markbennett.ca / tangled-cli
WIP: A simple cli for daily tangled use cases and AI integration. This is for my personal use right now, but happy if others get mileage from it! :)
fork atom

Add Linux keychain unlock support #19

open opened by markbennett.ca

Context#

Currently the CLI stores credentials in the OS keychain via @napi-rs/keyring, which works cross-platform. However, the keychain unlock flow is macOS-only.

No-ops on Linux#

src/utils/auth-helpers.tstryUnlockKeychain():

function tryUnlockKeychain(): boolean {
  if (process.platform !== 'darwin') return false; // no-op on Linux/Windows
  execSync('security unlock-keychain', { stdio: 'inherit' });
  ...
}

On non-darwin, this immediately returns false without attempting an unlock. The error message shown to the user also refers specifically to 'Mac keychain'.

Skipped tests#

tests/utils/auth-helpers.test.ts:

it.skipIf(process.platform !== 'darwin')('should unlock keychain and retry when KeychainAccessError is thrown', ...)

This test was skipped because the unlock-and-retry path is macOS-only.

What Linux support would involve#

  • Detect a locked keychain on Linux (Secret Service / DBus) when KeychainAccessError is thrown
  • Attempt to unlock via the appropriate Linux mechanism (e.g. gnome-keyring-daemon --unlock, kwallet, or prompting the user)
  • Update error messages to be platform-neutral
  • Re-enable (or add) tests for the Linux unlock path
sign up or login to add to the discussion
Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:plc:b2mcbcamkwyznc5fkplwlxbf/sh.tangled.repo.issue/3mem6gdwjud2z