From Kevin:

I found a small bug in the zsh completions.  Basically when the
PASSWORD_STORE_DIR ends in a slash the first character of the
result is eaten, making completion essentially useless. (It does
this before determining matches).

This can be fixed by changing what is line 106 in my version from:

_values -C 'passwords' $(find -L "$prefix" \( -name .git -o -name
.gpg-id \) -prune -o $@ -print | sed -e "s#${prefix}.##" -e 's#\.gpg##'
| sort)

to

_values -C 'passwords' $(find -L "$prefix" \( -name .git -o -name
.gpg-id \) -prune -o $@ -print | sed -e "s#${prefix}/\\?##" -e
's#\.gpg##' | sort)

The difference is the first sed regex expression.  The original
version assumed that the next character was a slash and removed
it while the new version only removes it if it is a slash.

"s#${prefix}.##" -> "s#${prefix}/\\?##"

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Kevin Cox <kevincox@kevincox.ca>

In fact, if we're running from the source directory, just auto-detect
the platform file in the first place.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

The new environment variable, PASSWORD_STORE_PLATFORM_FILE is now used
for loading custom platform files while pass lives as
src/password-store.sh. After it is installed using 'make install', this
environment variable is no longer used, and either no platform file is
loaded (if the default platform is acceptable), or a hardcoded
also-installed platform file is referenced.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Based-on-work-by: Matthieu Weber <mweber@free.fr>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

According to Brandon Jones, all we need to do is adjust /dev/clipboard
from xclip. So we add a platform specific file to do so.
http://www.relaytheurgency.com/2014/04/pass-in-cygwin-relatively-simple.html



Suggested-by: Brandon Jones <jones.brandon.lee@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

This relies on a patched version of tree to work, unfortunately.
Hopefully upstream will accept our patch.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Matthew writes:

    If the initial decrypt fails then the rest of the line shouldn't
    continue, as it won't be a properly decrypted password being
    re-encrypted and written over the existing passfile.

    One solution to this would be to enable pipefail (set -o pipefail) -
    either just before, or at the start of this script.  This would
    cause the failure of any of the commands in a pipe to set the return
    status of the whole pipeline to non-zero (the last failed command's
    return code is used).

We take his suggestion with this patch. While we're at it, we take a
little bit extra care (though not too much extra care) to select a more
random intermediate password, in case folks have a strange habit of
using a dot-new extension on files.

Suggested-by: Matthew Richardson <m.richardson@ed.ac.uk>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>