v1.12.2

1.12.2 / 2021-03-13

• [BUGFIX] Do not fail if reminder is unavailable (#1835, #1832)
• [BUGFIX] Do not shadow directories (#1817, #1813)
• [BUGFIX] Do not trigger ClamAV FP (#1810, #1807)
• [BUGFIX] Fix -o (#1822)
• [BUGFIX] Honor Ctrl+C while waiting for user input (#1805, #1800)
• [ENHANCEMENT] Add gopass.1 man page (#1827, #1824)
• [UX] Adding the grep command to --help (#1826, #1825)

v1.12.1

1.12.1 / 2021-02-17

• [BUGFIX] Enable updater on Windows (#1790, #1789)
• [BUGFIX] Fix progress bar nil pointer access (#1790, #1789)
• [BUGFIX] Fix % char in passwords being treated as formatting (#1794, #1793, #1801)
• [ENHANCEMENT] Add ARCHITECTURE.md (#1787)
• [ENHANCEMENT] Added a env var to disable reminders (#1792)
• [ENHANCEMENT] Remind to run gopass update/fsck/audit after 90d (#1792)

v1.12.0

1.12.0 / 2021-02-11

WARNING: The self updater does not support updating from 1.11.0 to 1.12.0. Our
release infrastructure does not support the key type used in 1.11.0.

NOTE: This release drops the integrations that were moved to their own repos,
i.e. git-credential-gopass, gopass-hibp, gopass-jsonapi and
gopass-summon-provider.

We have implemented proper release signing and verification for the self
updater and brought it back.

• [BUGFIX] Add signature verification for updater (#1717, #1676)
• [BUGFIX] Allow using tilde (#1713, #872)
• [BUGFIX] Always allow removing mounts (#1748, #1746)
• [BUGFIX] Ask passphrase upon key generation (#1715, #1698)
• [BUGFIX] Do not overwrite age keyring (#1734, #1678)
• [BUGFIX] Remove empty parents on gopass rm -r (#1725, #1723)
• [BUGFIX] The empty password must now be confirmed too (#1719)
• [BUGFIX] Use the first GPG found in path on Windows (#1751, #1635)
• [BUGFIX] Warn about --throw-keyids (#1759, #1756)
• [BUGFIX] fixed mixed case keys for key-value, all keys are lower case now (#1778)
• [CLEANUP] Remove migrated binaries (#1712, #1673, #1649, #1652, #1631, #1165, #1711, #1670, #1639)
• [CLEANUP] Remove the ondisk backend (#1720)
• [ENHANCEMENT] Add -A and -B to pwgen (#1716)
• [ENHANCEMENT] Add Pinentry CLI fallback (#1697, #1655)
• [ENHANCEMENT] Add REPL cmd lock (#1744)
• [ENHANCEMENT] Add optional pinentry unescaping (#1621)
• [ENHANCEMENT] Add tpl funcs for Bcrypt and Argon2 (#1706, #1689)
• [ENHANCEMENT] Add windows support to the self updater (#1724, #1722)
• [ENHANCEMENT] Confirm new age keyring passphrases (#1747)
• [ENHANCEMENT] KV secrets are now key-values, supporting multiple same key with different values (#1741)
• [ENHANCEMENT] UTF-8 emojis (#1715, #1698)
• [ENHANCEMENT] Use gpgconf to the the gpg binary (#1758, #1757)
• [ENHANCEMENT] Use main as the git default branch (#1749, #1742)
• [ENHANCEMENT] Use persistent SSH connections (#1755)
• [TESTING] Adding DI to Github Actions (#1728)

v1.12.0-rc2

1.12.0-rc2 / 2021-02-07

• [BUGFIX] fixed mixed case keys for key-value, all keys are lower case now (#1778)

v1.11.0

1.11.0 / 2020-01-12

This is an important bugfix release that should resolve several outstanding
issues and concerns. Since 1.10.0 was released was engaged in a lot of
discussions and realized that compatibility is more important than we first
thought. So we're rolling back some breaking changes and revise some parts of
our roadmap. We will strive to remain compatible with other password store
implementations - but remember this is a goal, not a promise. This means we'll
continue using compatible secrets formats as well as GPG and Git.

Notice the Windows support should have been significantly improved.
Notice the Mime type was removed. Run gopass fsck --decrypt to detect
leftover Mime secrets. They won't be converted automatically for now but if you
edit them they can be converted into standard plain or key-value secrets.

