Gopass does not consistently respect upper and lowercase in secret names / Git commit fails if secret exists in different case

[janekbettinger]

Summary

Given an existing secret named key. If a new entry KEY is inserted, Gopass internally modifies the encrypted key.gpg instead of creating a new secret file KEY.gpg.
As the case is not handled consistently, even the update of key.gpg fails as Gopass tries to (git) add and commit KEY.gpg instead of the just updated key.gpg.

Steps To Reproduce

➜  ~ gopass list test
test/
└── key

➜  ~ export GIT_TRACE=1; export GOPASS_DEBUG=1

➜  ~ echo "secret-update" | gopass insert -f test/KEY
# ...
2024/03/19 17:06:48.535905 fs/store.go:63	fs.(*Store).Set	Writing KEY.gpg to /Users/MYUSER/.local/share/gopass/stores/test/KEY.gpg
2024/03/19 17:06:48.536004 gitfs/git.go:145	gitfs.(*Git).captureCmd	store.gitAdd: /opt/homebrew/bin/git [git add --all --force KEY.gpg] (/Users/MYUSER/.local/share/gopass/stores/test)
2024/03/19 17:06:48.539757 queue/background.go:106	queue.(*Queue).Add	enqueued task
2024/03/19 17:06:48.539790 gitfs/git.go:145	gitfs.(*Git).captureCmd	store.gitDiffIndex: /opt/homebrew/bin/git [git diff-index --quiet HEAD] (/Users/MYUSER/.local/share/gopass/stores/test)
2024/03/19 17:06:48.543269 gitfs/git.go:155	gitfs.(*Git).Cmd	CMD: gitDiffIndex [diff-index --quiet HEAD]
Error: exit status 1
Output:
  Stdout: ""
  Stderr: "17:06:48.542371 git.c:463               trace: built-in: git diff-index --quiet HEAD\n"
2024/03/19 17:06:48.543293 gitfs/git.go:145	gitfs.(*Git).captureCmd	store.gitCommit: /opt/homebrew/bin/git [git commit --date=1710864408 +00:00 -m Save secret to /KEY: Read secret from STDIN] (/Users/MYUSER/.local/share/gopass/stores/test)
2024/03/19 17:06:48.547371 gitfs/git.go:155	gitfs.(*Git).Cmd	CMD: gitCommit [commit --date=1710864408 +00:00 -m Save secret to /KEY: Read secret from STDIN]
Error: exit status 1
Output:
  Stdout: "On branch main\nYour branch is up to date with 'origin/main'.\n\nChanges not staged for commit:\n  (use \"git add <file>...\" to update what will be committed)\n  (use \"git restore <file>...\" to discard changes in working directory)\n\tmodified:   key.gpg\n\nno changes added to commit (use \"git add\" and/or \"git commit -a\")\n"
  Stderr: "17:06:48.545852 git.c:463               trace: built-in: git commit '--date=1710864408 +00:00' -m 'Save secret to /KEY: Read secret from STDIN'\n"
2024/03/19 17:06:48.547407 queue/background.go:89	queue.(*Queue).run	ERROR: Task failed: failed to commit changes to git: exit status 1: 17:06:48.545852 git.c:463               trace: built-in: git commit '--date=1710864408 +00:00' -m 'Save secret to /KEY: Read secret from STDIN'
❌ Task failed: failed to commit changes to git: exit status 1: 17:06:48.545852 git.c:463               trace: built-in: git commit '--date=1710864408 +00:00' -m 'Save secret to /KEY: Read secret from STDIN'
# ...

➜  ~ cd /Users/MYUSER/.local/share/gopass/stores/test

➜  test git:(main) git status
On branch main
Your branch is up to date with 'origin/main'.

Changes not staged for commit:
  (use "git add <file>..." to update what will be committed)
  (use "git restore <file>..." to discard changes in working directory)
	modified:   key.gpg

no changes added to commit (use "git add" and/or "git commit -a")

➜  ~ gopass list test
test/
└── key

Expected behavior

Gopass should be case-sensitive and respect upper and lowercase so that it is possible to create both secrets key and KEY.

OR: Gopass is consistently case-insensitive.

Environment

• OS: macOS Sonoma 14.4 (23E214)
• OS version: Darwin XXXXXXXXX 23.4.0 Darwin Kernel Version 23.4.0: Wed Feb 21 21:44:54 PST 2024; root:xnu-10063.101.15~2/RELEASE_ARM64_T6030 arm64
• gopass Version: 1.15.12 go1.22.1 darwin arm64
• Installation method: brew

[dominikschulz]

I'm afraid I couldn't reproduce this on MacOS, yet.
Also I didn't find any code that would be case-dependent, yet.

Can you provide additional details? Is it possible that the git repo in the store had unstaged changes before you tried to add test/KEY?

[janekbettinger]

Hi @dominikschulz, thanks for having a look. I reproduced the issue with a fresh repository that I integrated into Gopass. I just gave you permissions to https://github.com/janekbettinger/gopass-test-store .

Is it possible that the git repo in the store had unstaged changes before you tried to add test/KEY?

That "should" not have been the case.

Since you linked a commit after your comment: could you reproduce it in the meanwhile? If not, I might give it another trial and document the init steps as well.

[dominikschulz]

No, I couldn't reproduce it yet. I just found one place where we should handle filenames better - but the changes shouldn't affect casing issues.