for #811: allow some perm warnings in non-verbose mode (#825)

2 years ago · 084a5256e1
parent 80ccb425c5
commit 084a5256e1
5 changed files with 8 additions and 10 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -7,7 +7,7 @@
 - Adds `SECRETS_GPG_ARMOR` env variable to use `gpg --armor`
  when encrypting files, so secret files are stored
  in text format rather than binary (#631)
- Suppress fewer permission warnings from gnupg in verbose mode (#811)
+- Allow gnupg permission warnings in `tell`, `hide`, `reveal`, and `removeperson` (#811)
 - `git secret init` now sets `.gitsecret/keys` permission to 0700 (#811)

 ### Bugfixes
--- a/src/_utils/_git_secret_tools.sh
+++ b/src/_utils/_git_secret_tools.sh
@ -806,7 +806,8 @@ function _decrypt {
  fi

  if [[ -z "$_SECRETS_VERBOSE" ]]; then
-    args+=( "--quiet" "--no-permission-warning" )
+    # we no longer use --no-permission-warning here, for #811
+    args+=( "--quiet" )
  fi

  set +e   # disable 'set -e' so we can capture exit_code
--- a/src/commands/git_secret_hide.sh
+++ b/src/commands/git_secret_hide.sh
@ -174,9 +174,7 @@ function hide {
          args+=( '--armor' )
        fi

-        if [[ -n "$_SECRETS_VERBOSE" ]]; then
-            args+=( '--no-permission-warning' )
-        fi
+        # we no longer use --no-permission-warning here in non-verbose mode, for #811

        # we depend on $recipients being split on whitespace
        # shellcheck disable=SC2206
--- a/src/commands/git_secret_removeperson.sh
+++ b/src/commands/git_secret_removeperson.sh
@ -31,9 +31,7 @@ function removeperson {
  _assert_keyring_contains_emails_at_least_once "$secrets_dir_keys" "git-secret keyring" "${emails[@]}"

  local args=( --homedir "$secrets_dir_keys" --batch --yes )
-  if [[ -n "$_SECRETS_VERBOSE" ]]; then
-    args+=( '--no-permission-warning' )
-  fi
+  # we no longer use --no-permission-warning here in non-verbose mode, for #811

  for email in "${emails[@]}"; do
    # see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs for info about 3>&-
--- a/src/commands/git_secret_tell.sh
+++ b/src/commands/git_secret_tell.sh
@ -86,8 +86,9 @@ function tell {
      $SECRETS_GPG_COMMAND --export -a "$email" > "$keyfile" 3>&-
      exit_code=$?
    else
-      # It means that homedir is set as an extra argument via `-d`:
-      $SECRETS_GPG_COMMAND --no-permission-warning --homedir="$homedir" \
+      # This means that homedir is set as an extra argument via `-d`:
+      # we no longer use --no-permission-warning here, for #811
+      $SECRETS_GPG_COMMAND --homedir="$homedir" \
        --export -a "$email" > "$keyfile" 3>&-
      exit_code=$?
    fi