Add release blog post and update docs (#1332)
* Add release blog post and update docs * I forgot I moved the blog lmao * Fix images
|
@ -1,181 +0,0 @@
|
|||
---
|
||||
title: Announcing Atuin v13
|
||||
description: Release notes for Atuin v13
|
||||
slug: release-v13
|
||||
authors: [ellie]
|
||||
tags: [release]
|
||||
---
|
||||
|
||||
> We have since released patch v13.0.1. v13 had a regression exposed when trying to register a new user. This would only affect people self-hosting Atuin Server. Please update!
|
||||
|
||||
Announcing a new release of Atuin! v13 is out now. Atuin allows you to easily search and sync your shell history across many machines.
|
||||
|
||||
You can update your installation via your system package manager, or by downloading the latest release from the [release page](https://github.com/ellie/atuin/releases).
|
||||
|
||||
We had a lot of changes in this release - I'll call out a few, but this is not exhaustive.
|
||||
|
||||
|
||||
## Crossterm
|
||||
|
||||
Deserving of a special callout, we now use [Crossterm](https://github.com/ellie/atuin/pull/331) as our TUI backend - this has been a huge effort, and has taken almost a year. Thank you to Conrad for pushing through it, and [@pdecat](https://github.com/pdecat) for your contributions!
|
||||
|
||||
In the future this will allow for things like (possible) Windows support, and only using a small part of the screen for the search UI. It also handles async input better.
|
||||
|
||||
Please let us know if you experience any issues!
|
||||
|
||||
## New features
|
||||
|
||||
### Pretty Stats
|
||||
|
||||
<center>
|
||||
|
||||
![stats image](stats.png)
|
||||
|
||||
</center>
|
||||
|
||||
While procrastinating writing [his talk](https://www.youtube.com/watch?v=7pU3gOVAeVQ), Conrad [added](https://github.com/ellie/atuin/pull/707) a new and improved stats display! Just run `atuin stats` to see your statistics. It'd be awesome to see what yours looks like, so please share it with us on [Twitter](https://twitter.com/atuinsh) or [Discord](https://discord.gg/Fq8bJSKPHh)!
|
||||
|
||||
### Custom history list format
|
||||
List history however you want! You can now specify the output format of `atuin history list`
|
||||
|
||||
Example
|
||||
|
||||
```
|
||||
atuin history list --format "{time} - [{duration}] - {directory}$\t{command}"
|
||||
```
|
||||
|
||||
See more on the [docs page](/docs/commands/list)!
|
||||
|
||||
### History filter
|
||||
The history filter allows you to exclude commands from history tracking - maybe you want to keep ALL of your `curl` commands totally out of your shell history, or maybe just some matching a pattern.
|
||||
|
||||
This supports regular expressions, so you can hide pretty much whatever you want! Thanks for the PR @jbaiter
|
||||
|
||||
Configure it in your client-side Atuin config, for example
|
||||
|
||||
```
|
||||
## Note that these regular expressions are unanchored, i.e. if they don't start
|
||||
## with ^ or end with $, they'll match anywhere in the command.
|
||||
history_filter = [
|
||||
"^secret-cmd",
|
||||
"^innocuous-cmd .*--secret=.+"
|
||||
]
|
||||
```
|
||||
|
||||
### Mnemonic key (BIP39)
|
||||
Previously, it was awkward to copy your Atuin key from machine to machine. Even more awkward to back it up!
|
||||
|
||||
We now use BIP39 to display your key in a nice + easily readable haiku-style format. Still - please don't share it!
