2pass 1.2.0 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dbffa6c36a23a40c4ec93bc9f0277cf43d3e2388b61459a89aad0bb89458451e
-  data.tar.gz: 5ab72d0c03fb7b718aaec180fdb530755ad69394acb6f808918b978044174e47
+  metadata.gz: 135196a393e121fb8b71d5295fdedc19f3bccb24885ce81cf630be59d2b7c64e
+  data.tar.gz: 7f5684e81780732115fcf6b9d5a071cfd1e8a05eaa48246e35f7fd3841a702ce
 SHA512:
-  metadata.gz: 0f0bce6612b408712dac5d313331b8721703f89a4a695ff0d7fd23076d6fcaf7bd2fdec67bdf75c1504f98d59dd400fe04bfa70f729847e234b13ab114d03eb6
-  data.tar.gz: 06d625e2325531c59eff3d197eab64ed3265de9c93ab4046ff39c81f7057ceecb3c2cd640cccc70f9073da3975a3eac9e14fdbaf185242ff4141a0ea1bc6a517
+  metadata.gz: e1c997e62173b57c596adf21c9636bfd7ed3417a5f0611d497db1caa486a18e113ad37b234bec8b3334fcea282c5f99f2ec9dbd1b4e328222b1439f281629586
+  data.tar.gz: 9697b86fe839dc5d29f7786ab2e278986fbdb64bd2fc89e142f6e8bc812f919a66d3b57afcb97e71e099d806cc1411c56c12f5117facf6174ee780de71812b14

data/2pass.gemspec

@@ -24,4 +24,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rake", "~> 13.0"
   spec.add_development_dependency "minitest", "~> 5.0"
   spec.add_development_dependency "minitest-reporters", "~> 1.3", ">= 1.3.0"
+
+  spec.add_dependency "terminal-table", "~> 4.0"
 end

data/README.md

@@ -17,13 +17,12 @@ An array of hashes with the following keys:
 
 - id
 - value
-- uuid
 
 ```sh
   touch ~/.2pass/vault_name.yml
 ```
 
-Alternatively, if you have a vault file in a different location, you can link it.
+Alternatively, if you already have a vault file in a different location, you can link it.
 
 ```sh
   2pass link vault_name /path/to/vault_name.yml
@@ -40,10 +39,18 @@ Then build the gem and install it.
 
