Closed heikkiorsila closed 2 years ago
Merging #78 (35a7e40) into main (0098150) will increase coverage by
0.09%
. The diff coverage is92.50%
.
@@ Coverage Diff @@
## main #78 +/- ##
==========================================
+ Coverage 75.33% 75.43% +0.09%
==========================================
Files 23 23
Lines 2169 2190 +21
Branches 509 513 +4
==========================================
+ Hits 1634 1652 +18
- Misses 418 419 +1
- Partials 117 119 +2
Impacted Files | Coverage Δ | |
---|---|---|
covert/__main__.py | 96.62% <92.50%> (-1.81%) |
:arrow_down: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update 0098150...35a7e40. Read the comment docs.
Thanks for your contribution. You are right on that the help needs to be expanded but we also wish to keep the printouts short enough to fit on a typical terminal. Thus, I would recommend implementing sub command helps that are more extensive than the main help screen that needs to be quite minimal.
Help arguments are parsed prior to command mode by the needhelp
function, with the intention of displaying help and no errors even if the other arguments were invalid. This unfortunately means that in such case the sub commands are not parsed (that would only occur a few lines later in the argparse
function). I suggest a modification that can parse both the help and the modes, and then display the most suitable help page.
Note that combined short arguments are supported such that these two are equivalent:
covert enc -R github:foo -o output.dat
covert -eRo github:foo output.dat
This is done to be be compatible with other CLI encryption tools, but the mode (-e
or -d
) must always come first because the meaning of other arguments can be different depending on mode.
Note that arg parameters are consumed even if they begin with hyphens (this could potentially eat the --help
argument). I would not be against restricting the use of help arguments to syntactically correct commands only. Consider the following where a malicious user passes in --help
as their PUBKEY. The program returns no error but the help text is saved in encrypted.dat
instead of any encrypted data:
covert enc -r "$PUBKEY" userdata.txt > encrypted.dat
Ideally this should fail with Invalid recipient string "--help"
error and print nothing to stdout. That would be accomplished by running the full argument parsing, which then also handles the help arguments the same as any other arg. If there is a syntax error, the program already prints the most suitable help to stderr and exits with an error status.
Another alternative, or addition
covert help enc # sub command is help, any further arguments are help topic
covert help key # separate topic for key formats/generation (assuming key is not a sub command itself)
It would be awesome if you could implement these changes in the way you see most fit. Feel free to hack the argparse
function as you wish but check the tests (by running tox
in the main folder) to avoid unexpected changes.
"covert enc --help" prints more comprehensive help for encryption options.
"covert dec --help" was fixed to not print encryption options.
"covert edit" pattern matching was corrected. "covert e" would be interpreted as "covert edit", but this conflicts with "covert enc".
"covert [-h] [--help]" prints short help that fits on 80x24 terminal.
"covert help" subcommand prints full help, including supported key formats and command line examples.