pass show --pipe
vadyalex
vadyalex at gmail.com
Wed Nov 15 20:07:52 UTC 2023
Hello there!
First of all thank you for this wonderful project!
I mostly use pass on laptop either via `pass show --clip ..` or via
`pass show ..` then selecting and copying directly from terminal and
pasting to the target place, - mostly browser.
Recently I needed to extract copy of the password and encrypted it
with gpg for CI system and then paste result inside yaml file; In
order to produce encrypted message I did: `pass show the_password_file
| gpg -a -e -r ci`
After long hours of investigation I understood that `pass show --clip
the_password_file` and `pass show the_password_file` as well as
`$(pass show the_password_file)` are not equal (given that
the_password_file was produced via: `echo -n 'the_password' | pass
insert --echo the_password_file
`pass show --clip the_password_file` copies password to clipboard -
i.e. copies content of the first line <-- does not include trailing
new line
`pass show the_password_file` - send content to standard output <--
includes trailing new line
`$(pass show the_password_file)` - send content to standard output <--
command substitution removes trailing new line
[https://www.gnu.org/software/bash/manual/html_node/Command-Substitution.html]
My confusion was due to fact the I assumed since I produced the
content for `the_password` without new line characters I would consume
it as such..
It is in the retrospect I understand that in order to store password
on the first line one must indicate new line and store for further
encryption.
If I would produce `the_password` via temporary file and insert
multi-line option: `echo -n 'the_password' >
/tmp/the_password_file.tmp && pass insert -m the_password_file <
/tmp/the_password_file.tmp`
That way `pass show the_password_file` would produce equal result as
`pass show --clip the_password_file` but this approach is heavily
restricted by the way how it was created.
In order to remove trailing new line one could use command
substitution: `echo -n $(pass show the_password_file)` and for
So what I think I want is the way to output the password without
trailing new line to standard output exactly like `--clip`;
introducing new `--pipe` option along with `--clip` and `--qrcode`
Here is my proposed patch:
diff --git a/src/password-store.sh b/src/password-store.sh
index 22e818f..bcc44cc 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -366,24 +366,25 @@ cmd_init() {
}
cmd_show() {
- local opts selected_line clip=0 qrcode=0
- opts="$($GETOPT -o q::c:: -l qrcode::,clip:: -n "$PROGRAM" -- "$@")"
+ local opts selected_line clip=0 qrcode=0 pipe=0
+ opts="$($GETOPT -o q::c::p:: -l qrcode::,clip::,pipe:: -n
"$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
-q|--qrcode) qrcode=1; selected_line="${2:-1}"; shift 2 ;;
-c|--clip) clip=1; selected_line="${2:-1}"; shift 2 ;;
+ -p|--pipe) pipe=1; selected_line="${2:-1}"; shift 2 ;;
--) shift; break ;;
esac done
- [[ $err -ne 0 || ( $qrcode -eq 1 && $clip -eq 1 ) ]] && die
"Usage: $PROGRAM $COMMAND [--clip[=line-number],-c[line-
number]]
[--qrcode[=line-number],-q[line-number]] [pass-name]"
+ [[ $err -ne 0 || ( $qrcode -eq 1 && $clip -eq 1 && $pipe -eq 1 )
]] && die "Usage: $PROGRAM $COMMAND
[--clip[=line-number],-c[line-number]]
[--qrcode[=line-number],-q[line-number]]
[--pipe[=line-number],-p[line-number]] [pass-name]"
local pass
local path="$1"
local passfile="$PREFIX/$path.gpg"
check_sneaky_paths "$path"
if [[ -f $passfile ]]; then
- if [[ $clip -eq 0 && $qrcode -eq 0 ]]; then
+ if [[ $clip -eq 0 && $qrcode -eq 0 && $pipe -eq 0 ]]; then
pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | $BASE64)" || exit $?
echo "$pass" | $BASE64 -d
else
@@ -394,6 +395,8 @@ cmd_show() {
clip "$pass" "$path"
elif [[ $qrcode -eq 1 ]]; then
qrcode "$pass" "$path"
+ elif [[ $pipe -eq 1 ]]; then
+ echo -n "$pass"
fi
fi
elif [[ -d $PREFIX/$path ]]; then
More information about the Password-Store
mailing list