Hey!

pass is lacking a way to easily copy a login in the clipboard. Usually, the login is stored on a line starting with login: . It would be very convenient to be able to copy it with one keypress. Would such a feature be accepted? If yes, I can try to implement it.

After M-x pass v to view instead

v runs the command evil-visual-char

I have installed pass through melpa. It is awesome---I spent a couple of hours today organizing 15 years worth of accumulated passwords, getting rid of passwords for services that no longer exist, categorizing others. It was wonderful.

However, it only works if I actually (require 'pass)---if I rely on the package infrastructure, although the pass function is available because of its autoload, it fails because the things it wants to use aren't available.

I am sufficiently ignorant of many of these mechanisms that I don't actually know what should be done to resolve it. I'll do some research and see if I can figure it out, but on the offhand chance that you already know, I thought I'd go ahead and report the issue in advance of having a patch.

Hello,

Please, consider the implementation of a function like pass-insert-generated, but with the possibility to pass, interactively, optional arguments of password-store--run-generate internal function, such as password-length and no-symbols.

It could be a new function, like pass-insert-generated-with-options, assigned to another keybinding.

I would love to make this suggestion through a Pull request, but my skills with EmacsLisp are still very limited.

Thanks in advance.

My password-store keeps growing steadily; I wish to have a command similar
like dired-goto-file in Dired ('j' key binding).

Please, see this Emacs Prince video to see what I mean:
https://www.youtube.com/watch?v=uGNhdLWIcPA

Firstly, thank you for this package. Secondly, I can open this issue on your gitea instance if you prefer (and if possible). It's not clear if that's your preference from the README.

If one has set view-read-only to a non-nil value then several bindings shadow view mode bindings. This has the effect of distorting the keybinding layout in the *Password-Store* buffer as the full M-x command is visible instead. The affected bindings are as follows:

w: pass-copy
r: pass-rename
u: pass-copy-url
n: pass-next-entry
p: pass-prev-entry
g: pass-update-buffer
o: pass-otp-options
RET: view entry (but the alternative v is displayed)

Hi Nicolas.

I've just installed your package, but after M-x pass, I get this:

pass--tree: Wrong type argument: listp, "email/sec/myscretemail"

It's been stable for a while---and it's very usable, thanks for writing it!---perhaps it's time to put a tag on it so melpa-stable will pick it up?

If you use exwm and pass, pressing w to copy a password deadlocks Emacs if the password isn't already in gpg-agent. The copy operation blocks Emacs, which prevents exwm from creating the window for pinentry. If you hit C-g, the blocking operation aborts, the pinentry window appears, and you can enter the password. Hitting w again will put the password into the kill-ring.

Correcting this probably requires changes to password-store, adding a function which calls pass asynchronously, and updating pass.el to use that.

Hi

Using Debian pass 1.7.3.1 (unstable) and Debian emacs-snapshot (or Debian Emacs25.2.2) when entering a password, I see this in the minibuffer:

"Enter contents of test and press Ctrl+D when finished:"

However, I am not able to enter any content in the minibuffer, or another. Any key (including Ctrl+D) will create the password. I can edit it after.

Hey!

If I use swiper (a replacement for isearch built on top of Ivy), colors disappear for the *Password-Store* buffer. It's the first time I get something like this. The buffer is built by using add-text-properties. Maybe @abo-abo would have an hint on why this is happening?

I use syncthing to sync my .password-store directory with other devices. When file versioning is enabled, syncthing creates a new directory .stversions inside .password-store where it keeps history. .stversions is displayed also in pass-mode (with all subdirs), but it shouldn't be. When I do pass ls on the command line, this directory is not displayed.

Is it possible to show only relevant directories/files as with pass ls?

It should probably be removed if this is the canonical repository anyway.

This can't to my knowledge be fixed via a PR.

A similar error was observed in #41 too.

Package pass is incompatible.

     Status: Incompatible because it depends on uninstallable packages.
    Archive: melpa-stable
    Version: 2.0
     Commit: 35e3f86e96878520e690513cdbc1b2753b173e72
    Summary: Major mode for password-store.el
   Requires: emacs-25, password-store-2.1.0 (not available), password-store-otp-0.1.5, f-0.17

The version of password-store available on melpa-stable is 1.7.3

Bonjour! I noticed that key bindings are hardcoded to the font-lock-constant-face. Do you think it is acceptable to have a named faced instead?