|
||||
|
||||
## Improvements
|
||||
- Better error messages
|
||||
- Nix install files + instructions
|
||||
- Exit when pushing the down arrow from the most recent entry
|
||||
- Refactor to support generic server-side databases
|
||||
- Make it easier to disable the ctrl-r and/or up arrow bindings
|
||||
- Update to axum6
|
||||
|
||||
## Fixes
|
||||
- Fish now handles multi-line commands properly
|
||||
- Listing history for the current session now works
|
||||
- Fix `atuin init` for Fish
|
||||
|
||||
## Contributor Shoutout!
|
||||
|
||||
### [@patricksjackson](https://github.com/patricksjackson)
|
||||
* Fix minor typo in config.md in https://github.com/ellie/atuin/pull/615
|
||||
* Re-enable arm docker builds in https://github.com/ellie/atuin/pull/616
|
||||
* Handle multiline commands in fish shell in https://github.com/ellie/atuin/pull/623
|
||||
* install.sh: Fallback to using cargo in https://github.com/ellie/atuin/pull/639
|
||||
* Fix session history listing in https://github.com/ellie/atuin/pull/620
|
||||
|
||||
### [@pdecat](https://github.com/pdecat)
|
||||
* Add support for some additional keys in interactive mode in https://github.com/ellie/atuin/pull/634
|
||||
* Allow overriding filter and search modes from CLI in https://github.com/ellie/atuin/pull/635
|
||||
|
||||
### [@Sciencentistguy](https://github.com/Sciencentistguy)
|
||||
* Rework `atuin init` in https://github.com/ellie/atuin/pull/652
|
||||
* Improve error message when $AUTIN_SESSION is not set. in https://github.com/ellie/atuin/pull/654
|
||||
* Add nix files and install instructions in https://github.com/ellie/atuin/pull/477
|
||||
|
||||
### [@BapRx](https://github.com/BapRx)
|
||||
* chore(#621): Exit atuin when pressing down arrow on most recent entry in https://github.com/ellie/atuin/pull/659
|
||||
* docs: Remove human short flag from docs, duplicate of help -h in https://github.com/ellie/atuin/pull/663
|
||||
* feat(history): Add new flag to allow custom output format in https://github.com/ellie/atuin/pull/662
|
||||
|
||||
### [@yolo2h](https://github.com/yolo2h)
|
||||
* docs: Fix typo in zh-CN/README.md in https://github.com/ellie/atuin/pull/666
|
||||
|
||||
### [@s1ck](https://github.com/s1ck)
|
||||
* Fix CI build badge in https://github.com/ellie/atuin/pull/683
|
||||
|
||||
### [@conradludgate](https://github.com/conradludgate)
|
||||
* display mnemonic key in https://github.com/ellie/atuin/pull/694
|
||||
* axum6 with typesafe state in https://github.com/ellie/atuin/pull/674
|
||||
* crossterm support in https://github.com/ellie/atuin/pull/331
|
||||
* stats in https://github.com/ellie/atuin/pull/707
|
||||
|
||||
### [@evanpurkhiser](https://github.com/evanpurkhiser)
|
||||
* Remove whitespace in template client config.tom in https://github.com/ellie/atuin/pull/697
|
||||
* Fix missing `-` in key-binding.md in https://github.com/ellie/atuin/pull/698
|
||||
|
||||
### [@eripa](https://github.com/eripa)
|
||||
* docs(README): add static activity graph example by @eripa in https://github.com/ellie/atuin/pull/680
|
||||
|
||||
### [@trygveaa](https://github.com/trygveaa)
|
||||
* Allow using existing key file on login by @trygveaa in https://github.com/ellie/atuin/pull/688
|
||||
|
||||
### [@frukto](https://github.com/frukto)
|
||||
* Make the install script more robust by @frukto in https://github.com/ellie/atuin/pull/692
|
||||
|
||||
### [@jbaiter](https://github.com/jbaiter)
|
||||
* Add `history_filter` setting to exclude commands from history by @jbaiter in https://github.com/ellie/atuin/pull/716
|
||||
|
||||
### [@hunger](https://github.com/hunger)
|
||||
* fish: Fix `atuin init` for the fish shell by @hunger in https://github.com/ellie/atuin/pull/699
|
||||
|
||||
### [@ekroon](https://github.com/ekroon)
|
||||
* Add support for generic database in AppState by @ekroon in https://github.com/ellie/atuin/pull/711
|
||||
|
||||
|
||||
## New Contributors
|
||||
I very much appreciate the work from all contributors, but a special mention to everyone who made their _first_ contribution in this release, no matter how large or small
|
||||
|
||||
* [@pdecat](https://github.com/pdecat) made their first contribution in https://github.com/ellie/atuin/pull/634
|
||||
* [@BapRx](https://github.com/BapRx) made their first contribution in https://github.com/ellie/atuin/pull/659
|
||||
* [@yolo2h](https://github.com/yolo2h) made their first contribution in https://github.com/ellie/atuin/pull/666
|
||||
* [@s1ck](https://github.com/s1ck) made their first contribution in https://github.com/ellie/atuin/pull/683
|
||||
* [@evanpurkhiser](https://github.com/evanpurkhiser) made their first contribution in https://github.com/ellie/atuin/pull/697
|
||||
* [@eripa](https://github.com/eripa) made their first contribution in https://github.com/ellie/atuin/pull/680
|
||||
* [@trygveaa](https://github.com/trygveaa) made their first contribution in https://github.com/ellie/atuin/pull/688
|
||||
* [@frukto](https://github.com/frukto) made their first contribution in https://github.com/ellie/atuin/pull/692
|
||||
* [@jbaiter](https://github.com/jbaiter) made their first contribution in https://github.com/ellie/atuin/pull/716
|
||||
* [@hunger](https://github.com/hunger) made their first contribution in https://github.com/ellie/atuin/pull/699
|
||||
* [@ekroon](https://github.com/ekroon) made their first contribution in https://github.com/ellie/atuin/pull/711
|
||||
|
||||
## Future plans
|
||||
I've been talking about it for ages and ages, but now that my life has _finally_ settled down I'm going to be focusing on getting [deletions](https://github.com/ellie/atuin/issues/592) out for the next release. We will be switching to an event-based sync, which should allow for many more features and cool things in the future!
|
||||
|
||||
## Other changes
|
||||
|
||||
### Talk
|
||||
I spoke about Atuin at FOSDEM! If you want to know more about the project + video is your thing, you can watch it here
|
||||
|
||||
<iframe width="560" height="315" src="https://www.youtube.com/embed/uyRmV19qJ2o" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen></iframe>
|
||||
|
||||
### Website
|
||||
|
||||
Well... this is new. Previously I never bothered writing much about new releases, and basically just used the autogenerated GitHub release. The docs should be much easier to find here too!
|
||||
|
||||
### Mastodon
|
||||
|
||||
We now have a Mastodon account over on Hachyderm! [@atuin](https://hachyderm.io/@atuin)
|
||||
|
||||
|
||||
### Twitter
|
||||
|
||||
I also opened a Twitter account for Atuin - [@atuinsh](https://twitter.com/atuinsh)
|
||||
|
||||
If you fancy chatting to us about anything here, or otherwise, please feel free to drop by the [Discord](https://discord.gg/Fq8bJSKPHh)!
|
||||
|
||||
**Full Changelog**: https://github.com/ellie/atuin/compare/v12.0.0...v13.0.0
|
Before Width: | Height: | Size: 16 KiB |
Before Width: | Height: | Size: 44 KiB |
|
@ -1,200 +0,0 @@
|
|||
---
|
||||
title: Atuin v14 - Deletions, NuShell, Windows and more!
|
||||
description: Release notes for Atuin v14!
|
||||
slug: release-v14
|
||||
authors: [ellie]
|
||||
tags: [release]
|
||||
---
|
||||
|
||||
> We have since released v14.0.1 with some fixes, following a NuShell breaking change. A writeup of other included changes will be included in the next release notes!
