Sncli

Latest version: v0.4.3

Safety actively analyzes 682387 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

0.4.2

This release brings a selection of fixes and new features:

Fixes:

- Now correctly handles windows style newlines in news for displaying
note titles and lines
- tempfile file extension should now be more accurate when editing notes
(for markdown vs plaintxt notes)
- python dependency updates
- workarounds documented for running on Windows

New features:

- Simplenote credentials may now be stored in environment variables,
as an alternative to the configuration file.
For example:

SN_USERNAME=lebowskithedude.com SN_PASSWORD=nihilist ./sncli

- new option to default to markdown for new notes
(`cfg_default_markdown = yes`)
- Dockerfile for running sncli in a Docker container.

Thanks to all contributors who made this possible:

gregwebs wyattwalter lostways pataquets clach04

:)

0.4.1

This is a small bug-fix release. Now, sncli will not cleanup tempfiles created by editing or creating notes. This should help avoid data loss if sncli crashes between exiting the editor and the notes being saved or synced.

0.4.0

It's time for another release!

---

**IMPORTANT: this release contains a security fix for an arbitrary code execution bug.** See commit ecc410f for technical details.

Code execution was possible on the following conditions:

- a note is being viewed in the internal pager
- the user uses the keyboard shortcut to copy a line to the system clipboard
- the line being copied was crafted in a way that would be interpreted by the shell

This can only be exploited with the user's explicit interaction, and the user's simplenote account would need to be breached for an attacked to add malicious lines. Therefore, this attack vector is probably low severity. There is a higher possibility that a user may copy a line that incidentally contains code that gets executed on copy.

Please update as soon as possible!

---

0.3.0

Not secure
4. launch sncli and wait for notes to be synced from server.
5. continue as usual

For any discovered problems, please open a new issue with details! While the new syncing backend has been manually tested by multiple users and various bugs identified and fixed, it is still likely that further issues remain. Please be sure to back up your notes!

Another important thing to note is that there is a new dependency: [simperium-python3](https://github.com/swalladge/simperium-python3) (the simperium syncing client). If you install sncli and deps via pip/pipenv it should be fine, but system package maintainers may need to update their packages.

Links

Releases

Has known vulnerabilities

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.