• [ ] All records need to be versioned:
  • [ ] Metadata
  • [ ] Creds
  • [ ] EncryptedRecord
  • [ ] DecryptedRecord
• [ ] The DB struct itself needs to be versioned, too
• [ ] The version to use needs to be configurable
• [ ] Attempting to load records with with different versions than configured needs to err-out
• [ ] Alternatively, the use may be prompted to upgrade and/or downgrade
• [ ] Migrations to/from versions need to be supported
• [ ] DBs and records of specific versions need to be easily created
• [ ] Add an auto-upgrade flag to the CLI

Tasks:

• [ ] Create some examples:
  • [ ] password generation
  • [ ] import
  • [ ] export
  • [ ] adding one record
  • [ ] updating one record
  • [ ] removing one record
• [ ] Update Makefile to include a target to run all examples
• [ ] Add individual examples to CI/CD as part of the build process

See log: https://docs.rs/crate/rucksack/0.4.1/builds/713859

This is due to the fact that the container generating the docs on docs.rs doesn't have a USER env:

src/cli/command/arg.rs:        .default_value(env!("USER"))

These are also exported in CSV file format; should be trivial.

Tasks:

• [x] Implement the feature
• [x] Update the README project desc
• [x] Update the GH project desc
• [x] Update the Cargo project desc

Right now, the --decrypt flag shows the passwords as well as their score. I'd like to be able to --decrypt, see the score, but not the password -- unless I explicitly ask for a --reveal.

Encrypting strings with ring: https://gist.github.com/ru273/8cf21e5a59e65caf5cebc0318a2d25de

Would be nice to define a struct and indicate which fields should be encrypted ... maybe secrecy can help with that?

See: https://github.com/laysakura/serde-encrypt

Using SurrealDB, we're looking at this, right now:

CREATE secret SET
type=password
name='YYY',
user='XXX',
url='ZZZ',
password='AAA',
created=time::now(),
updated='';

Usage is like this:

USER=alice
PASS=abc123
KEY=$(openssl enc -aes128 -k $PASS -md sha1 -P|grep key=|sed 's/key=//')
echo $KEY
surreal start --key $KEY --pass $PASS --strict --bind 0.0.0.0:5099 file://data/$USER

DATA="INFO FOR DB;"
curl --request POST \
	--header "Accept: application/json" \
	--header "NS: secrets" \
	--header "DB: $USER" \
	--user "$USER:$PASS" \
	--data "${DATA}" \
	http://localhost:5099/sql

DATA="CREATE secret SET
type=password
name='YYY',
user='XXX',
url='ZZZ',
password='AAA',
created=time::now(),
updated='';"

curl -k -L -s --compressed POST \
	--header "Accept: application/json" \
	--header "NS: secrets" \
	--header "DB: $USER" \
	--user "$USER:$PASS" \
	--data "${DATA}" \
	http://localhost:5099/sql

This works comes on the heels of several efforts:

• #54 (won't do)
• #59 (requires examining db files at the byte-level)
• #48
• #44

All of these have led to me working on the following tasks:

• [x] Tag our database files with version metadata
  • [x] create a wrapper struct for bytes and the current version
  • [x] refactor DB write code
  • [x] update the DB write to add an extra step of including the version metadata in the file
  • [x] refactor the DB read code
  • [x] update the DB read to properly parse the version metadata
• [x] Add CLI commands for working with database file/format versions
• [x] Create example databases in older formats and save them for use in tests
• [ ] Add logic for parsing the version, and on error, attempting to open DBs in the old format
• [x] #61

Tasks:

• [ ] Add a new backup command to the CLI
  • [ ] with no additional subcommands, perform a backup
    • for a non-daemonised instance, this is just a file copy
    • for a daemonized instance, this is a request issued to the server -- this depends upon #41
    • [ ] update #41 with this enhancement task
• [ ] add a new backup list command so show all (including timestamp)
• [ ] add a new backup restore command (by index or filename)
• [ ] add a new backup delete command

I think if we can't do it for this one, then we just bail and forget about it:

• https://mozilla.github.io/application-services/book/rust-docs/fxa_client/index.html

Features and/or tasks:

• [ ] Update the App struct to include a field for the most recent backup filename
• [ ] Refactor db.close() to pull out backup logic
  • [ ] create a new backup method
  • [ ] include the ability to include a tag for annoation (e.g., -backup--)
• [ ] Add a backup method to the App struct
  • this will call the db's backup method
  • and set the App's latest_backup field
• [ ] Add a replace method to the DB struct
  • this will accept a new dash_map as input
  • and replace the current in-memory dash_map on DB with the given one
• [ ] Add a restore method on App
  • [ ] this will call db.replace passing app.latest_backup
  • [ ] it will also null out app.latest_backup
• [ ] Add a restore_from_file method on App
  • [ ] this will call db.replace with the given file
  • [ ] it will also null out app.latest_backup
• [ ] #48

Blocks:

• #41