Improving the command line UI of gpg

Doron Behar doron.behar at gmail.com
Mon Jul 23 20:40:19 CEST 2018


Hello GnuPG developers,

I would like to discuss a subject that has been really bothering me and
I hope I'm not the only one.

I've been using `gpg` for a while. Honestly, I must say it's
command-line user interface is super uncomfortable. Let me explain:

The problem resides in the fact that it accepts only `options` (starting
with `--` or `-`. Shell completion engines are better built for commands
that accept both options and commands. This makes it easier for the user
(getting help either from the shell tab completion engine or the
program's manual) to distinguish between commands and the optional
flags.

Inspired by the (super comfortable IMO) command line user interface of
`git`, I've had a vision for a new set of `gpg` subcommands and the
corresponding arguments and options I think naming them so would be
comfortable enough.
I've attached a text file with the subcommands and the arguments and
options each one should accept. I hope the format is clear, it is still
a raw draft, I don't understand yet some of the options described in the
documentation.

I would really like to improve the usability of `gpg` and I think this
is a crucial step towards making it more user friendly. From reading the
source code, I've noticed GnuPG implements it's own command line
arguments parsing. Maybe it'll be better to use a standard library like
`argp.h`?

This obviously mean that it would make the next version of `gpg`
incompatible with the older versions but I really think it's worth the
effort.

I'd love to hear your opinions.
-------------- next part --------------
sign
--clear
--detached
--no-sign-uid-embed
--comment ...
--annotate
--armor # TODO: relevant?
--emit-version
--no-emit-version
--expiration
encrypt
--sign
--sig-annotation __
--sig-comment __
--sig-policy-url __
--sig-armor # TODO: relevant?
--sig-keyserver-url __
--sig-emit-version
--sig-no-emit-version
--sig-no-uid-embed
--sig-expiration
--symmetric
--files [-]
--compression-level ##
--auto-locate-key-mechanisms
--recipient _
--s2k-cipher-algo _
--s2k-digest-algo _
--s2k-mode ##
--s2k-count ##
TODO: make the following 3 options have warnings for non pgp complience which could be prevented by `--batch`
--compression-preferences __
--digest-preferences __
--cipher-preferences __
--hidden-recipient _
--recipient-file _
--hidden-recipient-file _
--max-size
--max-input-size
--text
--mdc {always,auto,never}
--filename _
--for-your-eyes-only
===
decrypt
--lowmem-compression
--no-sig-cache
--output
--output-to-embedded-filename
--key __ # or all
--no-verify
===
store # TODO
===
verify
--no-sig-cache
===
key
  list
  --secret
  --public
  --signatures
  --format ...
  TODO: `--locate-keys`?
  edit # --all-options... be creative 
  delete
  --secret-only
  --public-only
  export
  --armor
  --output
  --options ##
  --filter
  import
  --merge
  --source
  --options ##
  --filter
  refresh
  --server
  # TODO: add all dirmngr options here
  --options ...
  search
  --server
  # TODO: add all dirmngr options here
options ...
  fetch
  --server
  --options ...
  generate
  # --all-options... be creative, include something like --revokation as well
  add
  sign
  --non-exportable (--lsign)
  --cert-level
===
TODO: `--list-packets`?
===
card
  edit
  status (default)
  pin # change pin
===
trust
  checkdb (default)
  updatedb
  import
  export
===
TODO: `--print-md{,s}`?
===
generate
  random
  prime
  key # just like `mpg key generate`
===
config ___ # ...
===
run ... # low priority
--gpg
===
--keyring _
--secret-keyring _
--primary-keyring _
--home _
--config _
--trustdb _
--trusted
--trust-model __
--lockdb {once,multiple, never}
TODO: `--completes-needed`
TODO: `--marginals-needed`
TODO: `--tufo-default-policy`
TODO: warnings
TODO: `--no-random-seed-file`
TODO: `--sender`
--compliance {rfc4880,rfc4880bis,rfc2440,..}
--verbose
--debug
--batch
--log
# TODO: Use arguments for these 2 options from page 83 of documentqtion of version ..., including `multiple-messages`, `special-filenames`, `preserve-permissions`, 
--allow
--disallow 
# TODO: learn about session key


More information about the Gnupg-devel mailing list