVE_PARSE_BUFFER; see the commentary
there concerning the terms and thoughts on translating them.
""",
)(
context='Debug message',
single="""
Postprocessing buffer (v0.2):
\b
Payload: {payload} (decoded from base64)
MAC: {mac} (decoded from hex)
""",
flags='python-brace-format',
)
class InfoMsgTemplate(enum.Enum):
ASSEMBLING_CONFIG_STRUCTURE = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "storeroom"-type configuration directories. The
system stores entries in different "buckets" of a hash table.
After the respective items in the buckets have been decrypted,
we then have a list of item paths plus contents to populate.
This must be done in a certain order (we don't yet have an
existing directory tree to rely on, but rather must build it
on-the-fly), hence the term "assembling".
""",
)(
context='Info message',
single='Assembling config structure',
)
CANNOT_LOAD_AS_VAULT_CONFIG = _Commented(
comments=r"""
TRANSLATORS: "fmt" is a string such as "v0.2" or "storeroom",
indicating the format which we tried to load the vault
configuration as.
""",
)(
context='Info message',
single='Cannot load {path!r} as a {fmt!s} vault configuration.',
flags='python-brace-format',
)
CHECKING_CONFIG_STRUCTURE_CONSISTENCY = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "storeroom"-type configuration directories. Having
"assembled" the configuration items according to their claimed
paths and contents, we then check if the assembled structure is
internally consistent.
""",
)(
context='Info message',
single='Checking config structure consistency',
)
DECRYPTING_BUCKET = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "storeroom"-type configuration directories. The
system stores entries in different "buckets" of a hash table.
We parse the directory bucket by bucket. All buckets are
numbered in hexadecimal, and typically there are 32 buckets, so
2-digit hex numbers.
""",
)(
context='Info message',
single='Decrypting bucket {bucket_number}',
flags='python-brace-format',
)
PARSING_MASTER_KEYS_DATA = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "storeroom"-type configuration directories.
`.keys` is a filename, from which data about the master keys for
this configuration are loaded.
""",
)(
context='Info message',
single='Parsing master keys data from .keys',
)
PIP_INSTALL_EXTRA = _Commented(
comments=r"""
TRANSLATORS: This message immediately follows an error message
about a missing library that needs to be installed. The Python
Package Index (PyPI) supports declaring sets of optional
dependencies as "extras", so users installing from PyPI can
request reinstallation with a named "extra" being enabled. This
would then let the installer take care of the missing libraries
automatically, hence this suggestion to PyPI users.
""",
)(
context='Info message',
single="""
(For users installing from PyPI, see the {extra_name!r} extra.)
""",
flags='python-brace-format',
)
SUCCESSFULLY_MIGRATED = _Commented(
comments=r"""
TRANSLATORS: This info message immediately follows the "Using
deprecated v0.1-style ..." deprecation warning.
""",
)(
context='Info message',
single='Successfully migrated to {path!r}.',
flags='python-brace-format',
)
VAULT_NATIVE_CHECKING_MAC = _Commented(
comments='',
)(
context='Info message',
single='Checking MAC',
)
VAULT_NATIVE_DECRYPTING_CONTENTS = _Commented(
comments='',
)(
context='Info message',
single='Decrypting contents',
)
VAULT_NATIVE_DERIVING_KEYS = _Commented(
comments='',
)(
context='Info message',
single='Deriving an encryption and signing key',
)
VAULT_NATIVE_PARSING_IV_PAYLOAD_MAC = _Commented(
comments=r"""
TRANSLATORS: This message is emitted by the vault configuration
exporter for "native"-type configuration directories. "IV"
means "initialization vector", and "MAC" means "message
authentication code". They are specifically cryptographic
terms, as is "payload". The acronyms "IV" and "MAC" are assumed
to be well-known to the English target audience, or at least
discoverable by them; they *are* asking for debug output, after
all. Please use your judgement as to whether to translate this
term or not, expanded or not.