• [BUGFIX] Allow secret names to have a colon in the name
• [BUGFIX] Apply limit in list correctly
• [BUGFIX] Correcting newlines handling
• [BUGFIX] Correct missing padding to TOTP entry
• [BUGFIX] Create cache folder if doesn't exist.
• [BUGFIX] Disable gopass update
• [BUGFIX] Disabling all kind of parsing of the input
• [BUGFIX] Do not duplicate key password in K/V secrets
• [BUGFIX] Do not search for new secrets
• [BUGFIX] fixes gopass-jsonapi for MacTools GPGSuite users.
• [BUGFIX] Fix legacy config parsing
• [BUGFIX] fsck won't correct recipients without --decrypt
• [BUGFIX] Insert is not resetting the pw now if a key:value pair is specified inline
• [BUGFIX] Invalidate GPG key list after generation
• [BUGFIX] List no longer uses the store size as its default depth
• [BUGFIX] Nil dereference in cui
• [BUGFIX] Pass arguments to a notification program
• [BUGFIX] Password insert prompt now works on Windows
• [BUGFIX] Re-adding the global --yes flag
• [BUGFIX] Remove GPG location caching
• [BUGFIX] Restore path-removal from old config-format
• [BUGFIX] Show now correctly handles -C and -u together
• [BUGFIX] The deprecation warning is now output on stderr
• [BUGFIX] Trim version prefix in jsonapi
• [CLEANUP] Remove MIME
• [CLEANUP] Remove the unfinished xc backend
• [CLEANUP] Update to minio/v7
• [DOCUMENTATION] Edited features.md
• [DOCUMENTATION] Improve contributing guide.
• [DOCUMENTATION] Slight updates to reflect the recent code
• [ENHANCEMENT] Adding a trailing separator to the listed folders
• [ENHANCEMENT] Adding the flag show -n to disable output parsing
• [ENHANCEMENT] Adding the option parsing to disable all parsing
• [ENHANCEMENT] fsck now detects leftover Mime secrets
• [ENHANCEMENT] Full windows support
• [ENHANCEMENT] Prompt for edit search result
• [ENHANCEMENT] Re-introduce gopass -c
• [ENHANCEMENT] Show GPG --gen-key error to the user
• [ENHANCEMENT] Handle password cache notification.
• [ENHANCEMENT] Use 32 byte salt by default
• [UX] Preserve content across retries

v1.10.1

1.10.1

[BUGFIX] Fix the Makefile
[BUGFIX] Remove misleading config error message
[BUGFIX] Re-use existing root store
[BUGFIX] Use standard Unix directories on MacOS

v1.10.0

1.10.0

WARNING: This release contains a few breaking changes as well as necessary
packaging changes.

This release is building the foundation for an eventual 2.0 release
which will drop many legacy features and significantly shrink the
codebase to ensure long term maintainability. The goal is to remove
the support for multiple backends and any external dependencies,
including git and gpg binaries. By default the tool should be easy to use,
secure and modern. We will still support our flagship use cases,
like working in teams. Also gopass might eventually move to an
fully encrypted backend where we don't leak information through
filenames.

Any gopass 1.x release should still be compatible with any
password store implementation (possibly with some caveats).
Beyond that we plan to drop any compatibility goals.

If you are using different Password Store implementations to access your
secrets, e.g. on mobile devices, you might want to run gopass config mime false
before performing any kind of write operation on the password store. Otherwise
mutated secrets will be written using the new native gopass MIME format and
might not be readable from other implementations.

This release adds documentation for all supported subcommands in the docs/commands
folder and starts define our core use cases in the docs/usecases folder.
Please note that the command documentation also serves as a specification on
how these commands are supposed to operate.

Note: We have accumulated too many changes so we've decided to skip the 1.9.3
release and issue the first release of the 1.10. series.

Note to package maintainers: This release adds additional binaries which should
be included in any binary re-distribution of gopass.