 ```sh
   2pass -h
-  2pass get <vault_name> <id>
-  2pass list <vault_name>
-  2pass add <vault_name> <id> <value>
+  2pass get <vault_name> <id> [env]
+  2pass list <vault_name> [env]
+  2pass list <vault_name> [env] --json
+  2pass list <vault_name> [env] --dotenv
+  2pass add <vault_name> <id> <value> [env]
+  2pass link <vault_name> <target_path> [env]
+  2pass update
 ```
+You can also pass an optional environment to most commands:
+`2pass get myproject mykey production`
+
+This will search for `mykey` within `myproject.production.yml`
 
 ## Development
 

data/bin/2pass

@@ -5,12 +5,14 @@ require_relative "../lib/2pass"
 def help_message
   puts <<~HELP
     Usage:
-      2pass add <vault_name> <id> <value>   - Add new secret
-      2pass get <vault_name> <id>           - Get content by ID from the specified vault
-      2pass list <vault_name>               - List the content of the specified vault as key-value pairs
-      2pass list <vault_name> --json        - List the content of the specified vault as JSON
-      2pass link <vault_name> <target_path> - Create a symlink for an existing vault. Useful when the vault is stored in a synced place (iCloud, Dropbox, etc.)
-      2pass -h                              - Display this help message
+      2pass add <vault_name> <id> <value> [env]    - Add new secret. env is optional
+      2pass get <vault_name> <id> [env]            - Get content by ID from the specified vault. env is optional
+      2pass list <vault_name> [env]                - List the content of the specified vault as key=value pairs. env is optional
+      2pass list <vault_name> [env] --json         - List the content of the specified vault as JSON. env is optional
+      2pass list <vault_name> [env] --dotenv       - List the content of the specified vault as key=value pairs. env is optional
+      2pass link <vault_name> <target_path> [env]  - Create a symlink for an existing vault. Useful when the vault is stored in a synced place (iCloud, Dropbox, etc.). env is optional
+      2pass update                                  - Update 2pass to the latest RubyGems release
+      2pass -h                                      - Display this help message
   HELP
 end
 
@@ -24,12 +26,12 @@ OptionParser.new do |opts|
   opts.on("-v", "--version", "Display the version") do
     options[:version] = true
   end
-  opts.on("-f", "--format", "Specify output format (e.g., json)") do |format|
-    options[:format] = format == "json" ? :json : :text
-  end
-  opts.on("--json", "Use JSON output format (same as -f json)") do
+  opts.on("--json", "Use JSON output format") do
     options[:format] = :json
   end
+  opts.on("--dotenv", "Use key=value output format") do
+    options[:format] = :dotenv
+  end
 end.parse!
 
 if options[:help]
@@ -42,46 +44,61 @@ if options[:version]
   exit
 end
 
-if ARGV.length < 2
+if ARGV.empty?
   help_message
   exit(1)
 end
 
-command, vault_name, *args = ARGV
+command, *args = ARGV
 
 begin
   case command&.to_sym
   when :get
-    if args.length < 1
+    if args.length < 2 || args.length > 3
       help_message
       exit(1)
     end
-    id = args[0]
-    puts TwoPass.get_secret(vault_name, id)
+    vault_name, id, env = args[0], args[1], args[2]
+    puts TwoPass.get_secret(vault_name, id, env: env)
   when :add
-    if args.length != 2
+    if args.length < 3 || args.length > 4
       help_message
       exit(1)
     end
-    TwoPass.add_secret(vault_name, args[0], args[1])
+    vault_name, id, value, env = args[0], args[1], args[2], args[3]
+    TwoPass.add_secret(vault_name, id, value, env: env)
   when :list
+    if args.length < 1 || args.length > 2
+      help_message
+      exit(1)
+    end
+    vault_name, env = args[0], args[1]
     if options[:format] == :json
-      puts TwoPass.list_content(vault_name, format: :json)
+      puts TwoPass.list_content(vault_name, env: env, format: :json)
+    elsif options[:format] == :dotenv
+      puts TwoPass.list_content(vault_name, env: env, format: :dotenv)
     else
-      puts TwoPass.list_content(vault_name)
+      puts TwoPass.list_content(vault_name, env: env)
     end
-    exit(1)
+    exit(0)
   when :link
-    if args.length < 1
+    if args.length < 2 || args.length > 3
       help_message
