spwhitton/git-remote-gcrypt #2
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adds bash/zsh/fish completions, an uninstall script, and improves CLI with getopts (supporting -v/--version, -h/--help, and subcommands). Signed-off-by: Shane Jaroch <chown_tee@proton.me>
Allow PRIVDECRYPT to iterate all secret keys instead of failing on the first checksum error. Anonymous recipients caused a bug in prior versions (with ed25519 keys) where if GPG couldn't decrypt using the first key in a user's keybox, all push and pull operations would fail with a checksum error and exit code 2 (EVEN IF the user had the correct key in their 2nd or 3rd slot). The fix traps the 'error' and logs it, but lets PRIVDECRYPT continue. The manifest's integrity is still verified by the subsequent grep. If decryption truly fails, the script will exit safely. Tested with GPG 2.4.8 / ed25519 keys. Signed-off-by: Shane Jaroch <chown_tee@proton.me>
Adds a Makefile for standardizing test/lint/install workflows, a GitHub Actions CI workflow, and coverage reporting tools. Also updates install.sh to support version detection. Signed-off-by: Shane Jaroch <chown_tee@proton.me>
monkeypatch to fix kcov invocation on posix shell (add dedicated target for pure /bin/sh testing) remove old redundant exit 0 in test add force push/SIGINT tests fix silently passing (actually failing!) test force push reword [TODO: restore require-explicit-force-push] manifest versioning to help verify compatible & authenticity show signer version; inject version to test require --force to init or overwrite manifest split up large repacking test add separate test for repack with large objects add method to clean unencrypted files off remote prevent privacy leaks of previously unencrypted blob privacy test more safety/privacy checks and clean command/check early in execution don't publish participants in new test remove useless debug log statement tidy default fetch; small fix to init Signed-off-by: Shane Jaroch <chown_tee@proton.me>
generate script generates from scratch gen docs with shell not python show all files (not just top-level dirs) in clean update install.sh (automate completion installs) fix installer logic test remove `--check` flag in favor of `check` command remove redundant `--help` argument on subcommands more helpful warning (not error) message; clean msg strip gcrypt:: & report URLs like git. don't clean non-gcrypt URLs clean URLs filtered specially for rsync:// protocol update/fix clean command for sft/rclone
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
32 issues found across 28 files
Confidence score: 2/5
- Undefined function call to
rclonelocationingit-remote-gcryptwill hard-crash this code path, so merging now would immediately break rclone URL handling. - Build targets
format,lint,install, anduninstallwill fail becauseprint_targetis referenced in theMakefilebut never defined, blocking critical workflows. - Multiple scripts (
tests/coverage_report.py,.github/workflows/coverage.yaml,utils/gen_docs.sh) have concrete runtime portability gaps that can surface quickly in CI and release automation. - Pay close attention to
git-remote-gcrypt,Makefile,tests/coverage_report.py,.github/workflows/coverage.yaml- functional/runtime issues need resolution before merge.
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name=".github/workflows/lint.yaml">
<violation number="1" location=".github/workflows/lint.yaml:4">
P2: Missing explicit `permissions` declaration. GitHub Actions security best practices recommend setting minimal permissions. This workflow only needs read access to checkout code.