|
||||
|
||||
Announcing a new release of Atuin! v14 is out now. Atuin allows you to easily search and sync your shell history across many machines. Get started [here](https://atuin.sh/docs/)
|
||||
|
||||
You can update your installation via your system package manager, or by downloading the latest release from the [release page](https://github.com/ellie/atuin/releases).
|
||||
|
||||
This release introduces some breaking changes, so please ensure all Atuin clients and servers are updated or sync may not complete. If you have any issues, please try `atuin sync --force`
|
||||
|
||||
We had a lot of changes in this release - I'll call out a few, but this is not exhaustive. Read the changelog below for the full list!
|
||||
|
||||
### Community
|
||||
|
||||
- [Discord](https://discord.gg/Fq8bJSKPHh)
|
||||
- [Mastodon](https://hachyderm.io/@atuin)
|
||||
- [Twitter](https://twitter.com/atuinsh)
|
||||
|
||||
## New Features
|
||||
|
||||
### Deletions
|
||||
|
||||
You can now delete history! This has been our longest-standing issue, and one we are frequently asked about. So it's great to get it out! It took us a while due to the nature of sync, and we wanted to try several different approaches. There is still no way to delete history from the UI, however you can now pass the `--delete` flag to any `atuin search` command to delete all history matching the query. I suggest you run the search _without_ the delete flag first, just to check what you are removing
|
||||
|
||||
For example, to delete all commands that start with `psql`:
|
||||
|
||||
```
|
||||
atuin search --delete --search-mode prefix psql
|
||||
```
|
||||
|
||||
### NuShell
|
||||
|
||||
We now support NuShell! This was a huge effort by [@stevenxxiu](https://github.com/stevenxxiu), and involved work on both Atuin and NuShell itself. The effort was greatly appreciated, thank you so much 💖
|
||||
|
||||
Run in *Nushell*:
|
||||
|
||||
```
|
||||
mkdir ~/.local/share/atuin/
|
||||
atuin init nu | save ~/.local/share/atuin/init.nu
|
||||
```
|
||||
|
||||
Add to `config.nu`:
|
||||
|
||||
```
|
||||
source ~/.local/share/atuin/init.nu
|
||||
```
|
||||
|
||||
PRs:
|
||||
- https://github.com/nushell/nushell/pull/8560
|
||||
- https://github.com/nushell/nushell/pull/8207
|
||||
- https://github.com/ellie/atuin/pull/788
|
||||
|
||||
### Inline history UI
|
||||
|
||||
![inline history](inline.png)
|
||||
|
||||
Another of our biggest asks - the UI can now be configured so that it does not take the entire screen. Thank you to [@pdecat](https://github.com/pdecat)
|
||||
|
||||
Simply add
|
||||
|
||||
```
|
||||
# Choose a height for the inline history search
|
||||
inline_height = 40
|
||||
```
|
||||
|
||||
to your Atuin config file, and you're good to go!
|
||||
|
||||
We didn't sort it in time for v14, but in v15 you will also be able to configure the UI more deeply - for instance, change the position of the search bar.
|
||||
|
||||
### Skim fuzzy search
|
||||
|
||||
We have also added an alternative new search mode! This uses [skim](https://github.com/lotabout/skim) behind the scenes. Check it out with `search_mode = "skim"`. Thank you [@conradludgate](https://github.com/conradludgate)
|
||||
|
||||
### Windows
|
||||
|
||||
Atuin now _provisionally_ supports Windows! We cannot provide full support + releases won't be tested to the same level on Windows, however a few contributors have now been building + running on the platform without issues. Thank you so much to [@YummyOreo](https://github.com/YummyOreo) for this one!
|
||||
|
||||
### Command preview
|
||||
|
||||
![preview](preview.png)
|
||||
|
||||
Previously, longer commands would be cut off in the UI. Thanks to [@pdecat](https://github.com/pdecat), we now have a preview window! Enable it with a `show_preview = true`
|
||||
|
||||
## Improvements
|
||||
|
||||
- Bash import improved
|
||||
- Prefer PWD env variable over cwd to better handle symlinks
|
||||
- Ignore common prefixes and subcommands in stats calculations
|
||||
- Add musl build
|
||||
- Add `atuin status` command to check sync status
|
||||
|
||||
## Stickers
|
||||
|
||||
Since the last release, we have printed some stickers!
|
||||
|
||||
If you'd like one, please fill out one of the following:
|
||||
|
||||
- [Contributor form](https://notionforms.io/forms/contributors-stickers)
|
||||
- [User form](https://notionforms.io/forms/user-stickers)
|
||||
|
||||
|
||||
## New contributors
|
||||
A special thank you to everyone who contributed for the first time in this release!
|
||||
|
||||
* [@0x4A6F](https://github.com/0x4A6F) made their first contribution in https://github.com/ellie/atuin/pull/743
|
||||
* [@notjedi](https://github.com/notjedi) made their first contribution in https://github.com/ellie/atuin/pull/753
|
||||
* [@stevenxxiu](https://github.com/stevenxxiu) made their first contribution in https://github.com/ellie/atuin/pull/719
|
||||
* [@YummyOreo](https://github.com/YummyOreo) made their first contribution in https://github.com/ellie/atuin/pull/754
|
||||
* [@lukekarrys](https://github.com/lukekarrys) made their first contribution in https://github.com/ellie/atuin/pull/757
|
||||
* [@onkelT2](https://github.com/onkelT2) made their first contribution in https://github.com/ellie/atuin/pull/767
|
||||
* [@aschey](https://github.com/aschey) made their first contribution in https://github.com/ellie/atuin/pull/776
|
||||
* [@nicoandmee](https://github.com/nicoandmee) made their first contribution in https://github.com/ellie/atuin/pull/789
|
||||
* [@hhamud](https://github.com/hhamud) made their first contribution in https://github.com/ellie/atuin/pull/793
|
||||
* [@iamkroot](https://github.com/iamkroot) made their first contribution in https://github.com/ellie/atuin/pull/586
|
||||
* [@InCogNiTo124](https://github.com/InCogNiTo124) made their first contribution in https://github.com/ellie/atuin/pull/809
|
||||
* [@takac](https://github.com/takac) made their first contribution in https://github.com/ellie/atuin/pull/824
|
||||
* [@sftblw](https://github.com/sftblw) made their first contribution in https://github.com/ellie/atuin/pull/827
|
||||
|
||||
## Sync server stats
|
||||
I've ran a public sync server since the very beginning, and thought I'd share some stats from it! Bear in mind all data is encrypted, so the data we can see is only very high level.
