Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
sequoia-sq: update to 0.38.0.
* Changes in 0.38.0
** Notable changes
- New subcommand `sq key subkey delete` to delete secret key
material.
- New subcommand `sq network wkd publish` that publishes
certificates in a WKD over rsync.
- Removed now obsolete `sq network wkd generate`.
- Removed `sq network wkd url` and `sq network wkd direct-url`.
- Renamed subcommand `sq key attest-certifications` to `sq key
approvals update` to reflect the new name in the draft, and to
make room for introspection commands.
- New subcommand `sq key subkey password` to change the password
protecting secret key material.
- The subcommand `sq network keyserver publish` can now publish
certs from the certificate store using the `--cert` parameter.
- The subcommands `sq key generate` and `sq key userid add` gained
the options `--name` and `--email` as a more user-friendly way to
specify user IDs.
- All short options with the exception of `-v` have been removed.
We will judiciously add some back before releasing 1.0.
- The dot output has been removed. Those relying on it can use the
standalone sq-wot tool.
- New subcommand `sq key subkey export` to export individual keys.
This functionality was split off from `sq key export`.
- `sq key generate` and `sq key subkey add` now prompt for a
password by default. This can be disabled by passing
`--without-password`.
- New subcommand `sq key approvals list` that lists approved
third-party certifications and those pending approval.
- Remove `sq cert export`'s `--key` argument. Change `--cert` to
match both primary keys and subkeys.
* Changes in 0.37.0
** Notable changes
- Remove PKS support.
- `sq key userid add` can now use the certificate store and the
keystore.
- `sq key userid add` no longer accepts positional arguments. The
user ID is provided by the `--userid` argument, and the
certificate by `--cert` or `--cert-file`.
- Drop the `--certificate-file` argument from `sq key revoke`, `sq
key subkey revoke`, and `sq key userid revoke` drop the
`--certificate-file`. (The certificate can still be specified
using `--cert-file`.)
- Rename the `--revocation-file` argument to `--revoker-file` in
`sq key revoke`, `sq key subkey revoke`, and `sq key userid
revoke`.
- `sq key revoke --cert-file`, `sq key revoke --revoker-file` `sq
key subkey revoke --cert-file`, `sq key subkey revoke
--revoker-file`, `sq key userid revoke --cert-file`, and `sq key
userid revoke --revoker-file` now accept `-`, which means to read
from stdin.
- `sq key revoke`, `sq key subkey revoke`, and `sq key userid
revoke` now reads from the certificate store when using `--cert`
or --revoker`. When `--cert` is used, and `--output` is not
specified, the resulting revocation certificate is saved to the
certificate store.
- The user ID argument to `sq key userid revoke` is no longer a
positional argument, but must be specified with `--userid`.
- Change `sq cert lint` to not read from stdin by default.
- In `sq cert lint`, change the certificate file parameter from a
positional parameter to a named parameter, `--cert-file`.
- `sq cert lint` can now use the certificate store and the
keystore.
- In `sq key subkey add`, change the certificate file parameter
from a positional parameter to a named parameter, `--cert-file`.
- `sq key subkey add` now reads from the certificate store when
using `--cert`. When `--cert` is used, and `--output` is not
specified, the new subkey is saved to the key store.
- In `sq key expire`, change the certificate file parameter from a
positional parameter to a named parameter, `--cert-file`.
- Split the functionality to update a subkey's expiration time off
of `sq key expire` and into `sq key subkey expire`.
- Rename `sq key subkey expire`'s `--subkey` argument to `--key`.
- `sq key expire` and `sq key subkey expire` can now use the
cert store and the key store.
- Add the `--password-file` argument to the `sq sign` command to
allow the user to prefill the password cache with a password from
a file.
- In `sq key password`, change the certificate file parameter from a
positional parameter to a named parameter, `--cert-file`.
- `sq pki certify`'s certifier parameter interprets `-` as meaning
it should read the certificate from stdin.
- In `sq pki certify`, change the certifier file parameter from a
positional parameter to a named parameter, `--certifier-file`.
- `sq pki certify` can now use the cert store and the key store.
- In `sq key adopt`, change the certificate file parameter from a
positional parameter to a named parameter, `--cert-file`.
- `sq key adopt` can now use the cert store and the key store.
- In `sq key attest-certifications`, change the certificate file
parameter from a positional parameter to a named parameter,
`--cert-file`.
- In `sq key attest-certifications`, don't make `--all` the
default, but require the user to specify it (or `--none`)
explicitly.
- `sq key attest-certifications` can now use the cert store and the
key store.
- Rename the `--expiry` argument to `--expiration`.
- Rename `sq key password`'s `--clear` argument to `--clear-password`.
- Add a top-level `--password-file` argument to seed the password
cache. Remove `sq key password`'s `--old-password-file`, and `sq
sign`'s `--password-file` local arguments in favor of this
argument.
* Changes in 0.36.0
- Missing
* Changes in 0.35.0
- Missing