Add a permissions block after the `on:` section to follow the principle of least privilege.</violation>
</file>
<file name="tests/coverage_report.py">
<violation number="1" location="tests/coverage_report.py:14">
P1: Missing validation for `PATT` environment variable. If not set, the `in` operator on line 22 will raise a `TypeError` since `None in "string"` is invalid.</violation>
<violation number="2" location="tests/coverage_report.py:16">
P1: Missing validation for `XML_FILE` environment variable. If not set, `E.parse(None)` will raise a `TypeError`. Consider adding validation or a default fallback.</violation>
</file>
<file name=".github/workflows/coverage.yaml">
<violation number="1" location=".github/workflows/coverage.yaml:25">
P1: Cache strategy causes runtime failures: When the cache hits, `kcov` binary is restored but its runtime dependencies (libelf, libdw, libcurl, etc.) are not installed since the apt-get step is skipped. This will cause `kcov` to fail with missing shared library errors. Either cache the dependencies as well, or always install the runtime packages (without `-dev` suffix) regardless of cache hit.</violation>
<violation number="2" location=".github/workflows/coverage.yaml:38">
P2: Unpinned dependency: `git clone` fetches the latest kcov without specifying a version. This creates non-reproducible builds. Pin to a specific release tag or commit SHA for consistency, e.g., `git clone --branch v42 --depth 1 https://github.com/SimonKagstrom/kcov.git`.</violation>
</file>
<file name="tests/test-clean-command.sh">
<violation number="1" location="tests/test-clean-command.sh:105">
P2: Incorrect file count in message: 4 files are created (secret1.txt, secret2.txt, subdir/nested.txt, Has Space.txt) but the message says "2 unencrypted files".</violation>
</file>
<file name=".editorconfig">
<violation number="1" location=".editorconfig:4">
P2: `indent` is not a valid EditorConfig property, so the indentation width setting is ignored.</violation>
</file>
<file name="Makefile">
<violation number="1" location="Makefile:64">
P1: Undefined macro `print_target` is called but never defined. This will cause the `format`, `lint`, `install`, and `uninstall` targets to fail. Either define the macro or remove these calls.</violation>
<violation number="2" location="Makefile:131">
P1: `print_warn` is a Make macro, not a shell command. It cannot be called directly within shell recipe commands. Use `echo` or `printf` directly instead.</violation>
</file>
<file name="completions/templates/bash.in">
<violation number="1" location="completions/templates/bash.in:24">
P2: The fallback meant to ignore failures uses `|| :)`, which calls a non-existent `:)` command instead of the `:` builtin; replace it with `|| :` so error suppression actually works.</violation>
<violation number="2" location="completions/templates/bash.in:29">
P2: Using `|| :)` here causes a `command not found` error whenever `git remote` fails (e.g. outside a repository). Replace it with `|| :` so failures are truly ignored.</violation>
</file>
<file name="uninstall.sh">
<violation number="1" location="uninstall.sh:28">
P2: `uninstall.sh` omits removal of the bash/zsh/fish completion files installed by `install.sh`, leaving stale files behind after uninstall.</violation>
</file>
<file name="tests/test-gc.sh">
<violation number="1" location="tests/test-gc.sh:49">
P2: Inconsistent use of `git` instead of `$GIT`. The script defines `$GIT` with specific configuration options but uses bare `git` here, which may produce different behavior or output.</violation>
</file>
<file name="install.sh">
<violation number="1" location="install.sh:37">
P2: Misleading version string: always says "deb running on" even when version is obtained from git (not debian/changelog). Consider using a more accurate format like `"$VERSION ($OS_IDENTIFIER)"` or differentiating the source.</violation>
</file>
<file name="tests/system-test-multikey.sh">
<violation number="1" location="tests/system-test-multikey.sh:196">
P2: Using `print_info` to report an error condition. This should use `print_err` so errors are visually distinguishable in test output (red color with 'FAIL' prefix instead of cyan 'TEST' prefix).</violation>
</file>
<file name=".gitignore">
<violation number="1" location=".gitignore:7">
P3: `.coverage/` is ignored but never re-included, so the `!.coverage/**` negation cannot match anything; add `!.coverage/` (before the `**` pattern) to re-allow the directory before selectively re-including its contents.</violation>
<violation number="2" location=".gitignore:10">
P3: `!.tmp/**` cannot override the preceding `.tmp/` ignore rule; add an explicit `!.tmp/` line so Git will consider the directory before matching the `**` pattern.</violation>
</file>
<file name="tests/test-privacy-leaks.sh">
<violation number="1" location="tests/test-privacy-leaks.sh:20">
P2: Non-portable `sed -i` usage. On BSD/macOS, `sed -i` requires a backup extension argument. Use `sed -i '' "..."` for portability, or use a temporary file approach.</violation>
<violation number="2" location="tests/test-privacy-leaks.sh:85">
P3: Duplicate comment - this line appears twice in succession. Remove the duplicate.</violation>
</file>
<file name="README.rst">
<violation number="1" location="README.rst:298">
