[PATCH] emacs: Add variable password-store-file-extension.

Nicolas Graves ngraves at ngraves.fr
Wed Mar 15 14:40:56 UTC 2023


On 2023-03-10 13:12, Tino Calancha wrote:

Hi Tino,

Thanks for your considerate answer.

> Dear Nicolas,
>
> Thank you for your contribution and your patience while awaiting a
> response. I appreciate your effort in submitting the patch.
>
> I reviewed your patch carefully a few days after it was posted, and I
> apologize for not providing any feedback earlier.
>
> However, I am not comfortable with accepting this patch. The reason is
> that it may give users the false impression that everything will work
> seamlessly with the AGE encryption as it does with GPG. It won't.

I fully understand the issue. However, for a simple password store (and
nothing more elaborate), I can get it to work with a few customizations,
and without the need to add a new package. I've seen the repository
https://github.com/anticomputer/passage.el but most of what is done here
is done with this patch.

> Indeed, to fully support AGE encryption at the same level as we do
> with GPG would require significant upstream work. Currently, Emacs
> ships with the epa- libraries, which are tailored to support GPG and
> handle transparent encryption/decryption of files.

I guess what would be needed for this seamless integration is closer to
what is found here : https://github.com/anticomputer/age.el ; but I
haven't needed it to get my password store working with age.

> Until we have equivalent libraries that can handle AGE encryption, I
> discourage adding a patch like the one you proposed.
>
> Thank you again for your contribution, and I apologize for not
> providing feedback earlier.

If the issue is the trust in users' perception and expectations if this
variable has to be defined, would it be possible to consider the patch
with an additional warning with the fact that only gnupg is supported,
or something like that?

Another option would be to try and merge equivalent patches
corresponding to this repo age.el (I haven't looked at it, it's probably
also very light) and file auth-source-pass.el in Emacs source code
before here.

I've also sent a patch in upstream Emacs for the part in
auth-source-pass.el, see here:
https://lists.gnu.org/archive/html/emacs-devel/2023-03/msg00342.html

I've just seen by the way that if this patch gets merged, we could also
not define this variable in password-store.el and use the
auth-source-pass-file-extension since it should be defined in
password-store.el. I'm also forwarding this email to Eli Zaretskii as I
just answered regarding the aforementioned patch on emacs-devel mailing
lists, so that he gets more information.

>
> Tino

-- 
Best regards,
Nicolas Graves


More information about the Password-Store mailing list