Please see the following patch (I can use the pull request system, if you prefer it).

From 304da54c95be596ed8fc7a58864dae520b1def76 Mon Sep 17 00:00:00 2001
Message-Id: <304da54c95be596ed8fc7a58864dae520b1def76.1645688334.git.info@protesilaos.com>
From: Protesilaos Stavrou <[email protected]>
Date: Thu, 24 Feb 2022 09:38:41 +0200
Subject: [PATCH] Define face for key bindings

It inherits from font-lock-constant-face to remain backward-compatible
with the previous style.
---
 pass.el | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pass.el b/pass.el
index c405550..8e4bec9 100644
--- a/pass.el
+++ b/pass.el
@@ -87,6 +87,10 @@ (defface pass-mode-header-face '((t . (:inherit font-lock-keyword-face)))
   "Face for displaying the header of the pass buffer."
   :group 'pass)
 
+(defface pass-mode-keybinding-face '((t :inherit font-lock-constant-face))
+  "Face for displaying pass key bindings."
+  :group 'pass)
+
 (defface pass-mode-entry-face '((t . ()))
   "Face for displaying pass entry names."
   :group 'pass)
@@ -400,7 +404,7 @@ (defun pass--display-keybinding (command label)
                   (format "%s"
                           (propertize (substitute-command-keys
                                        (format "<\\[%s]>" (symbol-name command)))
-                                      'face 'font-lock-constant-face))
+                                      'face 'pass-mode-keybinding-face))
                   label)))
 
 (defun pass-display-item (item &optional indent-level)
-- 
2.35.1

Hello,

Melpa is taking the changes from github or https://petton.fr/git/nico/pass

Thanks

In the README and description line, the link to gitlab is broken.

Hello @NicolasPetton,

Over the weekend I made a customization I wanted to have in the pass major mode, to be able to handle OTP/2FA directly from Emacs. It looks like this:

(I realize the gif might be a bit fast, but I think it transmit the whole idea)

I thought it might be useful for other people and could be contributed to this repo.
The reason I'm opening an issue instead of a PR is because my implementation depends on the pass-otp extension for pass, and so the features shown in the gif wouldn't work on a freshly install of pass.

Now, TBH, this is the first time I'm tinkering with an Emacs major mode, so maybe there are ways to handle these OTP features as a minor mode or something like that, or a graceful way to add it to the pass major mode with those features shut down if the user don't have pass-otp installed. But I am more than willing to collaborate if you see this as a useful thing to have inside pass.

If you want to check out the code: master...volrath:master, you will notice there are some password-store-otp-* functions, those are part of another library I made: password-store-otp, which is now awaiting for approval in melpa

If you want to try it out, you just need to load password-store-otp.el and my fork of pass.el into your Emacs, and of course have pass-otp installed.

Is there a way to insert a multiline pass entry?

I can do that in the terminal with pass insert -m my/secret/file.txt.

When renaming an entry with r, the buffer is not updated.

I'm seeing some regressions in functionality with recent versions of password-store.el. Most importantly, because password-store-edit from password-store.el always works on a temporary file in shared memory instead of just opening the file in the ~/.password-store/ directory, pass-view from pass.el results in a text-mode buffer instead of a pass-view-mode buffer. Furthermore, password-store.el seems to always conclude that it needs to create a git commit even when nothing has been changed in the entry, which clutters up the git history with useless commits when you just want to view some of the added fields other than the password.

I was thinking of fixing this by making pass-view just open the file from ~/.password-store directly, but having it set to be read-only and having the keybinding to toggle read-only mode switch to calling password-store-edit from .password-store.el. Does that sound like a reasonable approach?

The very first entry of the store (not of subfolders) is displayed with two ├──, eg:

.password-store
├── ├── aaa.com
├── abc.com

Thanks!

Unless pass this mode is not integrated with git. After modifying a password the changes should be saved in git too like pass.

A minor issue.
If I press <RET> on the directory name www.linkedin.com in the below example,
it shows me the pass-view of the entry bitbucket.org. I think that the expected behaviour should show No entry at point just like it actually does on ├── symbol.

