Hey, On 2013-12-07 21:20:42 +0000, Matthew King wrote: > I feel really bad about writing a new version of pass, but I just kept on > hacking and it sort of happened. I emailed Jason before uploading this to > github but I got bored and hacked on it some more so I feel like I > shouldn't keep it to myself any more as I've not heard back from him.
I wouldn't feel bad about it, as long as you attribute correctly. Jason seems to reply sporadically even on this list, I wouldn't read into it too much. I certainly have patches still waiting from months ago due to that. > It takes basically the same filesystem structure as pass (the gpg key is > now stored in .keyids) and the command-line interface should be compatible, > but it changes the gpg interaction to add new features: > > Multiple destination keys. The keys to encrypt to can be set on a > (recursively) per-directory and per-password level, and on the command-line. Yay. > Thorough audit trail (optional). No idea what this means, but if it's just attributing changes, why not just do it through git? > Signable passwords (still quite hacky and entirely unused). "Signable"? If you're referring to having it signed by PGP, that already happens implicitly as part of the encryption process. > Git made entirely optional. Ouch. > Splittable into API and CLI. In my opinion, overengineering. > Insert/get/edit/delete multiple keys in one invocation. Yay. > Pretty-print output. If each password requested is a YAML document, > multiple passwords are returned as a YAML stream. Ouch. > With all that, however, it is a far less tested and documented project > (it's less than a week old), there are features I have yet to implement > (especially portability), and I have already noticed more bugs pass has > already fixed. I'm definitely not recommending people use another-pass > until it is more thoroughly vetted, but perhaps as a proof-of-concept. I see a lot of wordsplitting bugs which should be easy to fix. If you're not sure when it's appropriate to quote, you should probably be doing it all the time. > Thanks, and sorry! I'm not sure why you're so apologetic :-)
pgpPmr8SRiTNZ.pgp
Description: PGP signature
_______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
