Comments (4)
Hi @Mayeu
This was intended. That was made to force the user, so we avoid some human common errors related to encrypting files.
Why you may ask, to avoid inconsistencies as much as possible:
- People tend to change decrypted files and forget to encrypt again after the changes (if there isn't an agebox file, and you validate it will fail).
- If there is an encrypted file and a decrypted file, what should the app do?
- Decrypt and Override the non-encrypted file: you may lose changed stuff.
- Not decrypt: You may be working over a non up to date file.
Why encrypting again is not an option? it's because git repo space? if is about the diffs, if you make diffs on decrypted files you will not see any change
from agebox.
Thank you for your answer 🙂
People tend to change decrypted files and forget to encrypt again after the changes
Agree here, but I'm not fully convinced that the current behaviour will help with that. It introduced the risk of removing the file from the repo by mistake (no data loss, of course, since the file is tracked).
Moreover, I feel like the current behaviour don't really match the "No side effects like VCS commands" features, since it actually change what the VCS is tracking (but maybe I'm nitpicking a bit here 😅 ).
(if there isn't an agebox file, and you validate it will fail).
But wouldn't that be a good situation? If validate fails then the user has to make a decision, checking the data and either just deleting the file or encrypting it again because secrets have been changed.
If there is an encrypted file and a decrypted file, what should the app do?
Ask the human what to do I guess. Git secret does that, if one decrypt a file which is already decrypted it asks if it should be overwritten (it could even check the data and only ask that when there is a difference).
Why encrypting again is not an option? it's because git repo space? if is about the diffs, if you make diffs on decrypted files you will not see any change
It's mainly about the noise in the commit history. If I see that the encrypted file as changed in a commit, I expect the underlying data to have changed (or that a new user has been added), but not only the container of the data.
Taking the example of git-secret again, it has some nice encryption options, where it first check if the file has changed and only update the encrypted data if it did, and delete the unencrypted data afterward (git-secret hide -md
).
from agebox.
Agree here, but I'm not fully convinced that the current behavior will help with that. It introduced the risk of removing the file from the repo by mistake (no data loss, of course, since the file is tracked).
You answered yourself :D
Moreover, I feel like the current behavior doesn't really match the "No side effects like VCS commands" features, since it actually changes what the VCS is tracking (but maybe I'm nitpicking a bit here sweat_smile ).
Agebox doesn't execute any VCS commands (unlike tools like blackbox that commits things).
But wouldn't that be a good situation? If validation fails then the user has to make a decision, checking the data and either just deleting the file or encrypting it again because secrets have been changed.
Correct, that's why it removes the file.
Ask the human what to do I guess. Git secret does that, if one decrypts a file that is already decrypted it asks if it should be overwritten (it could even check the data and only ask that when there is a difference).
That's why is done like that, avoid asking humans things that can be avoided by designing user path interactions (like this one we are discussing), it's about UX.
Anyhow, for now, users didn't complain about this behavior (this project was born 1 year ago). If more users think that this is a problem, we can iterate over this for sure.
In the meantime, if this "noise in the commit history" big tradeoff doesn't work for you, maybe Agebox isn't the right tool for you and its something more like git-secret :)
from agebox.
Hey,
Thank you for the additional details. I guess we could continue to argue about this but we are coming from two different places, wanting to optimise for two different things :)
One small thing:
"No side effects like VCS commands"
I guess the "like" in this sentence may have been what confused me. I understood this as: "VCS commands are just one of the side-effect agebox avoids” thus my surprised when I saw that there was the side effect of changing the tracked data. Maybe “No VCS commands are run” would match the behaviour better?
I'll close this as I got my answer from my initial question, and as you say agebox does not match the workflow I want to achieve currently :)
Thank you very much for your time 🙏
from agebox.
Related Issues (20)
- OpenSSH ControlMaster sockets cause agebox errors
- [ENHANCEMENT] Add releases to AUR / Chocolatey HOT 6
- [Feature] rencrypt all files (only if the decrypted file changed) HOT 6
- [feature] Don't output logs for every non-private-key in ~/.ssh HOT 1
- [bug] Error messages need an extra newline HOT 1
- [bug/feature] `--no-color` changes more than just the color/no-color of the log output
- [feature] Tell the user which private key's passphrase is being requested
- [feature] Reword "Invalid secret"
- [feature] allow users to communicate private key passphases more securely HOT 2
- Filters to prevent accidentally checking in plaintext? HOT 2
- Option to skip encrypted files when reencrypting. HOT 1
- agebox cannot be used to encrypt content for yubikey-backed keys HOT 2
- cannot decrypt file after encryption using personal RSA keys
- Add passphrase support on SSH keys
- [ENHANCEMENT] Management of .gitignore in case of present git repository HOT 2
- Loading invalid public keys should not error
- Discover private keys from a path
- What private key format does agebox expect? HOT 2
- Sanitize Age `X25519` keys on load
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from agebox.