|
||||
|
||||
In March, we saw:
|
||||
|
||||
- 2,031,355 history lines synced up, with a total of 13,077,001
|
||||
- 137 new users, with a total of 1136 (we passed 1000!)
|
||||
|
||||
We also cleared 500 monthly active users for the first time! See the charts below for DAU/WAU/MAU
|
||||
|
||||
![](dau.png)
|
||||
![](wau.png)
|
||||
![](mau.png)
|
||||
|
||||
## Full changelog
|
||||
|
||||
* Add Hachyderm links by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/742
|
||||
* Update flake.lock to Rust 1.67 by [@patricksjackson](https://github.com/patricksjackson) in https://github.com/ellie/atuin/pull/749
|
||||
* nix: add flake-compat by [@0x4A6F](https://github.com/0x4A6F) in https://github.com/ellie/atuin/pull/743
|
||||
* Fix race condition in directory tests by [@cyqsimon](https://github.com/cyqsimon) in https://github.com/ellie/atuin/pull/748
|
||||
* Rework Bash import by [@cyqsimon](https://github.com/cyqsimon) in https://github.com/ellie/atuin/pull/747
|
||||
* docs(README): fix activity graph link by [@notjedi](https://github.com/notjedi) in https://github.com/ellie/atuin/pull/753
|
||||
* Show preview of selected command by [@pdecat](https://github.com/pdecat) in https://github.com/ellie/atuin/pull/643
|
||||
* Up arrow filter_mode setting default to global filter mode by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/758
|
||||
* feat: add common default keybindings by [@stevenxxiu](https://github.com/stevenxxiu) in https://github.com/ellie/atuin/pull/719
|
||||
* Bump debian from bullseye-20230208-slim to bullseye-20230227-slim by @dependabot in https://github.com/ellie/atuin/pull/744
|
||||
* Windows support by [@YummyOreo](https://github.com/YummyOreo) in https://github.com/ellie/atuin/pull/754
|
||||
* fix(client): always read session_path from settings by [@lukekarrys](https://github.com/lukekarrys) in https://github.com/ellie/atuin/pull/757
|
||||
* Add register notification webhook by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/764
|
||||
* Install CA certificates in docker image by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/765
|
||||
* Docker isn't interactive ofc by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/766
|
||||
* Minor documentation updates by [@onkelT2](https://github.com/onkelT2) in https://github.com/ellie/atuin/pull/767
|
||||
* Fix before/after combined with limit by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/770
|
||||
* Allow specifying fulltext as well as full-text by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/771
|
||||
* fix new stats unique count by [@conradludgate](https://github.com/conradludgate) in https://github.com/ellie/atuin/pull/772
|
||||
* add common prefixes and subcommands to stats by [@conradludgate](https://github.com/conradludgate) in https://github.com/ellie/atuin/pull/773
|
||||
* fix(installer): use case-insensitive comparisons by @aschey in https://github.com/ellie/atuin/pull/776
|
||||
* Fixes a bug on windows by [@YummyOreo](https://github.com/YummyOreo) in https://github.com/ellie/atuin/pull/780
|
||||
* Prefer PWD environment variable over cwd if available to better support symbolic links by [@pdecat](https://github.com/pdecat) in https://github.com/ellie/atuin/pull/783
|
||||
* fix: many links were broken :memo: by [@nicoandmee](https://github.com/nicoandmee) in https://github.com/ellie/atuin/pull/789
|
||||
* skim-demo by [@conradludgate](https://github.com/conradludgate) in https://github.com/ellie/atuin/pull/695
|
||||
* Add history deletion by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/791
|
||||
* fix: paste into terminal after switching modes by [@hhamud](https://github.com/hhamud) in https://github.com/ellie/atuin/pull/793
|
||||
* Support old msgpack by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/794
|
||||
* Fix skim search by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/795
|
||||
* Allow changing search_mode during interactive search by [@iamkroot](https://github.com/iamkroot) in https://github.com/ellie/atuin/pull/586
|
||||
* chore: remove tui vendoring by [@conradludgate](https://github.com/conradludgate) in https://github.com/ellie/atuin/pull/804
|
||||
* Bump debian from bullseye-20230227-slim to bullseye-20230320-slim by @dependabot in https://github.com/ellie/atuin/pull/802
|
||||
* Delete all instances of a command by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/797
|
||||
* Bump lukemathwalker/cargo-chef from latest-rust-1.67.1 to latest-rust-1.68.0 by @dependabot in https://github.com/ellie/atuin/pull/781
|
||||
