pass-git-helper icon indicating copy to clipboard operation
pass-git-helper copied to clipboard

Published 20 hours ago verified publisher icon languitar

Since version 1.5.0, implementation is tied to the way pass stores the passwords

Open gautaz opened this issue 1 year ago • 2 comments

Hello,

This may seem a bit out of the scope of the original goal pass-git-helper was designed for. I am using passage instead of pass to manage my secrets. passage is entirely compatible with the pass CLI (see #193).

Since version 1.5.0, pass-git-helper checks directly the existence of the password file by digging in the pass password store.

I understand the necessity to know if a secret is available before using it and, from my experiments, the current solution was most certainly chosen because the pass CLI did not provide an obvious way to distinguish a password directory from a password file.

Nevertheless it seems that a CLI based fix for this issue would be more future proof:

  • it would still work if tomorrow pass decides to store its password database differently
  • it would also avoid the incompatibility with passage (sorry, preaching for my own parish here :slightly_smiling_face:)

The only way to implement this cleanly would be to ask the pass project (and passage) to provide a CLI way to distinguish password directories from password files but this will take time.

Meanwhile I am wondering if using the command pass show --clip as a way to distinguish directories from files would be an alternative to the current fix implemented in version 1.5.0.

In fact both pass show --clip <PATH> and passage show --clip <PATH> display:

  • Copied <PATH> to clipboard. Will clear in 45 seconds. when PATH points to password file
  • <PATH> and the directory hierarchy when PATH points to a password directory

@languitar I would totally understand if the answer is no as it is an additional burden that you would have to lift. If I can provide some help, please do tell me, I can for instance open issues on both pass and passage projects for a long term fix or help implementing the temporary solution.

gautaz avatar May 15 '24 10:05 gautaz

I am closing this issue as it does not seem to ring a bell outside of my backyard :-). I will probably need to find another solution to fulfill my needs related to git passwords. Please feel free to reopen if needed.

gautaz avatar Jun 17 '24 14:06 gautaz

Sorry, the request makes total sense and I was not aware that the checks broke this usage, nor that someone uses pass-git-helper with other pass back ends. I just didn't have the time yet to look at it.

languitar avatar Jun 17 '24 18:06 languitar

Just to add my two cents (even if it is a few months later), I also use a different backend/implementation actually. I use a pass wrapper that lets me choose between different git branches I have in my password store, and just now noticed it also broke on my side 🙃 Wich makes sens since my wrapper is not called to switch branches before the helper checks if the file exists.

NDagestad avatar Aug 23 '24 09:08 NDagestad

I think with this impact, it's best to revert #372. It doesn't look trivial to implement that feature with proper support for all pass lookalikes and it only shields against configuration problems.

@ktetzlaff sorry for reverting your work!

languitar avatar Sep 01 '24 20:09 languitar

Hello @languitar, my apologies if I seem a bit too pushy. Will this be released anytime soon?

gautaz avatar Sep 23 '24 09:09 gautaz

Oops, that should have been released automatically. I have to check what failed there.

languitar avatar Sep 23 '24 11:09 languitar

Found the issue. A new release is out now.

languitar avatar Sep 24 '24 20:09 languitar

Thanks a lot @languitar for the follow-up, have a nice day!

gautaz avatar Sep 25 '24 12:09 gautaz