       exit(1)
     end
-    target_path = args[0]
-    TwoPass.create_symlink(vault_name, target_path)
+    vault_name, target_path, env = args[0], args[1], args[2]
+    TwoPass.create_symlink(vault_name, target_path, env: env)
+  when :update
+    if args.any?
+      help_message
+      exit(1)
+    end
+    puts TwoPass.update_cli
   when :help
     help_message
   else
     help_message
+    exit(1)
   end
 rescue => e
   STDERR.puts e.message

data/lib/2pass/version.rb

@@ -1,3 +1,3 @@
 module TwoPass
-  VERSION = "1.2.0"
+  VERSION = "2.1.0"
 end

data/lib/2pass.rb

@@ -1,8 +1,13 @@
+# frozen_string_literal: true
+
 require "optparse"
 require "json"
 require "yaml"
 require "fileutils"
-require "securerandom"
+require "net/http"
+require "uri"
+require "rubygems/version"
+require "terminal-table"
 
 require_relative "2pass/version"
 
@@ -10,42 +15,62 @@ module TwoPass
   VAULT_DIR = "#{Dir.home}/.2pass"
 
   class << self
-    def create_symlink(vault_name, target_path)
+    def create_symlink(vault_name, target_path, env: nil)
       FileUtils.mkdir_p(VAULT_DIR)
-      symlink_path = "#{VAULT_DIR}/#{vault_name}.yml"
+      symlink_path = vault_file_path(vault_name, env: env)
+      expanded_target_path = File.expand_path(target_path)
 
-      if File.exist?(symlink_path)
-        puts "Symlink already exists: #{symlink_path}"
-      else
-        File.symlink(target_path, symlink_path)
-        puts "Created symlink: #{symlink_path} -> #{target_path}"
+      unless File.exist?(expanded_target_path)
+        raise "Target vault file does not exist: #{expanded_target_path}"
       end
-    end
 
-    def load_vault(vault_name)
-      file_path = "#{VAULT_DIR}/#{vault_name}.yml"
-      return [] unless File.exist?(file_path)
+      unless File.readable?(expanded_target_path)
+        raise "Target vault file is not readable: #{expanded_target_path}"
+      end
 
-      YAML.load_file(file_path, symbolize_names: true) || []
-    rescue Psych::SyntaxError => e
-      STDERR.puts "Error parsing YAML file: #{e.message}"
-      []
+      if File.symlink?(symlink_path)
+        existing_target = File.expand_path(File.readlink(symlink_path), File.dirname(symlink_path))
+        if existing_target == expanded_target_path
+          puts "Symlink already exists: #{symlink_path} -> #{expanded_target_path}"
+          return
+        end
+
+        raise "A different symlink already exists at #{symlink_path}: #{existing_target}"
+      end
+
+      if File.exist?(symlink_path)
+        raise "A regular file already exists at #{symlink_path}. Remove it before creating a symlink."
+      end
+
+      File.symlink(expanded_target_path, symlink_path)
+      puts "Created symlink: #{symlink_path} -> #{expanded_target_path}"
     end
 
-    def save_vault(vault_name, data)
+    def save_vault(vault_name, data, env: nil)
       FileUtils.mkdir_p(VAULT_DIR)
-      file_path = "#{VAULT_DIR}/#{vault_name}.yml"
+      file_path = vault_file_path(vault_name, env: env)
       File.write(file_path, YAML.dump(data))
     end
 
-    def list_content(vault_name, format: :text)
-      vault = load_vault(vault_name)
-      if format == :text
+    def list_content(vault_name, env: nil, format: :table)
+      vault = load_vault(vault_name, env: env)
+      if format == :table
+        rows = vault
+          .sort_by { |hash| hash[:id] }
+          .each_with_object([]) do |h, arr|
+          arr << [h[:id], h[:value]]
+        end
+        Terminal::Table.new(
+          rows: rows,
+          title: env || nil,
+          style: {all_separators: true}
+        ).to_s
+      elsif format == :dotenv
         vault
           .map { |h| "#{h[:id]}=#{h[:value]}" }
           .sort
           .join("\n")
-      else
+      elsif format == :json
         JSON.pretty_generate(
           vault
             .map { |hash| hash.slice(:id, :value) }
@@ -54,23 +79,22 @@ module TwoPass
       end
     end
 
-    def add_secret(vault_name, id, value)
+    def add_secret(vault_name, id, value, env: nil)
       new_secret = {
         id: id,
-        value: value,
-        uuid: SecureRandom.uuid
+        value: value
       }
-      data = load_vault(vault_name)
+      data = load_vault(vault_name, env: env)
