sheesy-cli 3.0.0

The 'share-secrets-safely' CLI to interact with GPG/pass-like vaults.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

## V3.0: Better user experience and documentation

Partitions are just another vault with individual config, but operations on vaults are
aware of partitions. This allows sharing of keys for example, and alters the way
vaults are displayed when showing them.

### Features

 * **add** partitions and **remove** them
 * **initialize new vaults** with **partitions** in mind
 * **show recipients** per **partition**

### Improvements
 * Allow `sy vault` to operate anywhere with a `.gpg-id` file, like pass.
 * Strong validation of the vault configuration to assure consistency

### Breaking Changes

 * `vault --vault-id` is now `vault --select`

## V2.0: Better user experience and documentation

Besides the many improvements, you will also find [a complete book][book] about
the capabilities so far!

We also [sign our binaries][signatures] from here on, and make them available [via *homebrew*][install].

[signatures]: https://byron.github.io/share-secrets-safely/installation.html#via-a-hrefhttpsgithubcombyronshare-secrets-safelyreleasesreleasesa
[install]: https://byron.github.io/share-secrets-safely/installation.html#via-homebrew-osx-and-linux
[book]: https://byron.github.io/share-secrets-safely

### Improvements

 * `vault list` now produces precise URLs.
 * `vault remove` can remove resources from the vault.
 * `vault recipient add` now signs and re-exports added fingerprints to make
   recipient verification part of adding them, and help build a *Web of Trust*.
 * `vault recipients remove` removes recipients and re-encrypts the vaults content.
 * `vault recipient add` also adds recipients which are only in your gpg keychain.
    Previously it would always require an exported public key in the right spot.
 * `vault recipient add --verified` allows to add any recipient by name, but requires
    you to assure you are able to encrypt for that recipient.
 * `vault add` now creates sub-directories automatically.
 * `vault edit` now tries to encrypt before launching the editor.
 * `vault add :something` with a tty as standard input will open an editor automatically.

### Breaking Changes

The breaking change requiring a major version increment is changes to the `sy-vault.yml` file.

 * The `at` field is now called `secrets`
 * `recipients` and `gpg-keys` paths are no relative to the `sy-vault.yml` file, not relative to the
   `secrets` directory.
 * The '--at/-a' flag of `sy vault` is now `--secrets-dir-dir/-s`
 * `recipients add` will now require fingerprints unless `--verified` is specified.

These improvements make handling paths consistent and less suprising.

## V1.0.1: The very first release - with a new name!

`s3` now officially is `sy` on the command-line, and spelled `sheesy`. Crates
were renamed accordingly, too.

## V1.0: The very first release!

This is the first usable version, providing only the minimal amount of features.
A lot of the value contained is a fully automated system for quality assurance
and deployment, which will help keeping the releases coming.

 * [x] **setup rust workspace for clear dependency separation**
 * [x] **setup CI for linux and OSX**
 * [x] **standalone deployables without additional dependencies for**
   * [x] OSX (static binary) - _just gettext is still dynamically linked :(_
   * [x] MUSL Linux
 * [x] **shell completions**
 * [x] **complete a happy journey with**
   * [x] initialize a new vault
   * [x] add contents
   * [x] support for multiple vaults
   * [x] list vault contents
   * [x] decrypt vault contents
   * [x] edit vault contents
   * [x] add another user and re-encrypt vault content
 * [x] **installable from crates.io**
 * [x] **release binaries generated by travis for tags**