P3: The exit-status paragraph now only says “Exit status is 0” and omits the clause describing when exit status 1 is returned, leaving the sentence incomplete and the documentation inaccurate.</violation>
</file>
<file name="tests/test-install-logic.sh">
<violation number="1" location="tests/test-install-logic.sh:97">
P2: Missing exit status check for the installer. If the installer fails here, the test will report "Binary not found in DESTDIR" instead of an installer failure, making debugging harder.</violation>
</file>
<file name="tests/system-test-repack.sh">
<violation number="1" location="tests/system-test-repack.sh:118">
P2: Off-by-one error: `tail -c +N` uses 1-based indexing, but `random_data_index` is calculated with 0-based offset. For the first file, `tail -c +0` is undefined (happens to work on GNU but not portable). For subsequent files, data is shifted by one byte.</violation>
</file>
<file name="git-remote-gcrypt">
<violation number="1" location="git-remote-gcrypt:1391">
P0: Undefined function `rclonelocation` called. This will cause a runtime error. Based on how rclone URLs are handled elsewhere in the file (using `${URL#rclone://}`), this should use parameter expansion instead.</violation>
</file>
<file name="completions/templates/zsh.in">
<violation number="1" location="completions/templates/zsh.in:15">
P2: The case statement examines `$words[1]` (the command name), so the `clean`/`check` branches never execute and their completions are unreachable. It should switch on the first positional argument instead.</violation>
</file>
<file name="tests/system-test.sh">
<violation number="1" location="tests/system-test.sh:79">
P2: `sed -i` without backup extension is not portable. BSD/macOS sed requires `sed -i ''` for in-place editing without backup. Consider using `sed -i'' "s/..."` or a temp file approach for cross-platform compatibility.</violation>
<violation number="2" location="tests/system-test.sh:131">
P3: Duplicate comment - '# Create gpg key and subkey.' appears twice in succession. This appears to be a copy-paste error.</violation>
<violation number="3" location="tests/system-test.sh:385">
P2: `find -printf` is GNU-specific and not portable. Use `find ... -exec basename {} \;` or pipe through `xargs -n1 basename` for cross-platform compatibility.</violation>
</file>
<file name="utils/gen_docs.sh">
<violation number="1" location="utils/gen_docs.sh:67">
P2: Using `\n` in a double-quoted string does not produce a newline in POSIX sh - it's a literal backslash-n. For POSIX-compliant newline handling, use `printf` or embed actual newlines. This could cause malformed Fish completion output.</violation>
<violation number="2" location="utils/gen_docs.sh:73">
P2: The sed command uses GNU-specific extensions (`:a;N;$!ba;`) which violates the script's claim of being 'Strictly POSIX sh compliant'. POSIX sed does not support labels and branching in this form. Consider using `awk` or `printf` for multi-line operations, or update the documentation to note GNU sed dependency.</violation>
<violation number="3" location="utils/gen_docs.sh:84">
P2: Variable `SAFE_CMDS` is defined but never used. The subsequent sed command on line 80 uses `$COMMANDS_LIST` directly instead. This is dead code that should be removed.</violation>
</file>
<file name="completions/zsh/_git-remote-gcrypt">
<violation number="1" location="completions/zsh/_git-remote-gcrypt:15">
P2: `case $words[1]` inspects the command name instead of the chosen subcommand, so the `clean`/`check` completions never run.</violation>
<violation number="2" location="completions/zsh/_git-remote-gcrypt:17">
P2: The `_arguments` spec in the `clean` case contains a bare `{}` token, which expands and breaks the completion definition.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
10 issues found across 22 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="completions/zsh/_git-remote-gcrypt">
<violation number="1" location="completions/zsh/_git-remote-gcrypt:18">
P1: Unexpanded template variable `{clean_flags_zsh}` will break zsh completion for the `clean` command. This template placeholder should be replaced with actual zsh flag definitions like `'--force[force operation]' '--init[initialize]'` during the template generation process.</violation>
</file>
<file name="utils/gen_docs.sh">
<violation number="1" location="utils/gen_docs.sh:73">
P3: The `awk` replacement adds a trailing `\n` that wasn't present in the original `sed` command. This will add an extra newline at the end of `{commands_help}` in the generated README. To match the original behavior, use `awk 'NR>1{printf "\\n"} {printf "%s", $0}'` which only adds `\n` between lines, not after the last line.</violation>
</file>
<file name="git-remote-gcrypt">
<violation number="1" location="git-remote-gcrypt:1417">
P2: Temporary ref `refs/gcrypt/list-files` is not cleaned up when `git ls-tree` fails. If the fetch succeeds but `ls-tree` fails, the function returns early without deleting the temporary ref, causing a resource leak.</violation>
</file>
<file name="completions/templates/bash.in">
<violation number="1" location="completions/templates/bash.in:24">
P0: Missing closing parenthesis `)` in command substitution. This syntax error will cause the bash completion script to fail when sourced.</violation>