├── bitbucket.org
├── www.linkedin.com
    ├── account1
    ├── account2
    ├── account2

When a saved password has an unclosed double quote("), the syntax highlighting on successive lines doesn't work until that double quote is closed.

foobar
Username: baz

Highlights "Username:"

But

foo"bar
Username: baz

Leaves the second line decorated as a string.

;; Visit the entry at point (e.g. foobar) in the pass buffer
M-x: pass-view RET
;; Go to the end of the buffer and add some extra info
M-> Username is my personal e-mail
;; Save changes and call pass again
C-x C-s
M-x pass RET
;; The buffer shows 2 entries for foobar
;; The reason is that an Emacs backup file is listed as a separated entry.

;; If an user is updating a password in this way, then the backup file entry has an out-of-date
;; password, and it will cause a login fail in the external service; thus, backup files must be ignored.

When pressing k on a directory, pass removes the previous entry instead of the directory.

Eg, if you have:

.password-store
├── reddit.com
├── special [point here]
    ├── test

press k, then y, the reddit.com entry gets deleted.

I'd expect pass to either:

1. Recursively delete the directory, maybe requiring a "full" confirmation (yes-or-no-p)
2. Refuse to do anything.

Thanks

Although the password in kill ring is removed after seconds, it is kept in system clipboard.

There should at least be an option to kill all password's buffer when calling pass-quit. At the moment when you open a password and quit pass the buffer with the password in clear persist which is misleading since the user can think she had closed her password store.

This may well be an issue with password-store.el (@calancha) and/or auth-store-pass.el (@DamienCassou). I store my keys offline in a removeable device specifically a Trezor model T hardware wallet. So everytime I need to decrypt a password store gpg file to perform specific pass major-mode actions I have to confirm I want to decrypt the file on the trezor device.

• The j, n, p, M-n, M-p, r, s and ? bindings work as expected without having to interact with the Trezor (which does not surprise me).
• The U binding works and requires confirmation on the Trezor as I would expect.
• The k binding works, does not require confirmation on the Trezor (which does not surprise me) but causes Emacs to hang for 1-2 mins. Once Emacs is responsive again the g binding works to refresh the *Password-Store* buffer removing the just deleted entry.
• The i binding works and does not require confirmation on the Trezor (maybe not a surprise).
• The I binding works and does not require confirmation on the Trezor (maybe not a surprise).
• The <RET> binding works, requires confirmation on the Trezor (which does not surprise me) but I observe the following error in the *Messages* buffer which I don't understand which I also see whenever I try to view a password with C-c C-c:

Error during redisplay: (jit-lock-function 1) signaled (invalid-function #<subr quote>)

• The w(1), b(2), u(2), f(3) bindings do not work for me, request confirmation (as given by the number in the brackets that follows each binding) on the Trezor which surprises me as I would have only expected confirmation only once and result in the following error (not sure why the message is posted twice) in the *Messages* buffer:

Decrypting /home/doolio/.password-store/testdir/test.gpg...done
error in process sentinel: password-store: exited abnormally with code 2

error in process sentinel: password-store: exited abnormally with code 2

• I did not test the o binding beyond displaying the sub-menu.

I use EXWM too so it may be similar to #25.

FWIW, I'm using the following versions of these packages:

 ("auth-password-store" . "ff4940c647786914b3cbef69103d96a4ea334111")
 ("pass" . "919d8e3826d556433ab67d4ee21a509d209d1baa")
 ("password-store" . "98193d3bbb3538eda457d0db4ccccbcc4b04ce3d")

Thanks for your time.

I find the calls to yes-or-no-p in pass-edit and pass-kill a bit too much.
Should I write a PR that adds an option to suppress them?
Cheers

When you copy an OTP token with o o you see a message that the secret field will be cleared in 45s. This is the default time for password-store-time-before-clipboard-restore from password-store.el but isn't the standard otp_period 30s.

