- Enable tests
- Install all language manpages
- Fix -keygen installing to -mount
- Switch from obsoleted practices to modern ones:
* %setup is now %autosetup
* cargo_config is now part of vendor file
* disabledrun is now manualrun
- Update to version 0.10.0+0:
Added:
* Russian translation
* rage-keygen -y IDENTITY_FILE to convert identity files to
recipients.
Changed:
* MSRV is now 1.65.0.
* Migrated from gumdrop to clap for argument parsing.
* -R/--recipients-file and -i/--identity now support "read-once"
files, like those used by process substitution (-i
<(other_binary get-age-identity)) and named pipes.
* The filename - (hyphen) is now treated as an explicit request
to read from standard input when used with -R/--recipients-file
or -i/--identity. It must only occur once across the
-R/--recipients-file and -i/--identity flags, and the input
file. It cannot be used if the input file is omitted.
Fixed:
* OpenSSH private keys passed to -i/--identity that contain
invalid public keys are no longer ignored when encrypting, and
instead cause an error.
* Weak ssh-rsa public keys that are smaller than 2048 bits are
now rejected.
* rage-keygen no longer overwrites existing key files with the
-o/--output flag. This was its behaviour prior to 0.6.0, but
was unintentionally changed when rage was modified to overwrite
existing files. Key file overwriting can still be achieved by
omitting -o/--output and instead piping stdout to the file.
* rage-keygen now prints fatal errors directly instead of them
being hidden behind the RUST_LOG=error environment variable. It
also now sets its return code appropriately instead of always
returning 0.
OBS-URL: https://build.opensuse.org/request/show/1170001
OBS-URL: https://build.opensuse.org/package/show/security/rage-encryption?expand=0&rev=31
- Update to version 0.9.2+0:
* v0.9.2
* Fix changelog bugs and add missing entry
* Document `PINENTRY_PROGRAM` environment variable
* age: Add `Decryptor::new_async_buffered`
* age: `impl AsyncBufRead for ArmoredReader`
* Pre-initialize vectors when the capacity is known, or use arrays
* Use `PINENTRY_PROGRAM` as environment variable for `pinentry`
* Document why `impl AsyncWrite for StreamWriter` doesn't loop indefinitely
* cargo update
* cargo vet prune
* Migrate to `cargo-vet 0.7`
* build(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.1
* Correct spelling in documentation
* build(deps): bump codecov/codecov-action from 3.1.1 to 3.1.4
* StreamWriter AsyncWrite: fix usage with futures::io::copy()
* rage: Use `Decryptor::new_buffered`
* age: Add `Decryptor::new_buffered`
* age: `impl BufRead for ArmoredReader`
* Update Homebrew formula to v0.9.1
* feat/pinentry: Use env var to define pinentry binary
OBS-URL: https://build.opensuse.org/request/show/1092720
OBS-URL: https://build.opensuse.org/package/show/security/rage-encryption?expand=0&rev=27
- Update to version 0.9.1+0:
* ssh: Fix parsing of OpenSSH private key format
* ssh: Support `aes256-gcm@openssh.com` ciphers for encrypted keys
* ssh: Add `aes256-gcm@openssh.com` cipher to test cases
* ssh: Extract common key material derivation logic for encrypted keys
* ssh: Use associated constants for key and IV sizes
* ssh: Add test cases for encrypted keys
- Add shell completions for fish and zsh.
OBS-URL: https://build.opensuse.org/request/show/1074938
OBS-URL: https://build.opensuse.org/package/show/security/rage-encryption?expand=0&rev=23
- Set minimum rust requirement to 1.59
- Update to version 0.8.1+0:
* v0.8.1
* Revert updates to `dashmap` and `indexmap`
* cargo update
* age: Add passphrase to scrypt_work_factor_23 testkit test file
* age: Reject invalid or non-canonical X25519 recipient stanzas
* age: Require "contributory" behaviour for X25519 recipient stanzas
* age: Add testkit test files from reference impl
* Update Homebrew formula to v0.8.0
OBS-URL: https://build.opensuse.org/request/show/994831
OBS-URL: https://build.opensuse.org/package/show/security/rage-encryption?expand=0&rev=13
- Update to version 0.8.0+0:
* v0.8.0
* age: Allow ciphertexts that encrypt the empty plaintext
* Update Italian translation
* Don't allow -i/--identity with passphrase-encrypted files
* age: Require the last STREAM chunk to be non-empty
* age: Return correct response encoding for `confirm` command
* age: Base64-decode metadata arguments to "confirm" message
* age: Extract "confirm" command handling into a helper function
OBS-URL: https://build.opensuse.org/request/show/974493
OBS-URL: https://build.opensuse.org/package/show/security/rage-encryption?expand=0&rev=11
