Complete preparations for 2.1.0 release

- bump version number to 2.1.0
- add CHANGELOG.md document with historical and new changes
- update man page to match changes to README.md
- always use double brackets '[[' ']]' around tests, they're safer

.gitattributes

@@ -1 +1 @@
-sensitive_file  filter=crypt diff=crypt
+sensitive_file  filter=crypt diff=crypt merge=crypt

CHANGELOG.md

@@ -0,0 +1,178 @@
+# Changelog
+
+This is a summary of transcrypt releases, dates, and key changes.
+
+See also https://github.com/elasticdog/transcrypt/releases
+
+## transcrypt v2.1.0 (? ? 2020)
+
+This release includes features to make it easier and safer to use transcrypt,
+in particular: fix merge of encrypted files with conflicts, preventing
+accidental commit of plain text files by incompatible Git tools, and upgrade
+easily with `--upgrade`.
+
+### Steps to upgrade
+
+1. Make sure you are running the latest version of _transcrypt_:
+
+   ```
+   $ transcrypt --version
+   ```
+
+2. Upgrade a repository:
+
+   ```
+   $ transcrypt --upgrade
+   ```
+
+3. Enable the merge handling fix by adding `merge=crypt` to the end of each
+   _transcrypt_ pattern in `.gitattribute`, to look like this:
+
+   ```
+   sensitive_file  filter=crypt diff=crypt merge=crypt
+   ```
+
+### New features
+
+- Add `--upgrade` command to apply the latest transcrypt scripts in an already
+  configured repository without the need to re-apply existing settings.
+
+- Install a Git pre-commit hook to reject accidental commit of unencrypted
+  plain text version of sensitive files, which could otherwise happen if a tool
+  does not respect the `.gitattribute` filters Transcrypt needs to do its job.
+
+### Fixed
+
+- Fix handling of branch merges with conflicts in encrypted files, which would
+  previously leave the user to manually merge files with a mix of encrypted and
+  unencrypted content. (#69, #8, #23, #67)
+
+- Remove any cached unencrypted files from Git's object database when
+  credentials are removed from a repository with a flush or uninstall, so
+  sensitive file data does not remain accessible in a surprising way. (#74)
+
+- Fix handling of sensitive files with non-ASCII file names, such as extended
+  Unicode characters. (#78)
+
+- Transcrypt `--version` and `--help` commands now work when run outside a Git
+  repository. (#68)
+
+- The `--list` command now works in a repository that has not yet been init-ed.
+
+### Changed
+
+- Add a functional test suite built on [bats-core](https://github.com/bats-core/bats-core#installation).
+- Apply Continuous Integration: run functional tests with GitHub Actions.
+- Fix [EditorConfig](https://editorconfig.org/) file config for Markdown files.
+- Add [CHANGELOG.md](CHANGELOG.md) file to make it easier to find notes about
+  project changes (see also Release)
+
+## transcrypt v2.0.0 (20 Jul 2019)
+
+**\*\*\* WARNING: Re-encryption will be required when updating to version 2.0.0! \*\*\***
+
+This is not a security issue, but the result of a [bug fix](https://github.com/elasticdog/transcrypt/pull/57) to ensure that the salt generation is consistent across all operating systems. Once someone on your team updates to version 2.0.0, it will manifest as the encrypted files in your repository showing as _changed_. You should ensure that all users upgrade at the same time...since `transcrypt` itself is small, it may make sense to commit the script directly into your repo to maintain consistency moving forward.
+
+### Steps to Re-encrypt
+
+After you've upgraded to v2.0.0...
+
+1. Display the current config so you can reference the command to re-initialize things:
+
+   ```
+   $ transcrypt --display
+   The current repository was configured using transcrypt version 1.1.0
+   and has the following configuration:
+
+     GIT_WORK_TREE:  /home/elasticdog/src/transcrypt
