-
1.720081b54 · ·
Release 1.7. Changes: == New Features == * Extensions: pass can now load user-defined extensions from a system directory or a user directory. There's already a nice ecosystem of extensions being built, even at this early stage. See the pass man page for more information. * Signatures: there is now an option to enforce signatures of the .gpg-id file and extensions using an environment variable. * QRCodes: generate and show have now learned the --qrcode/-q switch. Note to package maintainers: this adds a dependency on the popular qrencode package. * Password generation: rather than use pwgen, we now use /dev/urandom more directly, which results in more assured password security, as well as customizable character sets, via an environment variable. See the pass man page for more information on this customization. Package maintainers: you may now drop the dependency on pwgen. * Importers: there now are several more importers. More and more folks are moving to pass! * Selectable clipping: you can now specify which line you wish to copy to the clipboard or display with a qrcode when using -c or -q. * Git discovery: The PASSWORD_STORE_GIT environment variable has been removed, and instead pass will automatically choose the git repository closest to the file being modified (but not out of the actual password store itself). This should help people who like to nest git repos for different organizations. * Bug fixes: too many to count. == Note To Distros == * Drop the dependency of pwgen. * Add the dependency of qrencode. * The Makefile now does the right thing with DESTDIR, so you might want to double check that your package recipe does the right thing. * The semantics for auto-detection of bash completion has changed, with new environment variables for such things. See INSTALL for details.
-
1.6.4ed24e9cd · ·
Release 1.6.4. Changes: == Features == * "add" is an alias of "insert" * `pass edit` will no longer make a commit if the password does not change * Symbolic links are now followed * Remove gpg agent check, due to the auto-starting gpg-agent in GnuPG 2.1 == Bug Fixes == * Avoid trailing slash in `pass grep` * Account for $CLIP_TIME in messages * revelation2pass, keepassx2pass, and other script improvements * Fix .gpg extension in tree listings, and preserve colors * Improved support for getopt on OSX * Updates for zsh and fish completion autoloading * Always preserve TTY for pinentry * Only use encryption subkeys * Better clip error messages * No longer use hidden recipients
-
1.6.3891d2aa6 · ·
Release 1.6.3. Changes: == Features == * passmenu now takes --type as its first argument, which will type the password instead of copying it to the clipboard. == Bug Fixes == * OSX now properly unmounts temporary mounts and ejects ramdisks. * All BSDs now have cleaner temporary files. * Temporary files for `pass edit` now end in .txt so vim does the right thing. * When edit fails, prompt for retrying instead of going into crazy loop. * keepassx2pass conversion script now handles empty strings.
-
1.6.2a12aa277 · ·
Release 1.6.2. Changes: == Features == * generate now has an --in-place option to replace only the first line of a file with a new password * generate now uses pretty ansi colors * `pass git diff` will now decrypt your history in memory on the fly to show real text diffs of how your passwords have changed * Lots of general code cleanups and restructurings == Bug Fixes == * test suite escapes characters properly * use install -d instead of mkdir -p in makefile * do not rely on bash inside of makefile * cleaner tmpdir cleanup logic * use portable sed in zsh completion * gpg key sorting is now done with LC_ALL=C * git sub-commands will now use a secure tmpdir * properly escape input to sed during reencryption * tests now work on directories with spaces * gpg secmem warning is disabled during gpg key comparison so that output is consistent on bsd * tmpdir templates actually work now when making a secure tmpdir == New Additions from Contributors == * KWallet importer script <http://git.zx2c4.com/password-store/tree/contrib/importers/kwallet2pass.py>
-
1.6.1477d770f · ·
Release 1.6.1. Changes: == Bug fixes == * OSX and BSD does not support the -D option in the install, which was causing some major problems in 'make install'. Work around this while also introducing BASHCOMP_PATH and related arguments. * Better error message if operating on a non-existant password store.