       existing_entry_id = data.find_index { |hash| hash[:id] == new_secret[:id] }
       if existing_entry_id
         raise "The secret already exists"
       end
       data << new_secret
-      save_vault(vault_name, data)
+      save_vault(vault_name, data, env: env)
     end
 
-    def get_secret(vault_name, id)
-      vault = load_vault(vault_name)
+    def get_secret(vault_name, id, env: nil)
+      vault = load_vault(vault_name, env: env)
       entry = vault.find { |hash| hash[:id] == id }
       if entry
         entry[:value]
@@ -78,5 +102,92 @@ module TwoPass
         raise "Entry not found"
       end
     end
+
+    def update_cli
+      latest_version = fetch_latest_version
+      current = Gem::Version.new(VERSION)
+      latest = Gem::Version.new(latest_version)
+
+      if current >= latest
+        return "2pass is already up to date (#{VERSION})."
+      end
+
+      unless run_update_command
+        raise "Failed to update 2pass. Try running: #{update_command.join(' ')}"
+      end
+
+      "Updated 2pass from #{VERSION} to #{latest_version}. Restart your shell session if needed."
+    end
+
+    private
+
+    def load_vault(vault_name, env: nil)
+      file_path = self.vault_file_path(vault_name, env: env)
+      return [] unless File.exist?(file_path)
+
+      YAML.load_file(file_path, symbolize_names: true) || []
+    rescue Errno::EACCES, Errno::EPERM => e
+      raise permission_error_message(file_path, e)
+    rescue Psych::SyntaxError => e
+      STDERR.puts "Error parsing YAML file: #{e.message}"
+      []
+    end
+
+    def vault_file_path(vault_name, env: nil)
+      [
+        VAULT_DIR,
+        [vault_name, env].compact.join(".")
+      ].join("/") + ".yml"
+    end
+
+    def permission_error_message(file_path, error)
+      message = +"Unable to read vault file: #{file_path}\n#{error.class}: #{error.message}"
+      symlink_target = nil
+
+      if File.symlink?(file_path)
+        symlink_target = File.expand_path(File.readlink(file_path), File.dirname(file_path))
+        message << "\nSymlink target: #{symlink_target}"
+      end
+
+      path_to_check = symlink_target || file_path
+      if path_to_check.include?("/Library/Mobile Documents/")
+        message << "\nThe vault points to iCloud Drive. macOS may be blocking your terminal app."
+        message << "\nCheck System Settings > Privacy & Security > Files and Folders"
+        message << "\nfor your terminal app and enable iCloud Drive (and Full Disk Access if needed)."
+      end
+
+      message
+    rescue StandardError
+      "Unable to read vault file: #{file_path}\n#{error.class}: #{error.message}"
+    end
+
+    def fetch_latest_version
+      uri = URI("https://rubygems.org/api/v1/gems/2pass.json")
+      response = Net::HTTP.start(
+        uri.host,
+        uri.port,
+        use_ssl: true,
+        open_timeout: 5,
+        read_timeout: 5
+      ) do |http|
+        http.get(uri.request_uri)
+      end
+
+      unless response.is_a?(Net::HTTPSuccess)
+        raise "Unable to check latest version (HTTP #{response.code})"
+      end
+
+      JSON.parse(response.body).fetch("version")
+    rescue JSON::ParserError, KeyError => e
+      raise "Unable to parse latest version from RubyGems: #{e.message}"
+    end
+
+    def run_update_command
+      system(*update_command)
+    end
+
+    def update_command
+      [Gem.ruby, "-S", "gem", "update", "2pass"]
+    end
   end
 end

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: 2pass
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 2.1.0
 platform: ruby
 authors:
 - Olivier
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-09 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -72,6 +71,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.3.0
+- !ruby/object:Gem::Dependency
+  name: terminal-table
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
 description: 2pass is a CLI application for managing YAML-based vaults.
 email:
 - contact@yafoy.com
@@ -91,7 +104,6 @@ homepage: https://2pass.xyz
 licenses:
 - MIT
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -106,8 +118,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.11
-signing_key:
+rubygems_version: 4.0.3
 specification_version: 4
 summary: A CLI app for managing secrets
 test_files: []