<violation number="2" location="completions/templates/bash.in:29">
P0: Missing closing parenthesis `)` in command substitution. This syntax error will cause the bash completion script to fail when sourced.</violation>
</file>
<file name="TODO.rst">
<violation number="1" location="TODO.rst:4">
P2: This TODO file contains incomplete notes (`Q: Does the manifest... (contain? <incomplete>)`) and raw debugging terminal output. If this is meant to track issues, consider converting it to proper issue tracker entries or GitHub issues instead of committing debugging session logs.</violation>
<violation number="2" location="TODO.rst:13">
P2: This file appears to be personal debugging notes accidentally committed to the repository. It exposes personal information including usernames, hostnames, home directory paths, personal file names (`.bash_history.coffeelake`), and private git repository URLs. Consider removing this file or sanitizing the content before committing.</violation>
</file>
<file name="tests/test_rsync_simple.sh">
<violation number="1" location="tests/test_rsync_simple.sh:30">
P1: Test failure doesn't exit with non-zero status. The script echoes "FAIL" but continues and exits 0, so CI will report the test as passing even when it fails. Add `exit 1` after the FAIL message.</violation>
<violation number="2" location="tests/test_rsync_simple.sh:36">
P1: Test failure doesn't exit with non-zero status. Add `exit 1` after the FAIL message to ensure CI detects test failures.</violation>
</file>
<file name="Makefile">
<violation number="1" location="Makefile:104">
P2: Inconsistent use of inline printf instead of the existing `print_warn` macro. The file defines `print_warn` for this exact purpose. Using inline printf with hardcoded color codes reduces maintainability.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
3 issues found across 4 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="completions/bash/git-remote-gcrypt">
<violation number="1" location="completions/bash/git-remote-gcrypt:24">
P0: Missing closing parenthesis `)` for command substitution. This syntax error will break the bash completion script entirely.</violation>
</file>
<file name="README.rst">
<violation number="1" location="README.rst:292">
P2: Documentation sentence is broken. The text was accidentally truncated, removing the explanation for exit status 0 (success) and exit status 1 (decryption failure). The current text "Exit status is 0\nuses gcrypt but could not be decrypted" is grammatically nonsensical.</violation>
</file>
<file name="completions/zsh/_git-remote-gcrypt">
<violation number="1" location="completions/zsh/_git-remote-gcrypt:18">
P2: Invalid zsh completion syntax: `{}` is an empty brace expansion that will cause completion errors. This appears to be a template substitution that didn't handle the empty-flags case properly. Either remove the entire line when no flags exist, or fix the template generation in `gen_docs.sh` to handle empty values.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
1 issue found across 6 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="tests/test-install-logic.sh">
<violation number="1" location="tests/test-install-logic.sh:27">
P2: Operator precedence bug: `||` and `&&` have equal precedence in bash, so when `sed -i.bak` succeeds, the `mv` command still executes (trying to move a non-existent `.tmp` file). Group the fallback commands with braces.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
3 issues found across 11 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="install.sh">
<violation number="1" location="install.sh:7">
P3: The `log()` function is defined but never called anywhere in the script. Either remove this dead code, or replace the `echo` statements with `log()` calls for consistent colored output.</violation>
</file>
<file name="git-remote-gcrypt">
<violation number="1" location="git-remote-gcrypt:1425">
P0: Critical logic error: removing `else` causes the function to always return failure for git backends. The `return 1` was originally in the `else` branch (for failed fetches) but now runs unconditionally after successful fetches, causing the function to always fail and discard the retrieved file list.</violation>
</file>
<file name="completions/templates/zsh.in">
<violation number="1" location="completions/templates/zsh.in:17">
P2: The `{clean_flags_zsh}` placeholder will produce invalid zsh `_arguments` syntax. The generator in `gen_docs.sh` creates `'(flags)' {flags} '[flag]'` with space-separated tokens, but zsh `_arguments` requires the format `'(exclusion)'{-f,--long}'[desc]'` as a single concatenated string. Consider fixing the `CLEAN_FLAGS_ZSH` construction in `gen_docs.sh` or using proper per-flag specs like `'(-f --force)'{-f,--force}'[Actually delete files]'`.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
1 issue found across 4 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="tests/test-install-logic.sh">
<violation number="1" location="tests/test-install-logic.sh:229">
P3: Use a portable in-place edit for `sed`. `sed -i` without an extension fails on BSD/macOS, so this new test will error on macOS runners.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
fix installer script gnu sed for linux tests
There was a problem hiding this comment.