+     GIT_DIR:        /home/elasticdog/src/transcrypt/.git
+     GIT_ATTRIBUTES: /home/elasticdog/src/transcrypt/.gitattributes
+
+     CIPHER:   aes-256-cbc
+     PASSWORD: correct horse battery staple
+
+   Copy and paste the following command to initialize a cloned repository:
+
+     transcrypt -c aes-256-cbc -p 'correct horse battery staple'
+   ```
+
+2. Flush the credentials and re-configure the repo with the same settings as above:
+
+   ```
+   $ transcrypt --flush-credentials
+   $ transcrypt -c aes-256-cbc -p 'correct horse battery staple'
+   ```
+
+3. Now that all of the appropriate files have been re-encrypted, add them and commit the changes:
+   ```
+   $ git add -- $(transcrypt --list)
+   $ git commit --message="Re-encrypt files protected by transcrypt using new salt value"
+   ```
+
+### Fixed
+
+- Force the use of macOS's system `sed` binary to prevent errors (#50)
+- Fix cross-platform compatibility by making salt generation logic consistent (#57)
+
+### Changed
+
+- Add an [EditorConfig](https://editorconfig.org/) file to help with consistency in formatting (#51)
+- Use [unofficial Bash strict mode](http://redsymbol.net/articles/unofficial-bash-strict-mode/) for safety (#53)
+- Reformat files using the automated formatting tools [Prettier](https://prettier.io/) and [shfmt](https://github.com/mvdan/sh)
+- Ensure that `transcrypt` addresses all [ShellCheck](https://github.com/koalaman/shellcheck) static analysis warnings
+
+## transcrypt v1.1.0 (26 May 2018)
+
+### Fixed
+
+- Fix broken cipher validation safety check when running with OpenSSL v1.1.0+. (#48)
+
+## transcrypt v1.0.3 (21 Aug 2017)
+
+### Fixed
+
+- Explicitly set digest hash function to match default settings before OpenSSL v1.1.0. (#41)
+
+## transcrypt v1.0.2 (6 Apr 2017)
+
+### Fixed
+
+- Ensure realpath function does not incorrectly return the current directory for certain inputs. (#38)
+
+## transcrypt v1.0.1 (6 Jan 2017)
+
+### Fixed
+
+- Correct the behavior of `mktemp` when running on OS X versions 10.10 Yosemite and earlier.
+- Prevent unexpected error output when running transcrypt outside of a Git repository.
+
+## transcrypt v1.0.0 (2 Jan 2017)
+
+Since the v0.9.9 release, these are the notable improvements made to transcrypt:
+
+- properly handle file names with spaces
+- adjust usage of `mktemp` utility to be more cross-platform
+- additional safety checks for all required cli utility dependencies
+
+## transcrypt v0.9.9 (5 Sep 2016)
+
+Since the v0.9.7 release, these are the notable improvements made to transcrypt:
+
+- support for use of a [wildcard](https://github.com/elasticdog/transcrypt/commit/a0b7d4ec0296e83974cb02be640747149b23ef54) with `--show-raw` to dump the raw commit objects for _all_ encrypted files
+- GPG import/export of repository configuration
+- more [strict filter script behavior](https://github.com/elasticdog/transcrypt/pull/29) to adhere to upstream recommendations
+- automatic caching of the decrypted content for faster Git operations like `git log -p`
+- ability to configure bare repositories
+- ability to configure "fake bare" repositories for use through [vcsh](https://github.com/RichiH/vcsh)
+- ability configure multiple worktrees via [git-workflow](https://github.com/blog/2042-git-2-5-including-multiple-worktrees-and-triangular-workflows)
+- support for unencrypted archive exporting via [git-archive](https://git-scm.com/docs/git-archive)
+
+## transcrypt v0.9.8 (5 Sep 2016)
+
+## transcrypt v0.9.7 ( 23 Mar 2015)
+
+## transcrypt v0.9.6 (30 Aug 2014 )
+
+## transcrypt v0.9.5 (23 Aug 2014)
+
+## transcrypt v0.9.4 (3 Mar 2014)

README.md

@@ -55,6 +55,7 @@ The requirements to run transcrypt are minimal:
 - Bash
 - Git
 - OpenSSL
+- `column` command (on Ubuntu/Debian install `bsdmainutils`)
 
