The README in v2.0.0 had example code that wouldn't compile. It also had a typo in the doctests that caused the README example to be skipped. This release fixes that documentation problem. There are no functional code changes since v2.0.0.
v2.0.0: general release of keyring v2
Keyring v2 (available on crates.io) is a significant upgrade from v1 while maintaining full backward compatibility on existing platforms. Here's a summary of the changes from v1:
Introduce traits for pluggable credential-store implementations.
Add a mock credential store for easy cross-platform client testing.
Upgrade to secret-service v3.
Always use service-level search in secret-service.
Allow creation of new collections in secret-service.
Add the kernel keyutils as a linux credential store.
Add build support for FreeBSD.
The README contains instructions for upgrading v1 client code to work with v2. Enjoy!
v2.0.0-rc3: Updated docs
This release, which is fully compatible with v1 and fully documented, will become the v2 release in a few days unless issues are reported. Please try it out ASAP.
v2.0.0-rc.2: Improved performance and v1 compatibility
Here's how the secret-service credential store works now:
We always use service-level search. So no options are needed to turn it on or off.
We always add a target attribute when creating new items.
We always just search for the service and user. So we find both v1-style entries (with no target attribute) and v2-style entries (with the target attribute). We filter the found results so they are either v1-style entries (which are assumed to have a matching target) or v2-style entries with a matching target.
If we ever get multiple hits on a search, we return an ambiguous error.
set-password works by doing get-password and then, if it finds a unique item, setting the password on that item. If there is no matching item, it creates one in a collection labeled by the target (creating that collection if necessary). Note that the default target is the only collection found by alias; all other collections are found by label.
This seems to provide the best of all worlds: v1 and v2 are now completely compatible, and we can create collections if the client uses a non-default target. (Note that v1 never created collections, and it always used the target name as an alias, so in effect it was completely restricted to using the default collection.)
If (due to 3rd party items) an ambiguity is found, there are platform-specific entries for getting all the passwords or deleting all the matching items.
v2.0.0-rc.1: : Early release of v2
This is a complete release of keyring v2 based on the latest secret-service v3. It's marked as a release candidate both to allow external user testing and to prevent unwitting upgrades (because good docs that explain how to move code from v1 to v2 have not yet been written). The actual v2 release is expected in about a week.
See the release notes for the alpha and beta versions of v2 for more info about what's in v2 relative to v1.
v2.0.0-beta.1: Add service-level search to secret-service
This release introduces one option in the secret-service credential store builder: a boolean search_all which means to search for credentials in all collections (i.e., use service-level search). When you turn on search_all in the builder, it causes all the credentials to include a target attribute (as well as using the target for the collection name in which the credential is created), and it always searches for credentials at service level including the target attribute. This means:
if search_all is off (the default), then we are completely compatible with v1 credentials and we have to do the explicit check for a locked credential on get and delete.
if search_all is on, then we will never see any v1 or search_all=off credentials at all (because none have a target attribute).
Note that v1 and search_all=off will find credentials built with search_all=on (because they ignore the target attribute). In addition, because of the way the secret service works, doing a v1 or search_all=off set-password call will remove the target attribute from an existing credential with the same service and user.
Thus, to write a v2 client that always uses service-level search but is compatible with non-service-level search clients, the service-level search client should always delete any existing non-target entry with the same user and service before setting a password. This is very easy to do because you can use two credential stores side-by-side in the same v2 client.
In order to publish this release to crates.io, we have reverted to using v2 of the secret-service, because v3 is not yet released. If v3 is released before we are out of beta, we will integrate it into our release. Otherwise, we should be able to do a single dot release that incorporates it.
v2 alpha 4: pre-release that can't go to crates.io
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps keyring from 1.2.1 to 2.0.1.
Release notes
Sourced from keyring's releases.
... (truncated)
Changelog
Sourced from keyring's changelog.
Commits
271d285Merge pull request #116 from brotskydotcom/readme-example-fixb87ffd4Fix the example in the README.2765999Merge pull request #115 from brotskydotcom/final-tweaks-for-releasec745fd1Fix typo in change log.1ead47fUpdate change log.c8e8ee6Update badges in the README.2879c99Updates to the cli example and README description.5f458b8Tweaks to the doc based on docs.rs viewing.dd354b5Move to v2.0.0.246817cAdd client upgrade instructions to the README.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)