1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
* BUG: assword crashes when it gets EOF on stdin when prompting or
when ASSWORD_PASSWORD=prompt.
* ENHANCEMENT: ASSWORD_PASSWORD=stdin should just read the password
from the first line of stdin (discarding trailing newlines). not
sure how this should interact with the situation where no context
is supplied.
* ENHANCEMENT: xdo has two input methods -- one based on XSendEvent,
and one based on injecting keystrokes into the X session as a whole
(the difference is whether a window ID parameter is passed to
"type"). We use the latter right now in xsearch despite its
possibility of leakage because some X11 applications ignore
XSendEvent input. Provide some hinting mechanism derived from the
window in question to conditionally enable XSendEvent instead.
* ENHANCEMENT: be able to edit a context once it is created. for
example, i often create a password when setting up an account on a
remote web site. Some account signup workflows don't tell me if
the account name i wanted was taken until after i've signed up. By
then, i've created the password, and i want to adjust it manually.
* ENHANCEMENT: can we use python clipboard bindings instead of
"xclip -i"?
* ENHANCEMENT: on xsearch if selected window is known browser, and
it's possible to extract url, preseed context search with hostname
of url.
* ENHANCEMENT: xsearch create action should modify the database, move
the user's focus back into the textentry (highlighting the whole
entry text), disable the "Create" button, and *not* explicitly
select and terminate. The user can then select in the usual way
(pressing enter) or can continue without selecting.
* ENHANCEMENT: review the label texts and make sure they're saying
reasonable things in different parts of the workflow.
* ENHANCEMENT: ctrl+del from xsearch when a matching context is
present should allow deletion of the indicated password. This
should probably prompt for confirmation.
* ENHANCEMENT: ctrl+e from xsearch when a matching context is present
should display another entry with the context's password in it; the
user can then edit the password to adjust for stupid web site
rules. the rest of the UI should be disabled
(set_sensitive(False)) while this password editor is active.
* ENHANCEMENT: consider how to deal with multiple DB backends, and
post-save and pre-open hooks (e.g. to push to and fetch from a
remote repository of these changes)
* ENHANCEMENT: associate default _XPASTE mechanisms with some
contexts: if you know that certain passwords work with tools that
prefer certain _XPASTE mechanisms, that ought to be something
assword can figure out. see 526990F5.6050700@guerrier.com and
following discussion.
* ENHANCEMENT: import scripts from common password stores
(e.g. ~/.mozilla/firefox/*.default/signons.sqlite)
* ENHANCEMENT: guess about target window to determine default _XPASTE
mechanism (e.g. we know iceweasel works with one _XPASTE mechanism,
but rxvt works with another one) -- we can guess by looking at the
process that controls the window and/or the window title or other
things (we might need to expand python-xdo to get these guesses)
* ENHANCEMENT: use the target window title and/or pid to pre-seed the
search box in "assword gui" (this should be pre-selected text so it
is easy to start typing something else)
* ENHANCEMENT: test for various PASSWORD values
|
