IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Make a specific connection between "both" and "universal", so that the
user has an easier time to infer, that with choosing "universal" both
encryption purposes are added.
Use `sq_cli:🔑:CipherSuite::as_ciphersuite()` in `sq key` subcommand
to derive a valid `openpgp::cert::CipherSuite` from a variant of
`sq_cli:🔑:CipherSuite`.
- Change the behavior of the `sq certify`, `sq key generate` and `sq
link add` subcommands to rely on a single `--expiry` input argument
(same as `sq key subkey generate`), which replaces `--expires` and
`--expires-in`. This allows to directly parse a specific ISO 8601
timestamp, a custom duration or `"never"` and create a verified data
type that can be used further.
- Use `Expiry::as_duration()` in `sq certify` and `sq key`
subcommands to calculate the validity (duration until expiration) of
certifications and keys.
- Add the constants `KEY_VALIDITY_IN_YEARS` and
`THIRD_PARTY_CERTIFICATION_VALIDITY_IN_YEARS` to `sq_cli` to allow
centralized modifications of the default validity duration of keys and
certifications (in years).
- Add the constants `KEY_VALIDITY_DURATION` and
`THIRD_PARTY_CERTIFICATION_VALIDITY_DURATION` to provide
the default `Duration` for keys/subkeys and third party
certifications (based on `KEY_VALIDITY_IN_YEARS` and
`THIRD_PARTY_CERTIFICATION_VALIDITY_IN_YEARS`).
- Add `sq key subkey add` to allow to add a newly generated `SubKey` to
an existing key.
- Add `sq_cli::types::Expiry` to allow providing expiry with a
single `--expiry` input argument, that covers providing an ISO 8601
timestamp, a custom duration and "never".
- Add impl block for `sq_cli:🔑:CipherSuite` to allow returning a
`sequoia_openpgp::cert::CipherSuite`.
Move the constants `SECONDS_IN_DAY` and `SECONDS_IN_YEAR` to the CLI
module so that they can be used there and export them in the top-level
module agaian so that they can be used elsewhere as well.
Move the code for `adopt`, `attest-certifications`, `extract-cert`,
`generate`, `password` and `userid` subcommands to their respective
own modules.
This separates the various features from one another and makes adding
new features less unwieldy.
* Changes in 0.30.1
* Notable changes
- The `crypto-botan` feature now selects Botan's v3 interface. Use
the new `crypto-botan2` feature to continue using Botan's v2
interface.
* Notable fixes
- Several parser bugs were fixed in sequoia-openpgp 1.16.0 and
buffered-reader 1.2.0. These are all low-severity as Rust
correctly detects the out of bounds access and panics. Update
Cargo.lock to make sure we use these versions.
- sequoia-openpgp 1.16 changed `sequoia-openpgp/crypto-botan` to
build against Botan's v3 interface, and exposed
`sequoia-openpgp/crypto-botan2` to build against the v2 interface.
- Do the same. Add a `crypto-botan2` feature to allow the user to
build against Botan's v2 interface.
- Add `deny.toml` for `cargo deny` with advisory error for `RUSTSEC-
2020-0071` disabled as it does not affect chrono (or us for that
matter).
Allow multiple versions as there is not much we can do about those
anyways and it clutters the output immensely.
Add all currently used licenses to allow list.
Deny the use of `ring` as it does not have a responsible disclosure
policy: https://github.com/briansmith/ring#bug-reporting
- Run `cargo deny` as further `test` step in GitLab CI, so that it is
among the last things that may fail in a merge request.
Installing sq from crates.io (cargo install sequoia-sq) was broken by a
semver-compatible change in Tera. Running cargo test uses the lockfile
and isn't affected.
This has the side benefit of reducing dependency bloat, the baseline
depends on check/build/build --release but in the case of a non-release
build the dependency count goes from 403 to 315.
Fixes#2.
The subplot/tera issue was likely triggered by this change in tera
1.18: <https://github.com/Keats/tera/pull/799>.
- Add the top-level option `--pep-cert-store` and the environment
variable `PEP_CERT_STORE`, which allow users to use pEp
certificate stores.
- By default, no pEp certificate store is used. Users can however
put `export PEP_CERT_STORE=$HOME/.pEp` in their `.bashrc` file, for
instance, to turn it on.
- `clap_mangen` generates the man pages directly from `Clap`, and is
the successor to `manpage-maker`.
- Use it, and delete the checked-in (and stale) man pages.
- When `--time` is not specified, we set `config.time` to
`SystemTime::now()`.
- `SystemTime::now()` has subsecond resolution, and a different
range from OpenPGP timestamps. Lossily round trip it via
`openpgp::types::Timestamp` to adjust the resolution, and to make
sure the current time is valid in an OpenPGP context.
- Add an option to `sq link add`, `--temporary`, to temporarily
accept a binding.
- This creates a fully trusted certification that expires after a
week, and a second certification that is one second older, which
doesn't expire, but is only partially trusted (trust amount = 40)
so that the user remembers this decision.
- When checking whether two signatures are the same, we forgot to
mark the signatures as being different when the expiration times
are different. Do it.
- If the user doesn't specify any User IDs, don't link all
self-signed User IDs. Print out the self-signed User IDs and prompt
the user to specify `--all` or just the ones they want to link.