Sorry to reopen an issue for #8. But if I understand well, there is still no git integration while one modify a password by saving it in a pass-view buffer.
I saw that it was an upstream issue at the time of #8, however, it's not the case anymore and I don't understand why #8 was closed.
I'm pretty new with emacs (just started one week ago), nevertheless, I tried to bring a solution which does its job :

(defun pass-edit() 
  (interactive) 
  (pass--with-closest-entry entry 
      (password-store-edit entry))) 

Of course, there are two points remaining to be improved :

1. If the password remains unchanged, pass displays an error message without explanation ;
2. the key-binding to save the buffer is C-x # (server-edit) in this case since an async-shell has been launched (see password-store-edit).

Moreover, I suggest making the pass-view a read-only buffer to prevent users to edit without commit.

Hope that I didn't say dumb things and thank you for this marvellous package!

My ~/.password-store is a git repository I share across computers. Some of the passwords I store are encrypted with key A, and some are encrypted with an imported key B.

• I have imported both key A and key B onto my computer.
• I can decrypt passwords encrypted with A or B from the command line

However, whenever I try to copy a password encrypted with key B using M-x pass, I get (wrong-type-argument stringp nil)(wrong-type-argument stringp nil).

Debugger entered--Lisp error: (wrong-type-argument stringp nil)
  string-match("\\`-+\\'" nil)
  menu-bar-update-yank-menu(nil nil)
  kill-new(nil)
  password-store--save-field-in-kill-ring("PASSWORDNAME" nil secret)
  #f(compiled-function (password) #<bytecode 0x18b3c423c150f0c5>)(nil)
  #f(compiled-function (_) #<bytecode -0x7b3fea85f1acb4b>)("")
  #f(compiled-function (process state) #<bytecode 0x1f5e704a640074fd>)(#<process password-store-gpg> "finished\n")
  apply(#f(compiled-function (process state) #<bytecode 0x1f5e704a640074fd>) (#<process password-store-gpg> "finished\n"))
  explain-pause--wrap-callback(#s(explain-pause-command-record :command process-sentinel :native nil :parent #s(explain-pause-command-record :command "password-store-gpg" :native nil :parent #s(explain-pause-command-record :command pass-copy :native nil :parent #s(explain-pause-command-record :command root-emacs :native nil :parent nil :executing-time 370390 :entry-snap (25814 40392 26263 571000) :too-slow nil :is-profiled nil :under-profile nil :profile nil :depth 0) :executing-time 427 :entry-snap (25814 40391 821479 682000) :too-slow t :is-profiled nil :under-profile nil :profile nil :depth 1) :executing-time 0 :entry-snap nil :too-slow nil :is-profiled nil :under-profile nil :profile nil :depth 2) :executing-time 0 :entry-snap nil :too-slow nil :is-profiled nil :under-profile nil :profile nil :depth 3) #f(compiled-function (process state) #<bytecode 0x1f5e704a640074fd>) #<process password-store-gpg> "finished\n")
  apply(explain-pause--wrap-callback #s(explain-pause-command-record :command process-sentinel :native nil :parent #s(explain-pause-command-record :command "password-store-gpg" :native nil :parent #s(explain-pause-command-record :command pass-copy :native nil :parent #s(explain-pause-command-record :command root-emacs :native nil :parent nil :executing-time 370390 :entry-snap (25814 40392 26263 571000) :too-slow nil :is-profiled nil :under-profile nil :profile nil :depth 0) :executing-time 427 :entry-snap (25814 40391 821479 682000) :too-slow t :is-profiled nil :under-profile nil :profile nil :depth 1) :executing-time 0 :entry-snap nil :too-slow nil :is-profiled nil :under-profile nil :profile nil :depth 2) :executing-time 0 :entry-snap nil :too-slow nil :is-profiled nil :under-profile nil :profile nil :depth 3) #f(compiled-function (process state) #<bytecode 0x1f5e704a640074fd>) (#<process password-store-gpg> "finished\n"))
  #f(compiled-function (&rest callback-args) #<bytecode -0x6e908f91cf7f6bc>)(#<process password-store-gpg> "finished\n")

I'm on Emacs 28.1, and this is the commit of pass I'm using.

When editing a password, doing undo twice right away reveals the password. This may lead to unwanted password leakage, by pressing undo many times to get to the original state.

I see that if you include 'username' in the password file, pass will be able to find that value and make it available.

I also see that there is a URL functionality in pass, but I dont see how to specify that in the password file so it will be used properly. It doesn't seem to be a configuration option, like the username one is.