IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Installing sq from crates.io (cargo install sequoia-sq) was broken by a
semver-compatible change in Tera. Running cargo test uses the lockfile
and isn't affected.
This has the side benefit of reducing dependency bloat, the baseline
depends on check/build/build --release but in the case of a non-release
build the dependency count goes from 403 to 315.
Fixes#2.
The subplot/tera issue was likely triggered by this change in tera
1.18: <https://github.com/Keats/tera/pull/799>.
- Add the top-level option `--pep-cert-store` and the environment
variable `PEP_CERT_STORE`, which allow users to use pEp
certificate stores.
- By default, no pEp certificate store is used. Users can however
put `export PEP_CERT_STORE=$HOME/.pEp` in their `.bashrc` file, for
instance, to turn it on.
- `clap_mangen` generates the man pages directly from `Clap`, and is
the successor to `manpage-maker`.
- Use it, and delete the checked-in (and stale) man pages.
- When `--time` is not specified, we set `config.time` to
`SystemTime::now()`.
- `SystemTime::now()` has subsecond resolution, and a different
range from OpenPGP timestamps. Lossily round trip it via
`openpgp::types::Timestamp` to adjust the resolution, and to make
sure the current time is valid in an OpenPGP context.
- Add an option to `sq link add`, `--temporary`, to temporarily
accept a binding.
- This creates a fully trusted certification that expires after a
week, and a second certification that is one second older, which
doesn't expire, but is only partially trusted (trust amount = 40)
so that the user remembers this decision.
- When checking whether two signatures are the same, we forgot to
mark the signatures as being different when the expiration times
are different. Do it.
- If the user doesn't specify any User IDs, don't link all
self-signed User IDs. Print out the self-signed User IDs and prompt
the user to specify `--all` or just the ones they want to link.
- When importing a certificate downloaded from a known verifying
keyserver, a WKD or DANE, we certify the User IDs that the server
(probably) authenticated.
- If we download the certificate again from the same source, don't
create another certification. That's just redundant.
- When importing a certificate into the certificate store from a
verifying keyserver (via `sq keyserver get`), WKD (via `sq wkd
get`), or DANE (via `sq dane get`), certify the User IDs that the
service checks (for verifying keyservers: all; for WKD and DANE:
the User IDs with the email that was looked up).
- Have a per-service key to do the certifications (one for
keys.openpgp.org, one for keys.mailvelope.com, one for WKD, etc).
- Make the per-service certificates minimally trusted (trust amount:
1 of 120) CAs by certifying them with the local trust root.
- Add the `sq wot` subcommand, to expose web of trust functionality.
- This is just an import of the `sq-wot` CLI as `sq wot`. The
support for using the `gpg` keyring and gpg's ownertrust, however,
is removed.
- Add a new top-level option, `--keyring`, which allows users to
specify additional keyrings to search.
- When a lookup is performed, all keyrings are searched in addition
to any certificate store, and the results are merged.
- Keyrings are read only.
- When verifying a signature using `sq verify`, and a signer is not
specified using `--signer-cert`, try and authenticate them using the
web of trust using the configured certificate store.
- If we can fully authenticate a signer, consider the signature to
have been authenticated by that signer.
- Extend `sq encrypt` with the `--recipient-email` and
`--recipient-userid` arguments to allow the caller to designate a
certificate by email address or User ID, respectively. An email
address or User ID is considered to designate a certificate, if
the binding between the email address or User ID and the
certificate can be authenticated using the web of trust.
- Add support for the web of trust using the `sequoia-wot` crate.
- Add a top-level option, `--trust-root`, to allow the user to
specify trust roots.
- Add a top-level, global option `--time` to set the reference time.
- Remove subcommand's `--time` argument and use this instead.
Remove `sq key generate`'s `--creation-time` argument `sq key user
id`'s `--creation-time` argument and use this argument instead.
- Enable the `env` feature for the clap build dependency, not just
the normal dependency.
- Disable more rustdoc lints.
- Explicitly convert a `StyledStr` to a `String`.
- `ArgEnum` and `arg_enum` are now called `ValueEnum` and
`value_enum`, respectively.
- Clap 4 is stricter about how arguments are designated: in argument
groups and conflicts, they have to be designated using the field
name, not the long option name.
- `clap::AppSettings::DeriveDisplayOrder` has been removed and is
now the default.
- `parse(from_occurrences)` is deprecated in favor of `action =
Count`, which takes a `u8`, not a `usize`.
- `Command` no longer takes a lifetime.