Making sure your decrypted copy is up to date?

[quentinsf]

Hi all -

Here's a problem we've had more than once: someone has a decrypted copy of a file in their working directory, they pull updates from git and the encrypted copy has changed in the repo, but they don't know or notice this so keep on using their plain-text version.

Anybody got a good solution for this? We wondered about a post-merge git hook that would at least let you know when blackbox_diff returned non-empty results after a git pull. That would require a few tweaks to blackbox_diff (and it still wouldn't cover git pulls that did a rebase...)

I think the only solution may be to wrap any sensitive command with a script that checks blackbox_diff beforehand. Should I propose a blackbox_diff option that changes its return code based on whether there are any diffs?

Suggestions gratefully received!
Quentin

[TomOnTime]

I don't have a great solution other than "be very careful" which is not a solution at all.

I'm open to PRs for blackbox_diff or discussing other solutions.

[quentinsf]

Thanks Tom -

For the moment, I've done a Python script which checks the key conditions. It's hard to incorporate this into git hooks, so I'm assuming that it would be used as the first stage of whatever you might want to do with the decrypted files after a check-out.

I appreciate that changes to blackbox_diff and the underlying libraries would be preferable; I may try and get around to that at some point!

All the best,

Quentin