[pass] [PATCH] show age of password

Sun Jul 26 14:10:32 CEST 2015

- assume the password is stored in the first line of a password-file
- find the latest git revision that changes that line
- show all passwords by age
---
 src/password-store.sh | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)

diff --git a/src/password-store.sh b/src/password-store.sh
index c85cc33..a1e0711 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -127,6 +127,45 @@ check_sneaky_paths() {
 	done
 }
 
+git_revisions() {
+	[[ -d $GIT_DIR ]] || return
+	local path="$1"
+	local passfile="$path.gpg"
+	git log --format=%H -- $passfile
+}
+
+git_revision() {
+	[[ -d $GIT_DIR ]] || return
+	local path="$1"
+	local revision="$2"
+	local passfile="$path.gpg"
+	git show $revision:$passfile | $GPG -d "${GPG_OPTS[@]}" | head -n 1
+}
+
+oldest_password_change() {
+	[[ -d $GIT_DIR ]] || die "Error: the password store is not a git repository. Try \"$PROGRAM git init\"."
+	local path="$1"
+	check_sneaky_paths "$path"
+	git_revisions "$path" | while read revision
+	do
+		if [ -z "$password" ]; then
+			password="$(git_revision $path $revision)"
+		else
+			if [ password != "$(git_revision $path $revision)" ]; then
+				break
+			fi
+		fi
+		echo $revision
+	done | tail -n 1
+}
+
+password_ages() {
+	cd $PREFIX && find . -name "*.gpg" | sed 's/^\.\///' | sed 's/\.gpg$//' | while read path
+	do
+		cmd_age "$path"
+	done
+}
+
 #
 # END helper functions
 #
@@ -257,6 +296,10 @@ cmd_usage() {
 	    $PROGRAM git git-command-args...
 	        If the password store is a git repository, execute a git command
 	        specified by git-command-args.
+	    $PROGRAM age pass-name
+	        Show when a password last changed as an absolute unix timestamp and relatively in a human readable format.
+	    $PROGRAM ages
+	        Show password age for all passwords ordered from newest to oldest.
 	    $PROGRAM help
 	        Show this text.
 	    $PROGRAM version
@@ -340,6 +383,17 @@ cmd_show() {
 	fi
 }
 
+cmd_age() {
+	local path="$1"
+	check_sneaky_paths "$path"
+	local oldest=$(oldest_password_change "$path")
+	git show -s --format="%ct%x09%cr%x09"$path"" "$oldest"
+}
+
+cmd_ages() {
+	password_ages | sort -r
+}
+
 cmd_find() {
 	[[ -z "$@" ]] && die "Usage: $PROGRAM $COMMAND pass-names..."
 	IFS="," eval 'echo "Search Terms: $*"'
@@ -590,6 +644,8 @@ case "$1" in
 	help|--help) shift;		cmd_usage "$@" ;;
 	version|--version) shift;	cmd_version "$@" ;;
 	show|ls|list) shift;		cmd_show "$@" ;;
+	age) shift;			cmd_age "$@" ;;
+	ages) shift;			cmd_ages "$@" ;;
 	find|search) shift;		cmd_find "$@" ;;
 	grep) shift;			cmd_grep "$@" ;;
 	insert|add) shift;		cmd_insert "$@" ;;
-- 
2.4.6

