keepass-diff
keepass-diff copied to clipboard
Narigo
Integrate with `git diff`
Hi there, great tool thanks for the effort you put into it!
Have you considered integrating with git as an external diff driver? With the following config…
# .gitconfig
[diff "keepass-diff"]
command = keepass-diff --git # or something similar
# .gitattributes
*.kdbx diff=keepass-diff
…git would then call keepass-diff with 7 arguments when diffing .kdbx files.
Here's my current workaround:
# .gitconfig
[diff "keepass-diff"]
command = "keepass_diff_wrapper () { keepass-diff $2 $5 --same-password --verbose; }; echo Password for both files:; keepass_diff_wrapper"
There may also be a better way to handle passwords.
Hi @ndrpnt and thanks for the input!
No, I didn't even know that this was possible! Cool idea! I have to admit though that integrating this into git seems a bit out of scope to me. If you have a blog or similar where you post this idea, we could add an Examples, Extras and Additions section to the Readme which collects links to posts like this (starting with yours obviously :)). Is that something you'd like to do?
I don't have a blog but feel free to add the config snippets in the README. It can probably be cleaned up, but I'm not familiar enough with git
This would be a really useful feature to see for us, too. I would even be willing to submit a PR for this @Narigo, if it's something you'd consider accepting.
Hi @michielboekhoff I would be happy to accept a PR adding this to the documentation! 👍
Apologies, @Narigo - I was more thinking along the lines of opening a PR to support e.g. a --git flag directly.
Oh, I think I finally understand the initial request now...! 😬
So creating a --git flag means it will look for 7 additional arguments and basically it ignores most of them? Would it ask for one password or both? Or are you expected to input both? Or should it try with only one password and then ask for a second one and try out the possible combinations? 😅
In general, I'm in favor of a PR for the --git flag then. It would be good to define how it works then first though
I had a slightly different proposal, if you're open to it.
I'm not normally a fan of having a flag that changes the arguments the program receives; I suggest we might have an optional (as in, if you don't call keepass-diff with a sub-command, it defaults to the "regular" operation; mainly to preserve backwards-compat) sub-command (keepass-diff git <7 args provided by git>).
When the keepass-diff git command is run, I'd rather it just prompt the user then and there for a password; you could even go so far as to make a nicer prompt by using something such as crossterm or Cursive. Then for the second password prompt, leaving it blank means it defaults to the same password - though I'm not sure about that.
What do you think to that?
I used the following config in my repo's .git/config:
[diff "keepass-diff"]
command = "keepass_diff_wrapper () { echo \"keepass-diff $2 $5\n--- $2\n+++ $5\"; keepass-diff $2 $5 --keyfiles '<PATH_TO_KEYFILE>' --passwords '<PASSWORD_HERE>' --verbose; }; keepass_diff_wrapper"
There is only one keepass file in there, but I believe the proper solution to avoid password prompts is to add multiple commands for different diff configurations each with their own password. I also added a small header print in hopes of getting delta to parse it, but the one given above doesn't exactly help. It does make the raw diff more readable, however, when multiple files are involved.
@FichteFoll - the only concern I have with that is having plaintext passwords floating around. We can take that approach though as it would be easier.