""",
)(
context='Info message',
single='Parsing IV, payload and MAC from the file contents',
)
class WarnMsgTemplate(enum.Enum):
EMPTY_SERVICE_NOT_SUPPORTED = _Commented(
comments='',
)(
context='Warning message',
single="""
An empty {service_metavar!s} is not supported by vault(1).
For compatibility, this will be treated as if SERVICE was not
supplied, i.e., it will error out, or operate on global settings.
""",
flags='python-brace-format',
)
EMPTY_SERVICE_SETTINGS_INACCESSIBLE = _Commented(
comments='',
)(
context='Warning message',
single="""
An empty {service_metavar!s} is not supported by vault(1).
The empty-string service settings will be inaccessible and
ineffective. To ensure that vault(1) and {PROG_NAME!s} see the
settings, move them into the "global" section.
""",
flags='python-brace-format',
)
FAILED_TO_MIGRATE_CONFIG = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Warning message',
single='Failed to migrate to {path!r}: {error!s}: {filename!r}.',
flags='python-brace-format',
)
GLOBAL_PASSPHRASE_INEFFECTIVE = _Commented(
comments='',
)(
context='Warning message',
single=r"""
Setting a global passphrase is ineffective
because a key is also set.
""",
)
PASSPHRASE_NOT_NORMALIZED = _Commented(
comments=r"""
TRANSLATORS: The key is a (vault) configuration key, in JSONPath
syntax, typically "$.global" for the global passphrase or
"$.services.service_name" or "$.services["service with spaces"]"
for the services "service_name" and "service with spaces",
respectively. The form is one of the four Unicode normalization
forms: NFC, NFD, NFKC, NFKD.
The asterisks are not special. Please feel free to substitute
any other appropriate way to mark up emphasis of the word
"displays".
""",
)(
context='Warning message',
single=r"""
The {key!s} passphrase is not {form!s}-normalized. Its
serialization as a byte string may not be what you expect it to
be, even if it *displays* correctly. Please make sure to
double-check any derived passphrases for unexpected results.
""",
flags='python-brace-format',
)
SERVICE_NAME_INCOMPLETABLE = _Commented(
comments='',
)(
context='Warning message',
single="""
The service name {service!r} contains an ASCII control
character, which is not supported by our shell completion code.
This service name will therefore not be available for completion
on the command-line. You may of course still type it in
manually in whatever format your shell accepts, but we highly
recommend choosing a different service name instead.
""",
flags='python-brace-format',
)
SERVICE_PASSPHRASE_INEFFECTIVE = _Commented(
comments=r"""
TRANSLATORS: The key that is set need not necessarily be set at
the service level; it may be a global key as well.
""",
)(
context='Warning message',
single=r"""
Setting a service passphrase is ineffective because a key is
also set: {service!s}.
""",
flags='python-brace-format',
)
STEP_REMOVE_INEFFECTIVE_VALUE = _Commented(
comments='',
)(
context='Warning message',
single='Removing ineffective setting {path!s} = {old!s}.',
flags='python-brace-format',
)
STEP_REPLACE_INVALID_VALUE = _Commented(
comments='',
)(
context='Warning message',
single="""
Replacing invalid value {old!s} for key {path!s} with {new!s}.
""",
flags='python-brace-format',
)
V01_STYLE_CONFIG = _Commented(
comments='',
)(
context='Warning message :: Deprecation',
single=r"""
Using deprecated v0.1-style config file {old!r}, instead of
v0.2-style {new!r}. Support for v0.1-style config filenames
will be removed in v1.0.
""",
flags='python-brace-format',
)
V10_SUBCOMMAND_REQUIRED = _Commented(
comments=r"""
TRANSLATORS: This deprecation warning may be issued at any
level, i.e. we may actually be talking about subcommands, or
sub-subcommands, or sub-sub-subcommands, etc., which is what the
"here" is supposed to indicate.
""",
)(
context='Warning message :: Deprecation',
single="""
A subcommand will be required here in v1.0. See --help for
available subcommands. Defaulting to subcommand "vault".
