jhaals / yopass

Secure sharing of secrets, passwords and files
https://yopass.se
Apache License 2.0
1.87k stars 290 forks source link

[Feature] CLI: Default behaviour encrypt from editor #2480

Open avesst opened 1 month ago

avesst commented 1 month ago

I use Yopass quite a lot in my work, and usually I have a secret in the clipboard I need to send with some additional information. Instead of having either...

  1. Open a file, enter information, save it, cat and pipe to yopass
  2. Open the browser, enter information, encrypt

I thought of what if the default behaviour if the CLI was ran without --file or something piped to it, that it opened a temporary file in an editor, and when you saved and closed the editor the contents would be sent to Yopass and an URL returned.

I've managed to create a prototype of this (branch), which I think works quite well. For the time being, it reads the $EDITOR environment variable and opens that editor, with fallback to vi .

I'm not sure if that generic environment variable is the way to go, or perhaps one specific to Yopass should be used.

I briefly tried making this work with Notepad as default in Windows, but I couldn't get Notepad to re-save the temporary file to C:\Users\user\AppData\Local\Temp - it kept forcing a "Save As" dialog on me and I have not made any further attempts.

Before spending any more time on this I wanted to gather people's thoughts on this. Attached a small video as demonstration.

Screencast from 2024-10-01 18-51-08.webm

jhaals commented 1 month ago

Thanks for the suggestion and the demo! In my head the venn diagram for terminal is for very quick pipe outout where it does not make sense to put it in the browser, I feel like opening an editor and type additional information is where you would actually open up the browser instead. I'm not sure sure the value add is enough to actually support it in the cli

avesst commented 1 month ago

For me this is quicker, more convenient and ergonomical. Any time I can refrain from moving off my keyboard and reaching for the mouse is a win imo.

I saw the PR about a headless mode and I think this would work well in those cases where you would want to run completely headless, encrypting and decrypting solely from the CLI.