• [BREAKING] New secrets format
• [BUGFIX] Allow deleting shadowed secret
• [BUGFIX] Correctly handle exportkeys and auto import for noop
• [BUGFIX] Do not allow malformed secrets
• [BUGFIX] Do not return error on no grep matches
• [BUGFIX] Fix config panic with mounts
• [BUGFIX] Fix fsck progress bar.
• [BUGFIX] Fix git init
• [BUGFIX] Fix optional key passed through find
• [BUGFIX] Fix tree shadowing.
• [BUGFIX] Handle relative path during init
• [BUGFIX] Honor generate --print
• [BUGFIX] Honor trust level during onboarding.
• [BUGFIX] Print RCS error message
• [BUGFIX] Print config parse error to STDERR
• [BUGFIX] Properly initialize crypto during onboarding and
• [BUGFIX] env command: do not crash if called without a command to execute
• [CLEANUP] Merge Storage and RCS backends
• [CLEANUP] Move internal packages to internal
• [CLEANUP] Remove autoclip for gopass show
• [CLEANUP] Remove config option confirm
• [CLEANUP] Remove curses UI
• [CLEANUP] Remove the --sync flag to gopass show
• [CLEANUP] Rename --force to --unsafe for show
• [CLEANUP] Rename xkcd generator options
• [DEPRECATION] Mark gopass git as deprecated
• [DEPRECATION] Remove AutoPrint
• [DEPRECATION] Remove askformore, autosync
• [DEPRECATION] Retire editrecipients option
• [DOCUMENTATION] Document audit, generate, insert and show
• [DOCUMENTATION] Document list flags
• [DOCUMENTATION] Improve documentation of Zsh completion setup
• [ENHANCEMENT] Add GOPASS_DISABLE_MIME to disable new
• [ENHANCEMENT] Add arm and arm64 binaries
• [ENHANCEMENT] Add gopass API (unstable)
• [ENHANCEMENT] Add regexp support to gopass grep
• [ENHANCEMENT] Add zxcvbn password strength checker
• [ENHANCEMENT] Avoid direct show on gopass search
• [ENHANCEMENT] Cache gpg binary location
• [ENHANCEMENT] Ignore binary secrets for audit
• [ENHANCEMENT] Introduce --generator flag
• [ENHANCEMENT] Introduce unsafe-keys
• [ENHANCEMENT] Make audit report passwords not changed
• [ENHANCEMENT] Make show --qr flag complementary
• [ENHANCEMENT] New Debug package
• [ENHANCEMENT] New progress bar
• [ENHANCEMENT] Print password before sync
• [ENHANCEMENT] Provide more helpful config parse errors
• [ENHANCEMENT] Rewrite tree implementation
• [ENHANCEMENT] Show recipients from subfolder id files
• [ENHANCEMENT] Speed up gpg store init
• [ENHANCEMENT] Support changing path with gopass config
• [ENHANCEMENT] Support relative revisions for show
• [ENHANCEMENT] Warn if vim might be leaking secrets
• [ENHANCEMENT] env command: more tests
• [FEATURE] Add Password Rules and Domain Alias support
• [FEATURE] Add experimental backend converter
• [FEATURE] Add remote config for ondisk storage
• [FEATURE] Add remote sync support for the ondisk backend
• [FEATURE] Add summon provider
• [FEATURE] Pinentry API: support OPTION API call
• [FEATURE] REPL
• [TESTING] Add a test to detect shadowing issue with moun

v1.10.0-rc.1

1.10.0-rc.1

WARNING: This release contains a few breaking changes as well as necessary
packaging changes.

This release is building the foundation for an eventual 2.0 release
which will drop many legacy features and significantly shrink the
codebase to ensure long term maintainability. The goal is to remove
the support for multiple backends and any external dependencies,
including git and gpg binaries. By default the tool should be easy to use,
secure and modern. We will still support our flagship use cases,
like working in teams. Also gopass might eventually move to an
fully encrypted backend where we don't leak information through
filenames.

Any gopass 1.x release should still be compatible with any
password store implementation (possibly with some caveats).
Beyond that we plan to drop any compatibility goals.

If you are using different Password Store implementations to access your
secrets, e.g. on mobile devices, you might want to run gopass config mime false
before performing any kind of write operation on the password store. Otherwise
mutated secrets will be written using the new native gopass MIME format and
might not be readable from other implementations.

This release adds documentation for all supported subcommands in the docs/commands
folder and starts define our core use cases in the docs/usecases folder.
Please note that the command documentation also serves as a specification on
how these commands are supposed to operate.

Note: We have accumulated too many changes so we've decided to skip the 1.9.3
release and issue the first release of the 1.10. series.

Note to package maintainers: This release adds additional binaries which should
be included in any binary re-distribution of gopass.

