Tiny-gnupg

=========================


Minor Changes
-------------

- Tests added to include checks for instance-isolated identities.


Major Changes
-------------

- ``reset_daemon()`` calls added to ``decrypt()``, ``verify()``, ``sign()``
& ``encrypt()``. This call kills the gpg-agent process & restarts it,
which in turn wipes the caching of secret keys available on the system
without a passphrase. This is crucial for users of applications with
multiple GnuPG objects that handle separate key identities. That's
because these methods will now throw ``PermissionError`` or ``LookupError``
if a private key operation is needed from an instance which is already
assigned to another private key in the keyring. This gives some important
anonymity protections to users.
- More improvements to error reporting.

=========================


Minor Changes
-------------

- Added newly developed ``auto_decrypt()`` & ``auto_encrypt()`` methods
to the ``README.rst`` tutorial.
- Allow keyserver queries with spaces by replacing ``" "`` with url
encoding ``"%20"``.
- ``packet_fingerprint(target="")`` & ``list_packets(target="")`` methods
now raise ``TypeError`` when ``target`` is clearly not OpenPGP data.
- Tests added to account for new error handling in ``tiny_gnupg.py``.


Major Changes
-------------

- ``--no-tty`` seems to keep most of the noise from terminal output while
also displaying important banner information. For instance, signature
verification still produces detailed signature information. Because it
automatically seems to behave as desired, it's here to stay.

=========================


Minor Changes
-------------

- Added to Known Issues. Our package can't build on Github (Or most any
CI service) for many reasons related their build environments using
Docker & an issue in GnuPG itself.
- Removed Above known issue as a fix was found for using the Github CI
tool.
- Added ``_home``, ``_executable``, & ``_options`` attributes which
store the ``pathlib.Path.absolute()`` representation of the associated
files & directories.
- Added ``options`` attribute with is the str value of the ``_options``
``pathlib`` path to the configuration file used by the package.


Major Changes
-------------

- Added ``"--no-tty"`` option to ``command()`` method which conveniently
tells gpg2 not to use the terminal to output messages. This has lead to
a substantial, possibly complete, reduction in the amount of noise gpg2
prints to the screen. Some of that printed information is helpful to
see, though. We would add it back in places where it could be informative,
but passing ``"--no-tty"`` has the added benefit of allowing Docker not
to break right out of the gate of a build test. More thought on this
is required.
- Removed ``pathlib`` from imports. That module has been in the standard
library since c-python3.4. This package isn't looking to be supported
for anything older than 3.6.

=========================


Minor Changes
-------------

- Style edits to ``PREADME.rst``.


Major Changes
-------------

- Fixed a major bug in ``decrypt()`` which miscategorized a fingerprint scraped
from a message as the sender's, when in fact it should be the recipient's.
Getting the sender's fingerprint requires successfully decrypting the
message & scraping the signature from inside if it exists. We do this
now, raising ``LookupError`` if the signature inside has no corresponding
public key in the package keyring.
- Added new ``auto_encrypt()`` method which follows after ``auto_decrypt()``
in allowing a user to attempt to encrypt a message to a recipient's
key using the value in the ``uid`` kwarg. If there's no matching key
in the package keyring, then the keyserver is queried for a key
that matches ``uid`` where then ``message`` is encrypted if found, or
``FileNotFoundError`` is raised if not.
- Added better exception raising throughout the ``GnuPG`` class:

- Now, instead of calling ``read_output()`` when the supplied ``uid``
has no key in the package keyring, a ``LookupError`` is raised.
- The best attempt at deriving a 40-byte key fingerprint from ``uid`` is
returned back through the ``LookupError`` exception object's ``value``
attribute for downstream error handling.
- ``verify()`` raises ``PermissionError`` if verification cannot be
done on the ``message`` kwarg. Raises ``LookupError`` instead if
a public key is needed in order to attempt verification. ``verify``
can't be used on an encrypted messages in general, unless ``message``
is specifcally a signature, not encrypted plaintext. This is just
not how verify works. Signatures are on the inside on encrypted
messages. So ``decrypt()`` should be used for those instead, it
throws if a signature is invalid on a message.
- A rough guide now exists for what exceptions mean, since we've given
names & messages to the most likely errors, & helper functions
to resolve them. Users can now expect to run into more than just
the in decript ``CalledProcessError``. Exceptions currently being
used include: ``LookupError``, ``PermissionError``, ``TypeError``,
``ValueError``, ``KeyError``, & ``FileNotFoundError``.

- ``ValueError`` raised in ``text_export()`` & ``sign()`` switched to
``TypeError`` as it's only raised when their ``secret`` or ``key``
kwargs, respectively, are not of type ``bool``.

=========================


Minor Changes
-------------

- Fixing PyPi ``README.rst`` rendering.

=========================


Minor Changes
-------------

- Futher test cleanups. We're now at 100% line coverage & 99% branch
coverage.
- Code cleanups. ``raw_packets()`` now passes the uid information it's
gathered through the ``KeyError`` exception, in the ``value`` attribute
instead of copying ``subprocess``'s ``output`` attribute naming convention.
- License, coverage, package version badges added to ``README.rst``.