* feat: respect exit_mode setting when exiting with arrow down keypress by [@pdecat](https://github.com/pdecat) in https://github.com/ellie/atuin/pull/807
|
||||
* feat: add an inline view mode by [@pdecat](https://github.com/pdecat) in https://github.com/ellie/atuin/pull/648
|
||||
* Add musl build by [@InCogNiTo124](https://github.com/InCogNiTo124) in https://github.com/ellie/atuin/pull/809
|
||||
* feat: add *Nushell* support by [@stevenxxiu](https://github.com/stevenxxiu) in https://github.com/ellie/atuin/pull/788
|
||||
* chore: use fork of skim by [@conradludgate](https://github.com/conradludgate) in https://github.com/ellie/atuin/pull/803
|
||||
* Bind keys in vi mode too by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/811
|
||||
* Account for user not yet having count cache by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/812
|
||||
* Fixes nushell recording empty commands by [@YummyOreo](https://github.com/YummyOreo) in https://github.com/ellie/atuin/pull/813
|
||||
* Update CONTRIBUTING.md by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/815
|
||||
* client filtering done in query by @jean-santos in https://github.com/ellie/atuin/pull/629
|
||||
* fix: record negative exit codes by [@stevenxxiu](https://github.com/stevenxxiu) in https://github.com/ellie/atuin/pull/821
|
||||
* Refactor/nu remove dep on sh by [@stevenxxiu](https://github.com/stevenxxiu) in https://github.com/ellie/atuin/pull/823
|
||||
* Update CI by [@InCogNiTo124](https://github.com/InCogNiTo124) in https://github.com/ellie/atuin/pull/814
|
||||
* Add more fields to `atuin search --format` by [@takac](https://github.com/takac) in https://github.com/ellie/atuin/pull/824
|
||||
* install.sh - add endeavouros to archlinux detection by [@sftblw](https://github.com/sftblw) in https://github.com/ellie/atuin/pull/827
|
||||
* Add `--offset` flag to `atuin search` by [@takac](https://github.com/takac) in https://github.com/ellie/atuin/pull/825
|
||||
* Update `atuin search` docs by [@takac](https://github.com/takac) in https://github.com/ellie/atuin/pull/828
|
||||
* Add `atuin status` by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/830
|
||||
* fix: allow nix package to fetch dependencies from git by [@patricksjackson](https://github.com/patricksjackson) in https://github.com/ellie/atuin/pull/832
|
||||
* feat: add github action to test the nix builds by [@patricksjackson](https://github.com/patricksjackson) in https://github.com/ellie/atuin/pull/833
|
||||
* Vendor ratatui temporarily by [@ellie](https://github.com/ellie) in https://github.com/ellie/atuin/pull/835
|
||||
|
||||
## Next release
|
||||
While this release was pretty big, we have a lot planned for the next one too! It should be out around the beginning of May.
|
||||
|
||||
**GitHub**: https://github.com/ellie/atuin/compare/v13.0.1...v14.0.0
|
Before Width: | Height: | Size: 30 KiB |
Before Width: | Height: | Size: 35 KiB |
|
@ -1,101 +0,0 @@
|
|||
---
|
||||
title: Atuin v15 - Fixes and improvements release
|
||||
description: Release notes for Atuin v15!
|
||||
slug: release-v15
|
||||
authors: [ellie]
|
||||
tags: [release]
|
||||
---
|
||||
|
||||
Announcing a new release of Atuin! v15 is out now. This release is not particularly feature-heavy, instead we have focused on a number of bugfixes and improvements - with lots of new shiny things planned for v16.
|
||||
|
||||
I've also included the changes from v14.0.1 in these notes, as we never did a separate post for them
|
||||
|
||||
### Community
|
||||
|
||||
- [Discord](https://discord.gg/Fq8bJSKPHh)
|
||||
- [Mastodon](https://hachyderm.io/@atuin)
|
||||
- [Twitter](https://twitter.com/atuinsh)
|
||||
|
||||
## Sync changes
|
||||
|
||||
For the first time in a long while, we have made an adjustment to how sync functions. In the longer term, we intend on replacing our current sync algorithm with something that better handles consistency, but v15 should at least ship some performance improvements.
|
||||
|
||||
Older versions of Atuin used a fixed page size of 100. This meant that for each request, we could only upload or download 100 history items at a time. For larger histories, this meant a lot of HTTP requests + a fairly slow sync.
|
||||
|
||||
Atuin v15 ships a variable page size, defaulting to 1100. This is configurable on the server, via the `page_size` parameter. A smaller number of larger requests generally performs better in our testing.
|
||||
|
||||
For self hosted servers, please note that reverse proxies may require configuration changes to allow for larger requests.