-
1.6562812fb · ·
Release 1.6. Changes: == Features == * `pass find` allows searching for filenames or directory names within the password store. It makes use of tree 1.7.0 features that the pass community developed. * `pass grep` allows searching inside of encrypted files. * `pass mv` and `pass cp` allow moving and copying password files around, and automatically reencrypt them if the source folder requires a different gpg-id. * The --reencrypt/-e switch is now gone from init. All comands that change gpg-id or move password files around (such as mv and cp) automatically reencrypt passwords *as needed*, if the source has a different gpg-id or if the gpg-id for a given directory has changed. * `make test` will now run an ever-growing test suite of automated unit tests to ensure that we remain bug-free. * pass init allows deinitializing sub-gpg-id files by an empty string key argument. * If stdin is not a tty, no interactive questions are asked. * Empty folders are pruned on removing or moving entries. * Sneaky paths are checked and prevented. * Platform files run before installation too now. * Support for Windows/Cygwin. * We detect gpg-agent and display a warning if it's not running before mass-reencryption operations. * Makefile now automatically detects bash/zsh/fish completion support. * Complete reorganization of codebase for improved maintainability. * Revelation2pass converstion script supports xml. * Keepassx2pass conversion script handles new lines and slashes. == Bug Fixes == * Bash completion is installed to correct place * Better error messages. * Clarification of secure tmpdir on FreeBSD. * Platform installation supports GNU sed. * Zsh completion supports trailing slashes. * Typos. == New Additions from Contributors == * 1Password importer <http://git.zx2c4.com/password-store/tree/contrib/importers/1password2pass.rb> * Pass now supports Emacs: <http://git.zx2c4.com/password-store/tree/contrib/emacs>
-
1.52eaca825 · ·
Release 1.5. Changes: == Features == - Team pass is now possible! At last! Each .gpg-id file may contain multiple IDs, separated by a new line, and `pass init` now takes multiple options for specifying multiple keys with which to populate .gpg-id. - Different directories may now have their own .gpg-id, and `pass init` has now learned a -p/--path switch for writing this file. This may be used to have different access permissions for different sub-folders. - All temporary files, even ones that exist merely in a tmpfs ram disk, are overwritten with random data before deletion, using shread or wipe, depending on the platform. - If git is in use, all commits can be signed with the "user.signingkey" ID if "pass.signcommits" is enabled in git-config. This protects against remote tampering. - Clipboard selection can now be overwritten using the PASSWORD_STORE_X_SELECTION environment variable, and the timeout time before restoring the clipboard can be overwritten using PASSWORD_STORE_CLIP_TIME. - The umask can now be overwritten with the PASSWORD_STORE_UMASK environment variable. - gpg v1 can be used, in addition to the already supported v2 == Bug Fixes == - Do not race between clipboard restoration instances at once - We now properly follow symlinks with tree and with reencryption - Fix conflict between passwords and directories with the same name - Bash completion goes in the correct folder - Many bash and sed simplifications and optimizations - `mktemp` now uses the correct argument order - We no longer use GPG compression, due to security concerns - Documentation improvements - Bash, zsh, and fish completion clean-ups - Lots of import script fixes - Non-recursive makefile - On re-encryption in `pass init`, a pipe failure no longer blanks file == New Import Scripts from Contributors === - KED password manager - Revelation password manager - Keepass2 password manager - Gorilla password manager - Pwsafe password manager == Other Contributed Projects == - A firefox plugin <https://github.com/jvenant/passff#readme> - An iOS app <https://github.com/rephorm/pass-ios#readme> - A dmenu script <https://github.com/cdown/passmenu#readme>
-
1.4ec5eeec7 · ·
Release version 1.4. - Finally a viable cross platform solution by sourcing platform specific overrides * Darwin / Homebrew support built-in * FreeBSD support from Jonathan Chu - Recursive and forced removal of directories in `pass rm` - More robust git handling in places that count - Special treatment of `pass git init` for initial commit - Ability for `pass init` to reencrypt entire repository using new key - Prompt before overwriting passwords in insert and generate - Honor PASSWORD_STORE_KEY, PASSWORD_STORE_DIR, and PASSWORD_STORE_GIT to override defaults, for use with nesting repositories, using different repositories, or sharing repos with teams - Removal of debian code, as upstream debian/ubuntu are now handling this (thanks Colin Watson) - More precise error handling paths - Updating of documentation and dependency lists - Addition of two importer scripts in contrib: * fpm2pass.pl by Jeffrey Ratcliffe * keepassx2pass.py by Juhamatti Niemelä - Total overhaul of bash and zsh completion system from Brian Mattern - Addition of fish completion script from Dmitry Medvinsky - Countless bug fixes and style improvements
-
1.3f6c945b0 · ·
Release version 1.3. Features: - Let PASSWORD_STORE_DIR override the password store directory location - Use GNU getopt to allow arguments to be anywhere - Confirm before overwriting on insert (use --force to revert behavior) - Use GNU readline when reading passwords in the default insert mode - Skip directories and add edit mode to ZSH completion file - Make GPG output quieter - Support ramdisk on OSX via out-of-tree patch - Add --version switch Bug fixes: - Don't quote $EDITOR, so that folks can specify arguments to their editor - Be careful about cleaning up temporary files -- use signal handler to ensure it happens - Make more efficient use of bash's read command for prompting - Split out common gpg options into unified variable
-
1.2796610ee · ·
Release 1.2. This makes the following changes: * Improved ZSH completion script * --help in addition to help * Better git argument passing * Better support for metadata in multi-line mode by having the --clip and -c operations only copy the first line * Edit mode that calls $EDITOR on the password file, after being temporarily and securely decrypted to /dev/shm.