""",
)
class ErrMsgTemplate(enum.Enum):
AGENT_REFUSED_LIST_KEYS = _Commented(
comments=r"""
TRANSLATORS: "loaded keys" being keys loaded into the agent.
""",
)(
context='Error message',
single="""
The SSH agent failed to or refused to supply a list of loaded keys.
""",
)
AGENT_REFUSED_SIGNATURE = _Commented(
comments=r"""
TRANSLATORS: The message to be signed is the vault UUID, but
there's no space to explain that here, so ideally the error
message does not go into detail.
""",
)(
context='Error message',
single="""
The SSH agent failed to or refused to issue a signature with the
selected key, necessary for deriving a service passphrase.
""",
)
CANNOT_CONNECT_TO_AGENT = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Error message',
single='Cannot connect to the SSH agent: {error!s}: {filename!r}.',
flags='python-brace-format',
)
CANNOT_DECODEIMPORT_VAULT_SETTINGS = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Error message',
single='Cannot import vault settings: cannot decode JSON: {error!s}.',
flags='python-brace-format',
)
CANNOT_EXPORT_VAULT_SETTINGS = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Error message',
single='Cannot export vault settings: {error!s}: {filename!r}.',
flags='python-brace-format',
)
CANNOT_IMPORT_VAULT_SETTINGS = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Error message',
single='Cannot import vault settings: {error!s}: {filename!r}.',
flags='python-brace-format',
)
CANNOT_LOAD_USER_CONFIG = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Error message',
single='Cannot load user config: {error!s}: {filename!r}.',
flags='python-brace-format',
)
CANNOT_LOAD_VAULT_SETTINGS = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Error message',
single='Cannot load vault settings: {error!s}: {filename!r}.',
flags='python-brace-format',
)
CANNOT_PARSE_AS_VAULT_CONFIG = _Commented(
comments=r"""
TRANSLATORS: Unlike the "Cannot load {path!r} as a {fmt!s} vault
configuration." message, *this* error message is emitted when we
have tried loading the path in each of our supported formats,
and failed. The user will thus see the above "Cannot load ..."
warning message potentially multiple times, and this error
message at the very bottom.
""",
)(
context='Error message',
single=r"""
Cannot parse {path!r} as a valid vault-native configuration
file/directory.
""",
flags='python-brace-format',
)
CANNOT_PARSE_AS_VAULT_CONFIG_OSERROR = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Error message',
single=r"""
Cannot parse {path!r} as a valid vault-native configuration
file/directory: {error!s}: {filename!r}.
""",
flags='python-brace-format',
)
CANNOT_STORE_VAULT_SETTINGS = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Error message',
single='Cannot store vault settings: {error!s}: {filename!r}.',
flags='python-brace-format',
)
CANNOT_UNDERSTAND_AGENT = _Commented(
comments=r"""
TRANSLATORS: This error message is used whenever we cannot make
any sense of a response from the SSH agent because the response
is ill-formed (truncated, improperly encoded, etc.) or otherwise
violates the communications protocol. Well-formed responses
that adhere to the protocol, even if they indicate that the
requested operation failed, are handled with a different error
message.
""",
)(
context='Error message',
single="""
Cannot understand the SSH agent's response because it violates
the communications protocol.
""",
)
CANNOT_UPDATE_SETTINGS_NO_SETTINGS = _Commented(
comments=r"""
TRANSLATORS: The settings_type metavar contains translations for
either "global settings" or "service-specific settings"; see the
CANNOT_UPDATE_SETTINGS_METAVAR_SETTINGS_TYPE_GLOBAL and
CANNOT_UPDATE_SETTINGS_METAVAR_SETTINGS_TYPE_SERVICE entries.
The first sentence will thus read either "Cannot update the
global settings without any given settings." or "Cannot update
the service-specific settings without any given settings.". You
may update this entry, and the two metavar entries, in any way
you see fit that achieves the desired translations of the first
sentence.
""",
)(
context='Error message',
single=r"""
Cannot update the {settings_type!s} without any given settings.
You must specify at least one of --lower, ..., --symbol, or
--phrase or --key.