|
||||
|
||||
## What's Changed
|
||||
* Fix deleting history that doesn't exist yet by @ellie in #844
|
||||
* Updated client config docs by @cyqsimon in #839
|
||||
* Handle empty lines when importing from Bash by @cyqsimon in #845
|
||||
* update str substring usage to use range parameter by @WindSoilder in #840
|
||||
* Fix --delete description by @SuperSandro2000 in #853
|
||||
* Use XDG data directory for fish import by @ijanos in #851
|
||||
* Add some emacs movement keys by @majutsushi in #857
|
||||
* Atuin stats with day, month, week and year filter by @bahdotsh in #858
|
||||
* Add --reverse to atuin search by @takac in #862
|
||||
* Add additional detail to search documentation by @briankung in #860
|
||||
* Switch to uuidv7 by @ellie in #864
|
||||
* Workspace reorder by @utter-step in #868
|
||||
* Improve error message for issue #850. by @postmath in #876
|
||||
* Avoid accidentally deleting all history, but allow it if intended by @ellie in #878
|
||||
* Add footer by @ellie in #879
|
||||
* Make the homepage prettier by @ellie in #880
|
||||
* Release v14.0.1 by @ellie in #883
|
||||
* Fix release workflow by @ellie in https://github.com/ellie/atuin/pull/885
|
||||
* Add workflow dispatch for release by @ellie in https://github.com/ellie/atuin/pull/888
|
||||
* chore: uuhhhhhh crypto lol by @conradludgate in https://github.com/ellie/atuin/pull/805
|
||||
* Add keyboard shortcuts to the Config/Keybinding chapter. by @maxim-uvarov in https://github.com/ellie/atuin/pull/875
|
||||
* Re-added package name to workspace.package by @bdavj in https://github.com/ellie/atuin/pull/894
|
||||
* Add package param to cargo deb by @ellie in https://github.com/ellie/atuin/pull/895
|
||||
* Allow specifying tag to build for workflow_dispatch by @ellie in https://github.com/ellie/atuin/pull/896
|
||||
* Add symlink by @ellie in https://github.com/ellie/atuin/pull/897
|
||||
* Upload tar before building deb by @ellie in https://github.com/ellie/atuin/pull/898
|
||||
* Copy license for cargo-deb by @ellie in https://github.com/ellie/atuin/pull/901
|
||||
* Fix fig plugin link by @millette in https://github.com/ellie/atuin/pull/924
|
||||
* fix broken pipe on history list by @conradludgate in https://github.com/ellie/atuin/pull/927
|
||||
* docs: Fix broken links in README.md by @xqm32 in https://github.com/ellie/atuin/pull/920
|
||||
* Add `nu` section to `keybinds.md` by @VuiMuich in https://github.com/ellie/atuin/pull/881
|
||||
* cwd_filter: much like history_filter, only it applies to cwd by @kjetijor in https://github.com/ellie/atuin/pull/904
|
||||
* Add command flag for `inline_height` by @VuiMuich in https://github.com/ellie/atuin/pull/905
|
||||
* docs: fix "From source" `cd` command by @rigrig in https://github.com/ellie/atuin/pull/937
|
||||
* Correct typos in website by @skx in https://github.com/ellie/atuin/pull/946
|
||||
* website: Fix participle "be ran" -> "be run" by @nh2 in https://github.com/ellie/atuin/pull/939
|
||||
* Update README.md: Disable update check for offline mode by @sashkab in https://github.com/ellie/atuin/pull/960
|
||||
* Bump debian from bullseye-20230320-slim to bullseye-20230502-slim by @dependabot in https://github.com/ellie/atuin/pull/930
|
||||
* At least patch this on the server side so we don't loop forever by @ellie in https://github.com/ellie/atuin/pull/970
|
||||
* Fix key regression by @ellie in https://github.com/ellie/atuin/pull/974
|
||||
* Include bash preexec warning by @ellie in https://github.com/ellie/atuin/pull/983
|
||||
* feat: add delete account option (attempt 2) by @yannickulrich in https://github.com/ellie/atuin/pull/980
|
||||
* validate usernames on registration by @conradludgate in https://github.com/ellie/atuin/pull/982
|
||||
* Restructure account commands to account subcommand by @ellie in https://github.com/ellie/atuin/pull/984
|
||||
* Allow server configured page size by @ellie in https://github.com/ellie/atuin/pull/994
|
||||
* Input bar at the top if we are in inline mode by @ellie in https://github.com/ellie/atuin/pull/866
|
||||
* Add option to completely disable help row by @happenslol in https://github.com/ellie/atuin/pull/993
|
||||
* Fix typo in `config.toml` by @pmodin in https://github.com/ellie/atuin/pull/1006
|
||||
|
||||
## New Contributors
|
||||
* @WindSoilder made their first contribution in https://github.com/ellie/atuin/pull/840
|
||||
* @ijanos made their first contribution in https://github.com/ellie/atuin/pull/851
|
||||
* @majutsushi made their first contribution in https://github.com/ellie/atuin/pull/857
|
||||
* @bahdotsh made their first contribution in https://github.com/ellie/atuin/pull/858
|
||||
* @briankung made their first contribution in https://github.com/ellie/atuin/pull/860
|
||||
* @utter-step made their first contribution in https://github.com/ellie/atuin/pull/868
|
||||
* @postmath made their first contribution in https://github.com/ellie/atuin/pull/876
|
||||
* @maxim-uvarov made their first contribution in https://github.com/ellie/atuin/pull/875
|
||||
* @bdavj made their first contribution in https://github.com/ellie/atuin/pull/894
|
||||
* @millette made their first contribution in https://github.com/ellie/atuin/pull/924
|
||||
* @xqm32 made their first contribution in https://github.com/ellie/atuin/pull/920
|
||||
* @VuiMuich made their first contribution in https://github.com/ellie/atuin/pull/881
|
||||
* @kjetijor made their first contribution in https://github.com/ellie/atuin/pull/904
|
||||
* @rigrig made their first contribution in https://github.com/ellie/atuin/pull/937
|
||||
* @skx made their first contribution in https://github.com/ellie/atuin/pull/946
|
||||
* @nh2 made their first contribution in https://github.com/ellie/atuin/pull/939
|
||||
* @sashkab made their first contribution in https://github.com/ellie/atuin/pull/960
|
||||
* @yannickulrich made their first contribution in https://github.com/ellie/atuin/pull/980
|
||||
* @happenslol made their first contribution in https://github.com/ellie/atuin/pull/993
|
||||
* @pmodin made their first contribution in https://github.com/ellie/atuin/pull/1006
|
||||
|
||||
**Full Changelog**: https://github.com/ellie/atuin/compare/v14.0.0...v15.0.1
|
|
@ -1,136 +0,0 @@
|
|||
---
|
||||
title: Atuin's new encryption scheme
|
||||
description: Details about the new encryption system for Atuin
|
||||
slug: new-encryption
|
||||
authors: [conrad]
|
||||
tags: [insights]
|
||||
---
|
||||
|
||||
<head>
|
||||
<meta data-rh="true" property="og:image" content="https://atuin.sh/img/encryption-og.jpg" />
|
||||
<meta data-rh="true" property="twitter:image" content="https://atuin.sh/img/encryption-og.jpg" />
|
||||
</head>
|
||||
|
||||
End-to-end encryption is an essential component of Atuin.
|
||||
One of our core philosophies, when we created the sync service, was that
|
||||
we didn't want to worry about storing user data. The shell is a very
|
||||
sensitive system with API keys, AWS credentials, account passwords, etc.
