-
Release 0.7.0 changes the default for sensitive data, improves password generation, and adds the '--id' option for getting an entry:
-
Sensitive data is not shown by default. If you want to show sensitive data, use the
--show
option. The--hide
option (now obsolete) has been removed -
When updating a field, the old value of the field is now printed to the standard output. This simplifies updating passwords when the "old" password has to be specified. Now you can start by updating the password field with pwss, paste the new password using the clipboard, and then copy-and-paste the old password which is shown in the standard output.
-
A new password generation strategy "strong" generates a random password on a subset of all printable characters, ensuring there are neither ambiguous character (i.e., 0, O, l, I), nor symbols which might not be accepted in passwords (e.g., , ", [, ], <, >).
-
The strong and random strategies ensure there is at least one symbol and one digit in the password
-
The '--id' option allows to get an entry by ID. It can be useful for automating operations with pwss or to quickly get an entry, if you remember its ID. Use
pwss get
to get the ID and title of all entries in your password store. -
The
--stdout
option has been implemented right. If you specify--stdout
only the looked-up field is printed to stdout. In conjunction with the--id
option, this allows to usepwss
in scripts and pipes. For instance:DB_USER=adolfo DB_PASSWORD=$(pwss get --id 123 --stdout) rails s
-
-
Release 0.6.0 introduces some major changes to functions, command syntax, and code structure. More in details:
pwss
can now use GPG asymmetric encryption, if you wish so. To enablegpg
follow the instructions above. The advantage: no need to enter a password for adding data.pwss
will try different default files, before giving up (in order:~/.pwss.yaml.gpg
,.pwss.yaml.enc
,.pwss.yaml
). If you are in doubt about which commandpwss
is operating on, use thepwss default
command.- added a console, which allows to perform multiple operations on the same file. When using symmetric encryption, one of the advantages is that the password is entered only once. (Similarly for GPG, but in this case GPG has password caching built-in.)
- added a
describe
command to list the entry types and their fields - by default a random password is generated when adding
new entries. Use
--ask
to enter the password interactively - added a new option
pwgen
, which uses thepwgen
command line utility for generating password get
now accepts a specification of the field to copy to the clipboard- the
get
command now presents only basic fields of the matching entries. This hides any sensitive field from view when searching for entries. The full entry is shown when chosen, unless the--hide
option is used. - a new
--hide
option of theget
command allows to hide sensitive data after a match. In this case you can still copy a field using the--field
option. - the ids shown in the list generated by the get command are absolute (i.e., the index of the entry in the file). This will allow to add a command which gets an entry by ID.
- new type SIM for SIM cards (fields: title, pin, and puk)
- new type Code for a secret code (e.g., locker; fields: title and code)
- dropped support for
created_at
andupdated_at
. No problem if an entry has them:pwss
won't touch them. If you want to remove these fields from your entries, use the--clean-timestamp
option. For instance:pwss list --clean-timestamps > .new-pwss.yaml
Bug fixes:
- the
list
command now shows the fields of all records always in the same order. This fixes a readability problem with manually entered fields ... and with the order in which recent versions ofpwss
stored fields. If you want to clean your password file, usepwss list
. - fixed a long-standing bug when updating the description field. Now the field is correctly recognized as multiline and the update function works as it should
- fixed a long-standing bug which stored the closing dot in multiline fields
- fixed some typos in messages
-
Release 0.5.1 fixes a bug of the "add" command, which threw an error if the title was not supplied on the command line. When adding an entry, now it is possible to specify the title on the command line or just wait for the title prompt
-
Release 0.5.0 This is a release mainly focused on improving interaction. It includes small changes to the command syntax and improved exit conditions. In details:
- add now accepts the title in the command line. For instance
pwss add New Entry
- new is now an alias for the add command
- update now requires to specify the field: use
-p
,--password
, or--field password
, if you want to update the password pwss
now shows usage summary, if no arguments are given- C-c is now trapped and properly managed (clearing the clipboard)
- decryption errors are now properly managed
- the content of the clipboard is now restored after the waiting period
- add now accepts the title in the command line. For instance
-
Release 0.4.0
- New
--stdout
option will output password to standard output (useful for integration with other applications) - New
--select N
option will automatically select theN
th entry (rather than asking the user to select an entry).
- New
-
Release 0.3.0
- internal refactoring: CLI parsing is now based on Slop. The documentation has been revised and should now be simpler to understand.
- added some controls to avoid overwriting existing files (in particular: init, encrypt, and decrypt). The command is now less Unix-like, but I hope you will appreciate a bit more safety.
-
Release 0.2.0 (never really made it to the public -- use version 0.3.0)
- it is now possible to add entries of various types (= with different fields). The supported types include: CreditCard, BankAccount, SoftwareLicense. Use the -e (--entry) option to specify the type of entry to add
- an empty string can now be used to exit (instead of -1) when multiple matches are found
-
Release 0.1.0
- the update command now allows one to update the password or any other field of existing entries
- a simple password generator allows pwss to generate a random password
- most commands make the password of the selected entry available in the clipboard (useful, for instance, if you automatically generate a password)
- a destroy command allows one to delete an entry from a password file. Similar to get, all entries matching a query are shown. The user is then asked to select which entry has to be deleted or stop. User confirmation is required even in case of a single match.