 ...and optionally:
 
@@ -325,30 +326,3 @@ To run the tests:
 - [install bats-core](https://github.com/bats-core/bats-core#installation)
 - run all tests with: `bats tests/`
 - run an individual test with e.g: `./tests/test_help.bats`
-
-## Changes
-
-Fixes:
-
-- Fix handling of branch merges with conflicts in encrypted files, which would
-  previously leave the user to manually merge files with a mix of encrypted and
-  unencrypted content.
-
-  To apply this fix in projects that already use transcrypt: use the `--upgrade`
-  command, or uninstall and re-init transcrypt then add `merge=crypt` to the
-  patterns in _.gitattributes_
-
-- Remove any cached unencrypted from Git's object database when credentials are
-  removed from a repository with a flush or uninstall (#74).
-
-Improvements:
-
-- Add Git pre-commit hook to reject commit of file that should be encrypted but
-  has plain text content: a safety mechanism to prevent accidental commits of
-  plain text files staged by tools that do not respect the .gitattribute
-  filters Transcrypt needs to do its job.
-
-- Add --upgrade command to apply the latest transcrypt scripts in the
-  repository without changing its configuration settings.
-
-- Add functional tests.

contrib/bash/transcrypt

@@ -22,7 +22,7 @@ _transcrypt() {
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	opts="-c -p -y -d -r -f -F -u -l -s -e -i -v -h \
-	      --cipher --password --yes --display --rekey --flush-credentials --force --uninstall --list --show-raw --export-gpg --import-gpg --version --help"
+	      --cipher --password --yes --display --rekey --flush-credentials --force --uninstall --upgrade --list --show-raw --export-gpg --import-gpg --version --help"
 
 	case "${prev}" in
 		-c | --cipher)

contrib/packaging/pacman/PKGBUILD

@@ -1,6 +1,6 @@
 # Maintainer: Aaron Bull Schaefer <[email protected]>
 pkgname=transcrypt
-pkgver=2.0.0
+pkgver=2.1.0
 pkgrel=1
 pkgdesc='A script to configure transparent encryption of files within a Git repository'
 arch=('any')

contrib/zsh/_transcrypt

@@ -18,6 +18,7 @@ _transcrypt() {
 		'(-f --flush-credentials -c --cipher -p --password -r --rekey -u --uninstall)'{-f,--flush-credentials}'[flush cached credentials]' \
 		'(-F --force -d --display -u --uninstall)'{-F,--force}'[ignore repository clean state]' \
 		'(-u --uninstall -c --cipher -d --display -f --flush-credentials -p --password -r --rekey)'{-u,--uninstall}'[uninstall transcrypt]' \
+		'(--upgrade -c --cipher -d --display -f --flush-credentials -p --password -r --rekey)'{--upgrade}'[upgrade transcrypt]' \
 		'(-i --import-gpg -c --cipher -p --password -d --display -f --flush-credentials -u --uninstall)'{-i,--import-gpg=}'[import config from gpg file]:file:->file' \
 		&& return 0
 

man/transcrypt.1.ronn

@@ -46,6 +46,10 @@ The transcrypt source code and full documentation may be downloaded from
     remove all transcrypt configuration from the repository
     and leave files in the current working copy decrypted
 
+  * `--upgrade`:
+    apply the latest transcrypt scripts in the repository without
+    changing your configuration settings
+
   * `-l`, `--list`:
     list all of the transparently encrypted files in the repository,
     relative to the top-level directory
@@ -78,12 +82,12 @@ were not given.
     $ transcrypt
 
 Once a repository has been configured with transcrypt, you can transparently
-encrypt files by applying the "crypt" filter and diff to a pattern in the
-top-level _.gitattributes_ config. If that pattern matches a file in your
+encrypt files by applying the "crypt" filter, diff and merge to a pattern in
+the top-level _.gitattributes_ config. If that pattern matches a file in your
 repository, the file will be transparently encrypted once you stage and commit
 it:
 