|
||||
We didn't want to give the opportunity for that data to leak, either through an attack, or through a mistake on our part.
|
||||
|
||||
If there's one thing I have learnt as an engineer, it's that cryptography is hard.
|
||||
If you are an expert in cryptographic implementations or cryptoanalysis, please get in touch.
|
||||
This post will cover my research as - a non-crypto expert - into the long-term security of Atuin history data.
|
||||
|
||||
> Disclaimer, where reasonable, I have considered the security of
|
||||
> [Side channel attacks](https://en.wikipedia.org/wiki/Side-channel_attack).
|
||||
> Right now, our biggest concern is attacks on the atuin server, where the encrypted data is stored at rest.
|
||||
> All atuin data is stored unencrypted on your local device in order to perform search queries. Improvements
|
||||
> to cryptographic implementations can come in later revisions if any realistic side-channel attacks are found.
|
||||
|
||||
## TL;DR
|
||||
|
||||
Our encryption system is changing from [NaCl secretbox](https://nacl.cr.yp.to/secretbox.html),
|
||||
and moving to [PASETO v4 local encryption](https://github.com/paseto-standard/paseto-spec/tree/master/docs/01-Protocol-Versions#version-4-sodium-modern)
|
||||
with [PASERK local key wrapping](https://github.com/paseto-standard/paserk/blob/master/types/local-wrap.md).
|
||||
|
||||
## Backstory
|
||||
|
||||
All the way back in [April 2021, in our V0.5 release](https://github.com/ellie/atuin/pull/31/files#diff-6cb394acf0a1c664cf29bc71085c713dc29308df03dfcd58d44d91b536201041),
|
||||
Ellie decided to use the [NaCl standard](https://nacl.cr.yp.to/) (aka salt/libsodium) for our encryption as a tried and trusted standard.
|
||||
Specifically, [secretbox](https://nacl.cr.yp.to/secretbox.html) was the algorithm of choice.
|
||||
|
||||
If you're not familiar, secretbox is an implementation of _authenticated symmetrical encryption_. This means
|
||||
that only the owner of the encryption key can decrypt the data (this will be the user), and that any attempts
|
||||
to tamper with the data can be detected.
|
||||
|
||||
Honestly, this is a great system and offers everything we needed. However, our interface to libsodium is a now unmaintained crate called [sodiumoxide](https://github.com/sodiumoxide/sodiumoxide) and had issues being portable. Because of this, I started looking into what algorithms libsodium uses underneath and if we can use a native Rust implementation.
|
||||
|
||||
Secretbox is made up of two main components. A stream-cipher and a message authentication code.
|
||||
These are XSalsa20 and Poly1305 respectively, designed by NaCl's author [Daniel J. Bernstein](https://en.wikipedia.org/wiki/Daniel_J._Bernstein).
|
||||
In a brave effort, I decided to [roll my own crypto](https://security.stackexchange.com/questions/18197/why-shouldnt-we-roll-our-own)
|
||||
and implement this [XSalsa20 + Poly1305 system in Rust](https://github.com/ellie/atuin/pull/805).
|
||||
|
||||
> NOTE: I didn't actually implement the underlying algorithms. we are using:
|
||||
> * [poly1305](https://github.com/RustCrypto/universal-hashes/tree/master/poly1305)
|
||||
> * [salsa20](https://github.com/RustCrypto/stream-ciphers/tree/master/salsa20)
|
||||
>
|
||||
> From the RustCrypto project.
|
||||
> These algorithms are not known to be vulnerable to software-based side-channel attacks.
|
||||
|
||||
## Back to the drawing board
|
||||
|
||||
After peeling back the veil that is our cryptographic implementation,
|
||||
I started thinking a lot more about just how secure the system is.
|
||||
|
||||
The more I started looking, the more I noticed potential improvements.
|
||||
Salsa20/Poly1305 both date back to 2005. In another 20 years, is this system going to still be secure?
|
||||
|
||||
Let's take a look at some potential attacks
|
||||
|
||||
### We don't guarantee a unique Initialisation Vector (IV) per message
|
||||
|
||||
We use a random 192-bit IV. There is a known attack on stream-ciphers if the
|
||||
Key + IV pair is ever re-used. For all practical purposes, this is enough, assuming the OS random source is any good. A [birthday attack](https://en.wikipedia.org/wiki/Birthday_attack) calculation suggests that it needs in the order of 10^23 messages for a one-in-a-trillion chance of collision.
|
||||
|
||||
This is not an issue as all of our users combined are never going to generate 10^23 entries, and we certainly aren't willing to store [zettabytes](https://en.wikipedia.org/wiki/Byte#Multiple-byte_units) of their data.
|
||||
|
||||
### We use the same key for each message
|
||||
|
||||
Shell history is quite predictable. If you have a 2-byte history entry, it's quite likely that it's `ls`. Given the encrypted blob, you can start to brute force the associated key. A proof was published stating that no attack on Salsa20 with 128-bit key is possible with an average search time of less than 2^130 (about 10^39) random guesses.
|
||||
|
||||
To put that number into perspective. Performing 1 billion key operations per CPU core per second, and using a suite of 1 billion CPU cores, the attack will take roughly 10 trillion years.
|
||||
|
||||
Atuin uses a 256-bit key which is even more secure, and therefore not at risk of a practical brute-force attack. It follows that we are likely safe from a known plain-text attack.
|
||||
|
||||
However, there is still the issue of key leaking. We have no key-upgrade policy.
|
||||
If a key is leaked, maybe through a side-channel attack, a social attack, or malware,
|
||||
then the only solution is to create a new account with a new key.
|
||||
|
||||
This is partially an issue.