• [BREAKING] New secrets format
• [BUGFIX] Allow deleting shadowed secret
• [BUGFIX] Correctly handle exportkeys and auto import for noop
• [BUGFIX] Do not allow malformed secrets
• [BUGFIX] Do not return error on no grep matches
• [BUGFIX] Fix config panic with mounts
• [BUGFIX] Fix fsck progress bar.
• [BUGFIX] Fix git init
• [BUGFIX] Fix optional key passed through find
• [BUGFIX] Fix tree shadowing.
• [BUGFIX] Handle relative path during init
• [BUGFIX] Honor generate --print
• [BUGFIX] Honor trust level during onboarding.
• [BUGFIX] Print RCS error message
• [BUGFIX] Print config parse error to STDERR
• [BUGFIX] Properly initialize crypto during onboarding and
• [BUGFIX] env command: do not crash if called without a command to execute
• [CLEANUP] Merge Storage and RCS backends
• [CLEANUP] Move internal packages to internal
• [CLEANUP] Remove autoclip for gopass show
• [CLEANUP] Remove config option confirm
• [CLEANUP] Remove curses UI
• [CLEANUP] Remove the --sync flag to gopass show
• [CLEANUP] Rename --force to --unsafe for show
• [CLEANUP] Rename xkcd generator options
• [DEPRECATION] Mark gopass git as deprecated
• [DEPRECATION] Remove AutoPrint
• [DEPRECATION] Remove askformore, autosync
• [DEPRECATION] Retire editrecipients option
• [DOCUMENTATION] Document audit, generate, insert and show
• [DOCUMENTATION] Document list flags
• [DOCUMENTATION] Improve documentation of Zsh completion setup
• [ENHANCEMENT] Add GOPASS_DISABLE_MIME to disable new
• [ENHANCEMENT] Add arm and arm64 binaries
• [ENHANCEMENT] Add gopass API (unstable)
• [ENHANCEMENT] Add regexp support to gopass grep
• [ENHANCEMENT] Add zxcvbn password strength checker
• [ENHANCEMENT] Avoid direct show on gopass search
• [ENHANCEMENT] Cache gpg binary location
• [ENHANCEMENT] Ignore binary secrets for audit
• [ENHANCEMENT] Introduce --generator flag
• [ENHANCEMENT] Introduce unsafe-keys
• [ENHANCEMENT] Make audit report passwords not changed
• [ENHANCEMENT] Make show --qr flag complementary
• [ENHANCEMENT] New Debug package
• [ENHANCEMENT] New progress bar
• [ENHANCEMENT] Print password before sync
• [ENHANCEMENT] Provide more helpful config parse errors
• [ENHANCEMENT] Rewrite tree implementation
• [ENHANCEMENT] Show recipients from subfolder id files
• [ENHANCEMENT] Speed up gpg store init
• [ENHANCEMENT] Support changing path with gopass config
• [ENHANCEMENT] Support relative revisions for show
• [ENHANCEMENT] Warn if vim might be leaking secrets
• [ENHANCEMENT] env command: more tests
• [FEATURE] Add Password Rules and Domain Alias support
• [FEATURE] Add experimental backend converter
• [FEATURE] Add remote config for ondisk storage
• [FEATURE] Add remote sync support for the ondisk backend
• [FEATURE] Add summon provider
• [FEATURE] Pinentry API: support OPTION API call
• [FEATURE] REPL
• [TESTING] Add a test to detect shadowing issue with mount

v1.10.0-rc.0

1.10.0-rc.0

Note: We have accumulated too many changes so we've decided to skip the 1.9.3
release and issue the first release of the 1.10. series.

• [BUGFIX] Fix git init

v1.9.3-rc.1

1.9.3-rc.1

This release adds additional binaries which should be included in
any binary re-distribution of gopass.

• [BUGFIX] Allow deleting shadowed secret
• [BUGFIX] env command: do not crash if called without a command to execute
• [BUGFIX] Fix config panic with mounts
• [BUGFIX] Fix tree shadowing.
• [BUGFIX] Handle relative path during init
• [BUGFIX] Print RCS error message
• [CLEANUP] Merge Storage and RCS backends
• [ENHANCEMENT] env command: more tests
• [ENHANCEMENT] Show recipients from subfolder id files
• [FEATURE] Pinentry API: support OPTION API call
• [TESTING] Add a test to detect shadowing issue with mount