-    $ echo 'sensitive_file  filter=crypt diff=crypt' >> .gitattributes
+    $ echo 'sensitive_file  filter=crypt diff=crypt merge=crypt' >> .gitattributes
     $ git add .gitattributes sensitive_file
     $ git commit -m 'Add encrypted version of a sensitive file'
 

tests/_test_helper.bash

@@ -1,46 +1,46 @@
 function init_git_repo {
   # Warn and do nothing if test dir envvar is unset
-  if [ -z $BATS_TEST_DIRNAME ]; then
+  if [[ -z "$BATS_TEST_DIRNAME" ]]; then
     echo "WARNING: Required envvar \$BATS_TEST_DIRNAME is unset"
   # Warn and do nothing if test git repo path already exists
-  elif [ -e $BATS_TEST_DIRNAME/.git ]; then
+  elif [[ -e "$BATS_TEST_DIRNAME/.git" ]]; then
     echo "WARNING: Test repo already exists at $BATS_TEST_DIRNAME/.git"
   else
     # Initialise test git repo at the same path as the test files
-    git init $BATS_TEST_DIRNAME
+    git init "$BATS_TEST_DIRNAME"
     # Flag test git repo as 100% the test one, for safety before later removal
-    touch $BATS_TEST_DIRNAME/.git/repo-for-transcrypt-bats-tests
+    touch "$BATS_TEST_DIRNAME"/.git/repo-for-transcrypt-bats-tests
   fi
 }
 
 function nuke_git_repo {
   # Warn and do nothing if test dir envvar is unset
-  if [ -z $BATS_TEST_DIRNAME ]; then
+  if [[ -z "$BATS_TEST_DIRNAME" ]]; then
     echo "WARNING: Required envvar \$BATS_TEST_DIRNAME is unset"
   # Warn and do nothing if the test git repo is missing the flag file that
   # ensures it *really* is the test one, as set by the 'init_git_repo' function
-  elif [ ! -e $BATS_TEST_DIRNAME/.git/repo-for-transcrypt-bats-tests ]; then
+  elif [[ ! -e "$BATS_TEST_DIRNAME/.git/repo-for-transcrypt-bats-tests" ]]; then
     echo "WARNING: Aborting delete of non-test Git repo at $BATS_TEST_DIRNAME/.git"
   else
     # Forcibly delete the test git repo
-    rm -fR $BATS_TEST_DIRNAME/.git
+    rm -fR "$BATS_TEST_DIRNAME"/.git
   fi
 }
 
 function cleanup_all {
   nuke_git_repo
-  rm $BATS_TEST_DIRNAME/.gitattributes
-  rm -f $BATS_TEST_DIRNAME/sensitive_file
+  rm "$BATS_TEST_DIRNAME"/.gitattributes
+  rm -f "$BATS_TEST_DIRNAME"/sensitive_file
 }
 
 function init_transcrypt {
-  $BATS_TEST_DIRNAME/../transcrypt --cipher=aes-256-cbc --password=abc123 --yes
+  "$BATS_TEST_DIRNAME"/../transcrypt --cipher=aes-256-cbc --password=abc123 --yes
 }
 
 function encrypt_named_file {
   filename="$1"
   content=$2
-  if [ "$content" ]; then
+  if [[ "$content" ]]; then
     echo "$content" > "$filename"
   fi
   echo "\"$filename\" filter=crypt diff=crypt merge=crypt" >> .gitattributes
@@ -49,14 +49,14 @@ function encrypt_named_file {
 }
 
 function setup {
-  pushd $BATS_TEST_DIRNAME
+  pushd "$BATS_TEST_DIRNAME" || exit 1
   init_git_repo
-  if [ ! "$SETUP_SKIP_INIT_TRANSCRYPT" ]; then
+  if [[ ! "$SETUP_SKIP_INIT_TRANSCRYPT" ]]; then
     init_transcrypt
   fi
 }
 
 function teardown {
   cleanup_all
-  popd
+  popd || exit 1
 }