UX: Identity should be consistent with Recepient
supermarin opened this issue · comments
What were you trying to do
Trying to pass a value to identity stored in a variable. At the moment, RECEPIENT supports both -rR
options and -i
assumes a PATH instead of IDENTITY.
What happened
-i flag assumes a PATH.
$ age --help
... ommitted ..
Options:
-r, --recipient RECIPIENT Encrypt to the specified RECIPIENT. Can be repeated.
-R, --recipients-file PATH Encrypt to recipients listed at PATH. Can be repeated.
-i, --identity PATH Use the identity file at PATH. Can be repeated.
What am I expecting to happen
$ age --help
... ommitted ..
Options:
-r, --recipient RECIPIENT Encrypt to the specified RECIPIENT. Can be repeated.
-R, --recipients-file PATH Encrypt to recipients listed at PATH. Can be repeated.
-i, --identity IDENTITY Use the specified IDENTITY. Can be repeated.
-I, --identity-file PATH Use the identity file at PATH. Can be repeated.
This is a very intentional asymmetry. Arguments end up in shell histories and are visible in ps
, they are not a good place for cryptographic secrets, so we restrict identities to being files.
That's a good point. Would it make sense to at least change -i
to -I
?
In retrospect it might have made more sense, but I don't think it's worth the churn of changing it at this point. Also, a -I
without a -i
is confusing, too.