for sobolevn#811: allow perm warnings in non-verbose mode

joshrabinowitz · Apr 10, 2022 · 44c6950 · 44c6950
1 parent 86f2ec4
commit 44c6950
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 12 deletions.
diff --git a/src/_utils/_git_secret_tools.sh b/src/_utils/_git_secret_tools.sh
@@ -807,8 +807,9 @@ function _decrypt {
 
   if [[ -z "$_SECRETS_VERBOSE" ]]; then
     args+=( "--quiet" )
-  else
-    args+=( "--no-permission-warning" )
+  #else
+  #  # for #811, allow permission warnings (that are not supressed by --quiet) even if not in verbose mode
+  #  args+=( "--no-permission-warning" )
   fi
 
   set +e   # disable 'set -e' so we can capture exit_code

diff --git a/src/commands/git_secret_hide.sh b/src/commands/git_secret_hide.sh
@@ -174,9 +174,10 @@ function hide {
           args+=( '--armor' )
         fi
 
-        if [[ -n "$_SECRETS_VERBOSE" ]]; then
-            args+=( '--no-permission-warning' )
-        fi
+        # for #811, allow permission warnings even if not in verbose mode
+        #if [[ -n "$_SECRETS_VERBOSE" ]]; then
+        #    args+=( '--no-permission-warning' )
+        #fi
 
         # we depend on $recipients being split on whitespace
         # shellcheck disable=SC2206

diff --git a/src/commands/git_secret_removeperson.sh b/src/commands/git_secret_removeperson.sh
@@ -31,9 +31,11 @@ function removeperson {
   _assert_keyring_contains_emails_at_least_once "$secrets_dir_keys" "git-secret keyring" "${emails[@]}"
 
   local args=( --homedir "$secrets_dir_keys" --batch --yes )
-  if [[ -n "$_SECRETS_VERBOSE" ]]; then
-    args+=( '--no-permission-warning' )
-  fi
+
+  # for #811, allow permission warnings even if not in verbose mode
+  #if [[ -n "$_SECRETS_VERBOSE" ]]; then
+  #  args+=( '--no-permission-warning' )
+  #fi
 
   for email in "${emails[@]}"; do
     # see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs for info about 3>&-

diff --git a/src/commands/git_secret_tell.sh b/src/commands/git_secret_tell.sh
@@ -86,8 +86,9 @@ function tell {
       $SECRETS_GPG_COMMAND --export -a "$email" > "$keyfile" 3>&-
       exit_code=$?
     else
-      # It means that homedir is set as an extra argument via `-d`:
-      $SECRETS_GPG_COMMAND --no-permission-warning --homedir="$homedir" \
+      # This means that homedir is set as an extra argument via `-d`:
+      # For #811, allow permission warnings from gnupg
+      $SECRETS_GPG_COMMAND --homedir="$homedir" \
         --export -a "$email" > "$keyfile" 3>&-
       exit_code=$?
     fi

diff --git a/tests/_test_base.bash b/tests/_test_base.bash
@@ -56,8 +56,10 @@ function is_git_version_ge_2_28_0 { # based on code from github autopilot
 # GPG-based stuff:
 : "${SECRETS_GPG_COMMAND:='gpg'}"
 
-# This command is used with absolute homedir set and disabled warnings:
-GPGTEST="$SECRETS_GPG_COMMAND --homedir=$TEST_GPG_HOMEDIR --no-permission-warning --batch"
+# This command is used with absolute homedir set
+# we used to also disabled warnings with `--no-permission-warning`, but now,
+# for #811, we now run tests allowing permission warnings to be emitted
+GPGTEST="$SECRETS_GPG_COMMAND --homedir=$TEST_GPG_HOMEDIR --batch"
 
 # Test key fixture data. Fixtures are at tests/fixtures/gpg/$email