IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- When updating a WKD in `sq network wkd generate`, if a certificate
is not changed, don't insert it.
- If no certificates changed, and none were inserted, then don't
bother copying the WKD back.
- Change `sq network wkd publish` to indicate which certificates are
updated, which ones are unchanged, and which ones are new.
- Note: the messages can be suppressed with `--quiet`.
- When writing to a file or stdout, add a hint at the beginning of
the output that the user can edit the file with an editor, and
then recombine the result using `sq packet join`.
- Change `sq packet split` to not require `output` or `prefix`, but
to write to `stdout` by default.
- This is closer to the behavior of other commands.
- Require the caller to indicate what they are waiting for, and
include that in the warning.
- For instance, `sq decrypt` now says "Waiting for an encrypted
message on stdin..."
- Previously, we limited the width to 100 characters in an effort to
improve readability. Arguably, that is interfering with the
wishes of the users that use wider terminals.
- The alternative is to structure the human-readable output in such
a way that overly long lines do not occur, but when they do occur,
they can be displayed as is.
- See #443.
- `sq key list` prefers to show authenticated, and self-signed user
IDs. If there are none, it says "no user IDs," which is not very
helpful. In this case, prefer self-signed user IDs that are valid
under the NULL policy. Note: these will still show up as
unauthenticated.
- Currently, `sq key list` only displays a single best user ID for
each certificate.
- Instead, display all user IDs that can be authenticated, or are
self-signed. Also indicate the degree to which they can be
authenticated, and whether the user ID has been revoked.
- Fixes#360.
- Certificates designated by the use should be looked up using
`Sq::resolve_cert`, and not `Sq::lookup_one`, which also considers
subkeys.
- Change `sq pki path` to use `Sq::resolve_cert`.
- Fixes#207.
- Change `sq key approvals list` and `sq key approvals update` to
ignore certifications that are not exportable, and certificates
that are not exportable, or are a shadow CA.
- Fixes#402.
- `sq cert list FINGERPRINT` does not show the certificate if the
certificate could not be authenticated. Since the user is
searching by fingerprint, which is self authenticating, we don't
run the risk of showing something irrelevant. As such, always
show the certificate in this case.
- Fixes#408.
- Rearrange the order of the user ID designators arguments so that
the help output is easier to scan. Specifically, move
`--userid-or-add` immediately after `--userid`, `--email-or-add`
immediately after `--email`, and `--name-or-add` immediately after
`--name`.
- Rename `--add-userid` to `--userid-or-add`, `--add-email` to
`--email-or-add`, and `--add-name` to `--name-or-add`. The new
names better reflect the semantics: we first try to select a user
ID based on the designator, and then fall back to adding it as it.
- Currently, we execute all examples. Unfortunately, some examples
can't be executed reliably, e.g., those that require network access.
- Add a new example variant that is only syntax checked.
- Fixes#423.
- Add some examples for `sq network search`.
- The implementation of `sq cert list` tried to parse the
pattern. To do so, it relied on type inference to determine how
to parse it. The type was inferred from the type of the `cert`
parameter to `authenticate`. In
2e17dec9ad, the type of the `cert`
parameter changed from `KeyHandle` to `Cert`. `Cert` has a
`Parse` implementation so the type system didn't detect anything
wrong. However, we were now trying to parse the pattern as a
`Cert` instead of a `KeyHandle`, which would fail for key handles.
- Fix it, and add some tests for `sq cert list`.
- When `sq key approvals list` is used to list approvals, indicate
whether any certifications are pending approval, and suggest using
`--pending` to view them.
- When a user ID designator designates a user ID that is not
self-signed, and the command would add it to the certificate, check
that it is in canonical form.
- The relevant commands are: `sq key userid revoke`, `sq pki link
add`, `sq pki link authorize`, `sq pki vouch certify`, and `sq pki
vouch authorize`
- Allow the user to disable the check with a new flag,
`--allow-non-canonical-userids`.
- Fixes#437.
