IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- Commands like `sq pki vouch certify` allow designating a user ID
by email address. Currently, if multiple self-signed user IDs
include the specified email address, all are used. Change the
semantics of `--email` and --add-email` to only match
unambiguously.
- Fixes#309.
- `sq pki link add`, `sq pki link authorize`, `sq pki vouch
certify`, and `sq pki vouch authorize` have a `--add-userid` flag.
- Replace the `--add-userid` flag with an `--add-userid` argument,
and an `--add-email` argument.
- This change means that a flag does not change how an argument is
interpreted. It also makes it more explicit whether a user ID
should be added, because `--userid` and `--email` could be given
multiple times.
- See #309 and #318.
- `active_certifications` returns what user IDs match. Sometimes it
is useful to preserve additional details.
- This can be fixed by changing `active_certifications` to take
something that implements `AsRef<UserID>` instead of taking
`UserID`s directly. Unfortunately, we can't use the standard
`AsRef` trait, because `UserID` doesn't implement `AsRef`, and due
to the orphan rule, we change implement it ourselves. As thus,
introduce a local copy of `AsRef` and use that instead.
- When `sq pki authenticate` fails, it is helpful to see as much
details as possible. As such, include `--show-paths` when calling
`sq pki authenticate`. `--show-paths` shows more information, but
doesn't change the command's behavior.
- Replace the flag `sq --no-cert-store` with `sq
--cert-store=none`.
- Replace the flag `sq --no-key-store` with `sq --key-store=none`.
- Similarly, `sq --home=none` disables all state, unless explicitly
re-enabled using `--cert-store` or `--key-store`.
- Fixes#427.
- The flag `sq sign --detached` is now called `sq sign
--signature-file`.
- The flag `sq sign --clearsign` is now called `sq sign
--cleartext`.
- Both `sq sign` and `sq verify` now require an explicit mode,
one of `--signature-file`, `--message`, or `--cleartext`.
- Fixes#430.
- When `sq key list` is passed a filter, it only shows
certificates that it can authenticate. (When it is passed
nothing, it shows all certificates with secret key material.)
- Don't require certificates to be authenticated.
- Fixes#293.
- Add a DWIM search parameter to `sq key list`. If the pattern
appears to be a fingerprint or key ID, treat it as if it were passed
to `--cert` and match on the certificate's fingerprint. Otherwise,
treat it as if it were passed via `--grep`, and match on user IDs.
- This aligns `sq key list` with `sq cert list`.
- See #293.
- Previously, the signers cert designators added to the set of certs
in the store, and marked them as trusted.
- Change this so that only the designated certs are used to verify
the signatures, and they are marked as trusted. This allows
useful semantics like requiring a signature from a set of
explicitly provided signers.
- If no signers are designated, the cert store is consulted.
- Fixes#248.
- We want a top-level `help` subcommand, but we don't want
subcommand groups (like `sq pki`) to have a `help` subcommand.
Users get used to being able to use `help` instead of `--help`,
and then are confused when `sq pki authenticate help` (i.e., using
the `help` subcommand on an action) doesn't work.
- Fixes#418.
- Add a new argument, `--cli-version`, which the user can use to
request a particular semver-compatible version of the CLI.
- This enables breaking changes to the CLI, and enables `sq` to
support multiple CLI versions.
- Fixes#75.
- The progress bar changes the terminal.
- If `--batch` is specified, `sq` is probably running from a script,
and we shouldn't change the terminal.
- Fixes#395.
- When decrypting a message using `sq decrypt`, `sq` shows what
symmetric and compression algorithms it used when processing the
message.
- Also show what certificate was used to decrypt the session key.
- Fixes#400.
- `sq key subkey export` currently takes a list of keys to export.
This is ambiguous if a key is associated with multiple certificates.
- Add a new required parameter, `--cert`, which specifies what
certificate to export. The specified keys must be attached to that
certificate under the NULL policy.
- This change means that `sq key subkey export` can only export a
single certificate at a time.
- As the implementations of `sq key export` and `sq key subkey
export` have diverged, don't try to consolidate them any more.
- Fixes#386.