""",
flags='python-brace-format',
)
INVALID_USER_CONFIG = _Commented(
comments=r"""
TRANSLATORS: "error" is supplied by the operating system
(errno/strerror).
""",
)(
context='Error message',
single=r"""
The user configuration file is invalid. {error!s}: {filename!r}.
""",
flags='python-brace-format',
)
INVALID_VAULT_CONFIG = _Commented(
comments=r"""
TRANSLATORS: This error message is a reaction to a validator
function saying *that* the configuration is not valid, but not
*how* it is not valid. The configuration file is principally
parsable, however.
""",
)(
context='Error message',
single='Invalid vault config: {config!r}.',
flags='python-brace-format',
)
MISSING_MODULE = _Commented(
comments='',
)(
context='Error message',
single='Cannot load the required Python module {module!r}.',
flags='python-brace-format',
)
NO_AF_UNIX = _Commented(
comments='',
)(
context='Error message',
single=r"""
Cannot connect to an SSH agent because this Python version does
not support UNIX domain sockets.
""",
)
NO_KEY_OR_PHRASE = _Commented(
comments='',
)(
context='Error message',
single=r"""
No passphrase or key was given in the configuration. In this
case, the --phrase or --key argument is required.
""",
)
NO_SSH_AGENT_FOUND = _Commented(
comments='',
)(
context='Error message',
single="""
Cannot find any running SSH agent because SSH_AUTH_SOCK is not set.
""",
)
NO_SUITABLE_SSH_KEYS = _Commented(
comments='',
)(
context='Error message',
single="""
The SSH agent contains no keys suitable for {PROG_NAME!s}.
""", # noqa: RUF027
flags='python-brace-format',
)
PARAMS_MUTUALLY_EXCLUSIVE = _Commented(
comments=r"""
TRANSLATORS: The params are long-form command-line option names.
Typical example: "--key is mutually exclusive with --phrase."
""",
)(
context='Error message',
single='{param1!s} is mutually exclusive with {param2!s}.',
flags='python-brace-format',
)
PARAMS_NEEDS_SERVICE_OR_CONFIG = _Commented(
comments=r"""
TRANSLATORS: The param is a long-form command-line option name,
the metavar is Label.VAULT_METAVAR_SERVICE.
""",
)(
context='Error message',
single='{param!s} requires a {service_metavar!s} or --config.',
flags='python-brace-format',
)
PARAMS_NEEDS_SERVICE = _Commented(
comments=r"""
TRANSLATORS: The param is a long-form command-line option name,
the metavar is Label.VAULT_METAVAR_SERVICE.
""",
)(
context='Error message',
single='{param!s} requires a {service_metavar!s}.',
flags='python-brace-format',
)
PARAMS_NO_SERVICE = _Commented(
comments=r"""
TRANSLATORS: The param is a long-form command-line option name,
the metavar is Label.VAULT_METAVAR_SERVICE.
""",
)(
context='Error message',
single='{param!s} does not take a {service_metavar!s} argument.',
flags='python-brace-format',
)
SERVICE_REQUIRED = _Commented(
comments=r"""
TRANSLATORS: The metavar is Label.VAULT_METAVAR_SERVICE.
""",
)(
context='Error message',
single='Deriving a passphrase requires a {service_metavar!s}.',
flags='python-brace-format',
)
SET_AND_UNSET_SAME_SETTING = _Commented(
comments=r"""
TRANSLATORS: The rephrasing "Attempted to unset and set the same
setting (--unset={setting!s} --{setting!s}=...) at the same
time." may or may not be more suitable as a basis for
translation instead.
""",
)(
context='Error message',
single='Attempted to unset and set --{setting!s} at the same time.',
flags='python-brace-format',
)
SSH_KEY_NOT_LOADED = _Commented(
comments='',
)(
context='Error message',
single='The requested SSH key is not loaded into the agent.',
)
USER_ABORTED_EDIT = _Commented(
comments=r"""
TRANSLATORS: The user requested to edit the notes for a service,
but aborted the request mid-editing.