2 issues found across 6 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="Makefile">
<violation number="1" location="Makefile:117">
P2: Enable `pipefail` for the `tee` pipeline so kcov/test failures aren’t masked by the pipe’s exit status.</violation>
<violation number="2" location="Makefile:117">
P2: Create `.tmp` before piping output to `tee`; otherwise the target can fail in clean workspaces because `tee` can’t open `.tmp/kcov.log`.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
1 issue found across 10 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="tests/installer-test-logic.sh">
<violation number="1" location="tests/installer-test-logic.sh:22">
P2: The test setup now symlinks install.sh even though kcov is documented to be confused by symlinks. This likely breaks coverage tracking or the intent of the test harness. Keep a real copy here.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
2 issues found across 5 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name=".github/workflows/install.yml">
<violation number="1" location=".github/workflows/install.yml:100">
P2: Avoid making the workspace world-writable/executable in CI. This is overly permissive and can allow unintended modifications. Use a least-privilege mode similar to the previous `u+rwX,go+rX` instead.</violation>
</file>
<file name=".github/workflows/compatibility.yaml">
<violation number="1" location=".github/workflows/compatibility.yaml:32">
P1: Job IDs cannot contain spaces or parentheses; this job key will be rejected by GitHub Actions. Use a valid identifier (letters, digits, `-`, `_`) and keep the display name in the `name:` field.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
3 issues found across 2 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name=".github/workflows/compatibility.yaml">
<violation number="1" location=".github/workflows/compatibility.yaml:14">
P2: Running the job inside the ubuntu:* container images makes the subsequent `sudo apt-get ...` commands fail because sudo is not available (and the container runs as root). Remove sudo or install it before use.</violation>
<violation number="2" location=".github/workflows/compatibility.yaml:24">
P2: The new tool version check runs `git --version` before installing git in the container, causing the job to fail. Move this step after installing dependencies or install git first.</violation>
<violation number="3" location=".github/workflows/compatibility.yaml:48">
P2: The tool version check runs zsh/fish before they are installed, so the job will fail on a clean runner. Move the check after `Install Shells` or install them first.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
1 issue found across 1 file (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="tests/system-test-multikey.sh">
<violation number="1" location="tests/system-test-multikey.sh:85">
P2: PATH now prepends the current working directory instead of the repository root, which makes the test dependent on where it is invoked. If the script isn’t run from the repo root, it won’t pick up the local git-remote-gcrypt helper.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
2 issues found across 3 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="tests/system-test.sh">
<violation number="1" location="tests/system-test.sh:76">
P2: Deriving repo_root from PWD makes the test dependent on the caller’s working directory and can break when invoked outside the repo root. Use git rev-parse --show-toplevel to reliably locate the repository root.</violation>
</file>
<file name="tests/system-test-repack.sh">
<violation number="1" location="tests/system-test-repack.sh:49">
P2: Using `$PWD` for the repo root makes the test brittle to the current working directory and can break when executed from a subdirectory. Resolve the Git toplevel instead.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
There was a problem hiding this comment.
1 issue found across 4 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="tests/system-test-multikey.sh">
<violation number="1" location="tests/system-test-multikey.sh:89">
P2: Escape the git describe value before using it in the sed replacement; tag names can contain `/` or `&`, which will break the substitution or corrupt the inserted version.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
@cubic-dev-ai review this pull request
Summary by cubic
Revamps git-remote-gcrypt with a clearer CLI, shell completions, and stronger safety checks, while adding CI, a Makefile, and a broad test suite. Also fixes a multi-key GPG decryption bug that caused spurious checksum errors.
New Features
Bug Fixes
Written for commit 68ab09c. Summary will update on new commits.