|
||||
|
||||
## What we can change
|
||||
|
||||
While researching these systems, I learnt of many new cryptographic techniques that some modern systems use. While the analysis above indicates that we are protected, there might be attacks we are unaware of, so keeping up with modern research is important.
|
||||
|
||||
We're also in the middle of redesigning our sync service. While we're already planning a big change, we might as well consider updating the encryption too.
|
||||
|
||||
### Key wrapping
|
||||
|
||||
A common approach to encrypting lots of items is the use of wrapped keys.
|
||||
The idea here is that each payload has an associated random encryption key.
|
||||
This key is then itself encrypted (wrapped) using the master key and stored with the data.
|
||||
|
||||
Initially, this seemed less secure to me. However, my research seems to point out that
|
||||
the master key is less vulnerable to side-channel attacks since it is less used.
|
||||
It also offers no decrease in overall security since brute-forcing the master key from an
|
||||
random key is just as hard as it is for any message. In the end, it's like
|
||||
a password manager for your encrypted data.
|
||||
|
||||
This would unlock some potential future upgrades.
|
||||
|
||||
1. Key rotation is easier since you need to re-encrypt the wrapped keys. This means much less data needs to be updated.
|
||||
2. Wrapped data keys can be decrypted in Hardware Security Modules (HSM) which are immune to side-channel attacks
|
||||
|
||||
### Stronger ciphers
|
||||
|
||||
XSalsa20 was later superseded by XChaCha20 by the same author. It has a very similar construction,
|
||||
but the stream cipher has better mixing characteristics, which makes any non-brute-force attacks harder to craft.
|
||||
|
||||
## Conclusion
|
||||
|
||||
I started to craft a new solution using these concepts.
|
||||
But eventually, I realised that I shouldn't be reinventing the wheel here.
|
||||
During more and more of my research sessions, I stumbled upon [PASETO](https://paseto.io/).
|
||||
While the intended use case is security tokens,
|
||||
their local encryption scheme is designed such that encrypted data is safe to be shared publically.
|
||||
Their V4 scheme also uses the XChaCha20 cipher which I was initially planning to use.
|
||||
|
||||
In the end, I bit the bullet and decided to use the standard.
|
||||
The nice thing with secretbox is that existing implementations in other languages are widely available.
|
||||
Making it easy to implement sync in third parties. If we implemented our own scheme,
|
||||
that would make it much easier for third parties to make mistakes if they wanted to use the sync data directly.
|
||||
|
||||
Using PASETO, there are existing implementations that we didn't have to write.
|
||||
This means that we don't build software doomed to die a lonely death. It also means
|
||||
that we benefit directly from future versions of the specification.
|
||||
|
Before Width: | Height: | Size: 114 KiB |
|
@ -1,11 +0,0 @@
|
|||
ellie:
|
||||
name: Ellie Huxtable
|
||||
title: Maintainer of Atuin
|
||||
url: https://github.com/ellie
|
||||
image_url: https://github.com/ellie.png
|
||||
|
||||
conrad:
|
||||
name: Conrad Ludgate
|
||||
title: Maintainer of Atuin
|
||||
url: https://github.com/conradludgate
|
||||
image_url: https://github.com/conradludgate.png
|
|
@ -214,7 +214,7 @@ invert = true/false
|
|||
|
||||
Set the maximum number of lines Atuin's interface should take up.
|
||||
|
||||
![inline_height](../../blog/2023/04-01-release-v14/inline.png)
|
||||
![inline_height](/img/inline.png)
|
||||
|
||||
If set to `0` (default), Atuin will always take up as many lines as available (full screen).
|
||||
|
||||
|
@ -222,7 +222,7 @@ If set to `0` (default), Atuin will always take up as many lines as available (f
|
|||
|
||||
Configure whether or not to show a preview of the selected command.
|
||||
|
||||
![show_preview](../../blog/2023/04-01-release-v14/preview.png)
|
||||
![show_preview](/img/preview.png)
|
||||
|
||||
Useful when the command is longer than the terminal width and is cut off.
|
||||
|
||||
|
@ -309,7 +309,7 @@ remote sync server. Any longer than this and the request will fail.
|
|||
## enter_accept
|
||||
Default: false
|
||||
|
||||
Only supported on Zsh and Fish.
|
||||
Not supported by NuShell presently
|
||||
|
||||
When set to true, Atuin will default to immediately executing a command rather
|
||||
than the user having to press enter twice. Pressing tab will return to the
|
||||
|
|
|
@ -27,7 +27,8 @@ If you have any problems, please open an [issue](https://github.com/ellie/atuin/
|
|||
|
||||
# Quickstart
|
||||
|
||||
Please do try and read this guide, but if you're in a hurry and want to get started quickly:
|
||||
Please do try and read this guide, but if you're in a hurry and want to get
|
||||
started quickly:
|
||||
|
||||
```
|
||||
bash <(curl https://raw.githubusercontent.com/ellie/atuin/main/install.sh)
|
||||
|
@ -37,6 +38,16 @@ atuin import auto
|
|||
atuin sync
|
||||
```
|
||||
|
||||
Now restart your shell!
|
||||
|
||||
Anytime you press ctrl-r or up, you will see the Atuin search UI. Type your
|
||||
query, enter to execute. If you'd like to select a command without executing
|
||||
it, press tab.
|
||||
|
||||
You might like to configure an [inline
|
||||
window](https://atuin.sh/docs/config/#inline_height), or [disable up arrow
|
||||
bindings](https://atuin.sh/docs/key-binding#disable-up-arrow)
|
||||
|
||||
# Full Guide
|
||||
|
||||
Let's get started! First up, you will want to install Atuin. We have an install
|
||||
|
|
Before Width: | Height: | Size: 84 KiB After Width: | Height: | Size: 84 KiB |
Before Width: | Height: | Size: 204 KiB After Width: | Height: | Size: 204 KiB |