""",
)(
context='Error message',
single='Not saving any new notes: the user aborted the request.',
)
USER_ABORTED_PASSPHRASE = _Commented(
comments=r"""
TRANSLATORS: The user was prompted for a master passphrase,
but aborted the request.
""",
)(
context='Error message',
single='No passphrase was given; the user aborted the request.',
)
USER_ABORTED_SSH_KEY_SELECTION = _Commented(
comments=r"""
TRANSLATORS: The user was prompted to select a master SSH key,
but aborted the request.
""",
)(
context='Error message',
single='No SSH key was selected; the user aborted the request.',
)
MsgTemplate: TypeAlias = Union[
Label,
DebugMsgTemplate,
InfoMsgTemplate,
WarnMsgTemplate,
ErrMsgTemplate,
]
MSG_TEMPLATE_CLASSES = (
Label,
DebugMsgTemplate,
InfoMsgTemplate,
WarnMsgTemplate,
ErrMsgTemplate,
)
DebugTranslations._load_cache() # noqa: SLF001
def _write_po_file( # noqa: C901
fileobj: TextIO,
/,
*,
is_template: bool = True,
version: str = __version__,
) -> None: # pragma: no cover
r"""Write a .po file to the given file object.
Assumes the file object is opened for writing and accepts string
inputs. The file will *not* be closed when writing is complete.
The file *must* be opened in UTF-8 encoding, lest the file will
declare an incorrect encoding.
This function crucially depends on all translatable strings
appearing in the enums of this module. Certain parts of the
.po header are hard-coded, as is the source filename.
""" # noqa: DOC501
entries: dict[str, dict[str, MsgTemplate]] = {}
for enum_class in MSG_TEMPLATE_CLASSES:
for member in enum_class.__members__.values():
value = cast('TranslatableString', member.value)
ctx = value.l10n_context
msg = value.singular
if (
msg in entries.setdefault(ctx, {})
and entries[ctx][msg] != member
):
raise AssertionError( # noqa: TRY003
f'Duplicate entry for ({ctx!r}, {msg!r}): ' # noqa: EM102
f'{entries[ctx][msg]!r} and {member!r}'
)
entries[ctx][msg] = member
build_time = datetime.datetime.now().astimezone()
if os.environ.get('SOURCE_DATE_EPOCH'):
try:
source_date_epoch = int(os.environ['SOURCE_DATE_EPOCH'])
except ValueError as exc:
err_msg = 'Cannot parse SOURCE_DATE_EPOCH'
raise RuntimeError(err_msg) from exc
else:
build_time = datetime.datetime.fromtimestamp(
source_date_epoch,
tz=datetime.timezone.utc,
)
if is_template:
header = (
inspect.cleandoc(rf"""
# English translation for {PROG_NAME!s}.
# Copyright (C) {build_time.strftime('%Y')} AUTHOR
# This file is distributed under the same license as {PROG_NAME!s}.
# AUTHOR <someone@example.com>, {build_time.strftime('%Y')}.
#
msgid ""
msgstr ""
""").removesuffix('\n')
+ '\n'
)
else:
header = (
inspect.cleandoc(rf"""
