Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add silent mode in read builtin #838

Closed
siteshwar opened this issue May 27, 2013 · 20 comments
Closed

Add silent mode in read builtin #838

siteshwar opened this issue May 27, 2013 · 20 comments
Labels
Milestone

Comments

@siteshwar
Copy link
Member

@siteshwar siteshwar commented May 27, 2013

In silent mode, typed characters are not shown in terminal, Bash supports silent mode with '-s' flag, so read -s will not echo characters on terminal. We should have similar flag in fish's read builtin.

@dag
Copy link
Contributor

@dag dag commented May 27, 2013

On the one hand I want to say that fish scripting is mainly meant for scripting fish, I think, and what use does this have for that? On the other hand, I'm a sucker for security and think shoulder surfing is scary!

Maybe we could have it print asterisks or bullets for each typed character, mimicking GUI password inputs? Some feedback that the keys actuated and that the input got sent to the right window/terminal.

@terlar
Copy link
Contributor

@terlar terlar commented May 27, 2013

Another thing that this got me thinking about would be auto-accepting, like it takes one char and then accepts it.

Do you want to continue [Y/n], y, and that would send the command directly. Sorry for bringing that up in this issue though.

@jhillyerd
Copy link

@jhillyerd jhillyerd commented Jun 5, 2014

@dag I'd like to be able to prompt for a password as part of setting up my proxy server environment variables.

@jhillyerd
Copy link

@jhillyerd jhillyerd commented Jun 5, 2014

This is my workaround, not sure how portable it is:

echo -n 'Proxy Password: '
stty -echo
head -n 1 - | read -l pass
stty echo
echo
@leeola
Copy link

@leeola leeola commented Nov 13, 2014

@dag

On the one hand I want to say that fish scripting is mainly meant for scripting fish, I think, and what use does this have for that?

I'm not sure what you mean by that. How is a silent read option, not fish scripting?

Regarding what use it has, the i think it would have the same uses as read -s in bash. Sensitive information (passwords), etc.

As a sidenote, a silent option would be great, as the alternative seems to be this verbose option:

stty -echo
if not read foo
  stty echo
  exit $status
stty echo
@ByScripts
Copy link
Contributor

@ByScripts ByScripts commented Nov 17, 2014

Any news on that issue? Would be great.

Thanks for the workaround though.

Edit: Just tried the workaround. Didn't work. After stty -echo I can still see the characters.

@leeola
Copy link

@leeola leeola commented Nov 25, 2014

@ridiculousfish Any comment on this? A proper silent option is really useful (needed even?)

@ridiculousfish
Copy link
Member

@ridiculousfish ridiculousfish commented Nov 26, 2014

Seems reasonable to me.

@zanchey
Copy link
Member

@zanchey zanchey commented Nov 26, 2014

read -s is currently used to enable "shell" mode in the trunk source (not released) so either that needs to be moved or another option needs to be specified.

@tfga
Copy link

@tfga tfga commented Jul 3, 2015

@jhillyerd's code as a function:

function readPasswd # prompt targetVar

    echo -n $argv[1]
    stty -echo
    head -n 1 | read -g $argv[2]
    stty echo
    echo

end
@Asuza
Copy link

@Asuza Asuza commented Oct 29, 2015

I was writing a script this morning and was rather disappointed to discover I couldn't input via a "password" mode. Hoping this get implemented soon.

@ridiculousfish
Copy link
Member

@ridiculousfish ridiculousfish commented Nov 5, 2015

This seems like a nice to have feature

@cben
Copy link
Contributor

@cben cben commented Feb 12, 2016

Turns out read uses readline and stores history (#1504).
Does stty -echo interact sanely with readline?
IMNSHO whatever mechanism there will be to read silently should also inhibit history saving [at least by default].
I think this all points to a builtin flag of read being better than "do it yourself" / stdlib function.

@ghost
Copy link

@ghost ghost commented Feb 12, 2016

I think this all points to a builtin flag of read being better than "do it yourself" / stdlib function.

👍

For a userland implementation see: #2166 (comment)

@krader1961
Copy link
Contributor

@krader1961 krader1961 commented Apr 12, 2017

Closed with squashed merge commit 8213885.

@krader1961 krader1961 closed this Apr 12, 2017
@Pysis868
Copy link

@Pysis868 Pysis868 commented Jun 16, 2017

woo!!

GitHub - fish-shell/fish-shell - fish 2.6.0 (released June 3, 2017):

  • ...
  • read supports a new --silent option to hide the characters typed (#838), for when reading sensitive data from the terminal. read also now accepts simple strings for the prompt (rather than scripts) with the new -P and --prompt-str options (#802).
  • ...
@mustafawm
Copy link

@mustafawm mustafawm commented Feb 1, 2019

Can we update the docs please?
https://fishshell.com/docs/2.6/commands.html#read

@faho
Copy link
Member

@faho faho commented Feb 1, 2019

@mustafawm: We have, you're looking at an outdated version. See https://fishshell.com/docs/current/commands.html#read.

@mustafawm
Copy link

@mustafawm mustafawm commented Feb 1, 2019

Oh! thanks @faho, I was running an older version (2.6) ...just installed the latest (3) via homebrew.

@dideler
Copy link
Contributor

@dideler dideler commented Oct 17, 2019

FWIW, made a very simple package to hide the input (instead of obscuring it): fish-read-silent

And an example use case as a dependency in another package: fish-index

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 16, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
You can’t perform that action at this time.