- Fix typo, remove temp directory in utils/tests.sh (#347)
- Update git-secret.io, fix utils/gh-branch.sh to use 'git all --add' (#344)
- Change 'init' to never ignore .secret files (#362)
- Spelling fixes
## Version 0.2.5
@ -71,7 +72,7 @@
- Now installation section is removed from main `man` file (#70)
- Now "See also" sections in the `man` pages are clickable (#69)
- Added "Manual" section to the manuals (#61)
- Added `centos` container for `ci` testing (#38)
- Added `CentOS` container for `ci` testing (#38)
- Tests are refactored. Added `clean` command tests, removed a lot of hard-coded things, moved tests execution from `./temp` folder to `/tmp`, added a lot of new check in old tests, and some new test cases (#52)
- Refactored `hide` and `clean` commands to be shorter
@ -119,7 +119,7 @@ Releases to `brew` are made manually.
### Downstream Packages
There are several distibutions and packaging systems that may already have git-secret packaged for your distribution (although sometimes their versions are not the most current, and we recommend all users upgrade to 0.2.5 or above).
There are several distributions and packaging systems that may already have git-secret packaged for your distribution (although sometimes their versions are not the most current, and we recommend all users upgrade to 0.2.5 or above).
### Notes to Downstream Packagers (Those who make packages for specific OSes/distributions)
@ -22,11 +22,11 @@ A new internal public key storage format that avoids forwards compatibility issu
## Motivation
GPG maintains backwards compatibility but not forwards compatibility. Running a new GPG version can and will upgrade the keyring storage files in a way that is not recognised by older versions of GPG. This is not normally a problem for typical GPG usage. Users will upgrade and rarely downgrade. It is a problem for git-secret as the keyring storage is committed to git and shared between users. Someone using an older version of GPG can no longer open the upgraded keyring file.
GPG maintains backwards compatibility but not forwards compatibility. Running a new GPG version can and will upgrade the keyring storage files in a way that is not recognized by older versions of GPG. This is not normally a problem for typical GPG usage. Users will upgrade and rarely downgrade. It is a problem for git-secret as the keyring storage is committed to git and shared between users. Someone using an older version of GPG can no longer open the upgraded keyring file.
## Approach
git-secret will move away from using the keyring format as shared storage of public keys. Instead, it will store public keys as exported keys in ASCII armor format. The public key export format is stable and forwards compatible. GPG users will typically be running different GPG or PGP versions and are able to exchange keys successfully. Bugs that effect git-secret's ability to use exported public keys will likey affect typical GPG key exchange usage. Such bugs are likely to be caught and fixed by the wider opensource community.
git-secret will move away from using the keyring format as shared storage of public keys. Instead, it will store public keys as exported keys in ASCII armor format. The public key export format is stable and forwards compatible. GPG users will typically be running different GPG or PGP versions and are able to exchange keys successfully. Bugs that effect git-secret's ability to use exported public keys will likely affect typical GPG key exchange usage. Such bugs are likely to be caught and fixed by the wider opensource community.
git-secret may need to store and process meta-data about keys to make it efficient to work with keys that are stored within individual files. It will use the machine-readable ["colon listings format"](https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob_plain;f=doc/DETAILS) for this purpose.
@ -34,9 +34,9 @@ It is anticipated that `bash` and `gawk` will be sufficient to work efficiently
## Design
The new storage format will be implimented as follows:
The new storage format will be implemented as follows:
1. Keys will be stored in `~/.gitsecret/keys` in `gpg --armor --export` format. The use of ASCII armour rather than binary format is to make debugging of key related issues easier. The filename of the key will be `<keyid>.pub.gpg` (using Field 5 the "64-bit keyid" of the colon listings format)
1. Keys will be stored in `~/.gitsecret/keys` in `gpg --armor --export` format. The use of ASCII armor rather than binary format is to make debugging of key related issues easier. The filename of the key will be `<keyid>.pub.gpg` (using Field 5 the "64-bit keyid" of the colon listings format)
1. Key meta data will be stored alongside the key file in the `gpg --keyid-format long --with-colons` format. The file name will be `<keyid>.pub.cln`
1. A folder `~/.gitsecret/cache` will be added to `.gitignore`. At this location, a public keyring will be maintained on a per user bases and won't be shared between users. This is simply a "keyring cache" of the keys used to encrypt files.
@ -108,9 +108,9 @@ A new command git-secret-migrate will:
Backwards compatibility will the old keyring storage approach will be maintained as follows:
1. For each changed command a guard will be added that checks for the existance of `.gitsecret/cache`.
1. For each changed command a guard will be added that checks for the existence of `.gitsecret/cache`.
1. If the folder exists it proceeds as normal.
1. If it does not exist it will report that the repo was initialised by an older version of git-secret and tell the user to run git-secret-migrate
1. If it does not exist it will report that the repo was initialized by an older version of git-secret and tell the user to run git-secret-migrate
Forwards compatibility with older versions of git-secret will be maintained as follows.