# English debug translation for {PROG_NAME!s}.
# Copyright (C) {build_time.strftime('%Y')} {__author__}
# This file is distributed under the same license as {PROG_NAME!s}.
#
msgid ""
msgstr ""
""").removesuffix('\n')
+ '\n'
)
fileobj.write(header)
po_info = {
'Project-Id-Version': f'{PROG_NAME} {version}',
'Report-Msgid-Bugs-To': 'software@the13thletter.info',
'PO-Revision-Date': build_time.strftime('%Y-%m-%d %H:%M%z'),
'MIME-Version': '1.0',
'Content-Type': 'text/plain; charset=UTF-8',
'Content-Transfer-Encoding': '8bit',
'Plural-Forms': 'nplurals=2; plural=(n != 1);',
}
if is_template:
po_info.update({
'POT-Creation-Date': build_time.strftime('%Y-%m-%d %H:%M%z'),
'Last-Translator': 'AUTHOR <someone@example.com>',
'Language': 'en',
'Language-Team': 'English',
})
else:
po_info.update({
'Last-Translator': __author__,
'Language': 'en_DEBUG',
'Language-Team': 'English',
})
print(*_format_po_info(po_info), sep='\n', end='\n', file=fileobj)
for _ctx, subdict in sorted(entries.items()):
for _msg, enum_value in sorted(
subdict.items(),
key=lambda kv: str(kv[1]),
):
value = cast('TranslatableString', enum_value.value)
value2 = value.maybe_without_filename()
fileobj.writelines(
_format_po_entry(
enum_value, is_debug_translation=not is_template
)
)
if value != value2:
fileobj.writelines(
_format_po_entry(
enum_value,
is_debug_translation=not is_template,
transformed_string=value2,
)
)
def _format_po_info(
data: Mapping[str, Any],
/,
) -> Iterator[str]: # pragma: no cover
sortorder = [
'project-id-version',
'report-msgid-bugs-to',
'pot-creation-date',
'po-revision-date',
'last-translator',
'language',
'language-team',
'mime-version',
'content-type',
'content-transfer-encoding',
'plural-forms',
]
def _sort_position(s: str, /) -> int:
n = len(sortorder)
for i, x in enumerate(sortorder):
if s.lower().rstrip(':') == x:
return i
return n
for key in sorted(data.keys(), key=_sort_position):
value = data[key]
line = f"{key}: {value}\n"
yield _cstr(line)
def _format_po_entry(
enum_value: MsgTemplate,
/,
*,
is_debug_translation: bool = False,
transformed_string: TranslatableString | None = None,
) -> tuple[str, ...]: # pragma: no cover
ret: list[str] = ['\n']
ts = transformed_string or cast('TranslatableString', enum_value.value)
if ts.translator_comments:
comments = ts.translator_comments.splitlines(False) # noqa: FBT003
comments.extend(['', f'Message-ID: {enum_value}'])
else:
comments = [f'TRANSLATORS: Message-ID: {enum_value}']
ret.extend(f'#. {line}\n' for line in comments)
if ts.flags:
ret.append(f'#, {", ".join(sorted(ts.flags))}\n')
if ts.l10n_context:
ret.append(f'msgctxt {_cstr(ts.l10n_context)}\n')
ret.append(f'msgid {_cstr(ts.singular)}\n')
if ts.plural:
ret.append(f'msgid_plural {_cstr(ts.plural)}\n')
value = (
DebugTranslations().pgettext(ts.l10n_context, ts.singular)
if is_debug_translation
else ''
)
ret.append(f'msgstr {_cstr(value)}\n')
return tuple(ret)
def _cstr(s: str) -> str: # pragma: no cover
def escape(string: str) -> str:
return string.translate({
0: r'\000',
1: r'\001',
2: r'\002',
3: r'\003',
4: r'\004',
5: r'\005',
6: r'\006',
7: r'\007',
8: r'\b',
9: r'\t',
10: r'\n',
11: r'\013',
12: r'\f',
13: r'\r',
14: r'\016',
15: r'\017',
ord('"'): r'\"',
ord('\\'): r'\\',
127: r'\177',
})
return '\n'.join(
f'"{escape(line)}"'
for line in s.splitlines(True) or [''] # noqa: FBT003
)
if __name__ == '__main__':
import argparse
ap = argparse.ArgumentParser()
ex = ap.add_mutually_exclusive_group()
ex.add_argument(
'--template',
action='store_true',
dest='is_template',
default=True,
help='Generate a template file (default)',
)
ex.add_argument(
'--debug-translation',
action='store_false',
dest='is_template',
default=True,
help='Generate a "debug" translation file',
)
ap.add_argument(
'--set-version',
action='store',
dest='version',
default=__version__,
help='Override declared software version',
)
args = ap.parse_args()
_write_po_file(
sys.stdout,
version=args.version,
is_template=args.is_template,
)