Changes

0.8

  • Tab-completion now plays nice with backups.

  • Added -B to ls.

  • Added -c and -R to vi.

  • -a now always either adds the active script to the list of input scripts or, with put, sets the active script as upload target.

  • Added -s to python.

  • ls -l now terminates its output with ....

  • ls -1 now terminates its output with a blank line.

  • Uploading scripts that terminate lines with a carriage return and a newline, as opposed to either a carriage return or a newline, works again.

  • Backups are now automatically deleted if an upload failed.

  • When overwriting files with mv, the configured number of backups is made.

  • -d enables stack traces again.

  • Server warnings about semantic errors in scripts are now displayed.

  • Using exit in scripts no longer raises StopIteration.

  • Non-matching patterns are reported as error again.

  • Output of -h is now properly formatted in Python ≥ v3.13.

  • Word-splitting now mimics sh(1).

  • Suppressed warning about naive time comparisons in Python ≤ v3.9.

  • Removed the about command.

  • Re-factored the Python module.

  • Added discussion of privacy issues with OCSP.

0.7.4.7

  • Certificate dates are compared non-naively if Python ≥ v3.11 and cryptography ≥ v43.0 are available.

0.7.4.6

  • The error message for a server failing SCRAM verification now displays the host name properly.

0.7.4.5

  • If a password manager exits with a non-zero exit status < 127 (i.e., has been found and did not exit because of a signal), the password is prompted for.

  • Tab-completion now works for patterns (e.g., f* now expands to foo, not f*foo).

  • Patterns can now be escaped.

0.7.4.4

  • Giving passwords on the command line using “user:password@host” works again.

  • Files given in configuration variables are found again.

  • SRV records are looked up again.

0.7.4.3

  • SieveManager now parses server messages more strictly.

  • SRV records that are longer than 253 characters will now be rejected. This mitigates CVE-2024-3651, which affects idna < v3.7. SieveManager depends on dnspython, which depends on idna. That said, CVE-2024-3651 is ‘only’ a denial-of-service vulnerability and highly unlikely to affect SieveManager.

0.7.4.2

  • Usernames given on the command line override account sections again.

  • -o overrides account sections again.

  • -c accepts filenames in the current working directory again.

0.7.4.1

  • Tab-completion no longer repeats the last completions when an argument cannot be auto-completed.

  • Tab-completion for directories works again.

0.7.4

  • Configuration variables are no longer expanded in filename variables.

  • Removed more’s -p option.

  • A BEL is printed when Tab is pressed, but there are no completions. This may result in an audible, visual, or no notification, depending on your setup.

  • “EXTERNAL” and password-based authentication mechanisms can now be mixed.

  • Tab-completion now also works in python.

  • put works again.

  • -c works again.

  • ls now displays filenames that are longer than the terminal is wide correctly.

  • An error is raised if password is set, but sieve.cf is group- or world-readable.

  • An error is raised if sieve.cf is group- or world-writable.

  • Tab-completion now also works for filenames that contain whitespace or patterns.

  • Made ManageSieve-parser more robust.

  • Made YAML-escaping more robust.

0.7.3

  • The backup configuration variable has been replaced by backups.

  • The getpass configuration variable has been renamed to getpassword.

  • The getkeypass configuration variable has been renamed to getpassphrase.

  • The confdir configuration variable has been removed.

  • The number of backups to make can, and must, now be limited.

  • Relative filenames in configuration files are now interpreted as relative to the directory the configuration file is in.

  • Configuration settings can now be read from multiple files.

  • -o now also accepts key and nokey.

  • -c can now be given multiple times.

  • Duplicate alias-es now raise an error.

  • New configuration variable password, which should not be used.

  • Usernames containing “,” or “=” are now handled correctly by SCRAMs.

  • String preparation of usernames and passwords now handles bidirectional strings, display property-changing characters, and unassigned code points correctly.

  • Multiple account sections for the same account are now merged, instead of later sections overriding earlier ones.

  • Bash and ZSh completion scripts work again.

  • Errors and ommissions in the documentation.

0.7.2

  • cryptography and dnspython are now installed as dependencies. SieveManager also runs without them, however.

  • authmechs has been renamed to saslmechs.

  • Passwords are no longer prompted for on the GUI if there is no controlling terminal.

  • Sieve scripts are now assumed to be encoded in UTF-8 (as mandated by RFC 5228).

  • ed and vi now offer to re-edit scripts with syntax errors, instead of throwing them away.

  • New command about.

  • Prompting for passwords and confirmation works under Linux again.

  • Obsolete mechanisms can be selected with saslmechs again.

  • Configuration sections without login names and aliases are now recognised.

  • OCSP lookup errors are now handled more gracefully.

0.7.1

  • New option -s.

  • New option -e.

  • -C can no longer be given to shell commands.

  • -i now only triggers an error if confirmation is required and no terminal is available.

  • ‘#’ now starts comments in the SieveManager shell.

  • SieveManager now comes with a ZSh completion script.

  • Configuration files have been renamed.

  • Confirmations and passwords are always prompted for on /dev/tty, regardless of I/O redirection.

  • caps, cert, diff, ls, and help no longer pipe output that doesn’t fit on the screen through a pager.

  • Scripted mode is now entered only if standard input is not a terminal.

0.7

  • New command echo.

  • New command xargs.

  • New flag -C.

  • New flag -i.

  • cmp now also prints output if files are equal.

  • caps, cert, diff, ls, and help now pipe output that doesn’t fit on the screen through a pager if standard input and output are a terminal.

  • More options for cmp, cp, diff, ls, get, more, mv, put, and rm.

  • Tab-completion for local files now also selects directories.

  • ‘/’ is automatically appended to tab-completed directory names.

  • mget has been removed.

  • mput has been removed.

  • stacktrace has been removed.

  • -f no longer raises an error.

  • Scripts stop immediately if any error occurs.

  • YAML output is now prefixed with --- and postfixed with ....

  • Scalars in YAML output are now properly quoted if necessary.

  • EDITOR, PAGER, and VISUAL are now treated as commands, not as filenames.

  • Repaired tab-completion for get and put.

  • Tab-completion now automatically adds the terminating space.

0.6.1

  • Connection timeout can now be set.

  • debugauth has been replaced by the logging level “AUTH”.

  • The authentication exchange can no longer be logged at the SASL level.

  • The revocation status of the server’s certificate is now checked, provided the non-standard cryptography Python module is available.

  • Output of cert is now in YAML.

  • ed and vi can create files again.

0.6

  • The authentication exchange can now be logged at the SASL level, too.

  • TLS can now be disabled. Only do this is if you are a system administrator and want to test your server configuration.

  • SieveManager now ships with a Bash completion script.

  • Added the cmp command.

  • Output of cert is now YAML.

  • ls now has a -a <ls -a> option.

  • more now has a -a <more -a> option.

  • edactive has been replaced with ed -a.

  • viactive has been replaced with vi -a.

  • Credentials are no longer looked up for a host’s domain if they cannot be found for the host.

  • requiretls has been replaced by tls.

  • The logins value of saslprep has been renamed to usernames.

  • showauth has been replaced by debugauth.

  • TLS certification validity checks are now stricter.

  • netrc fails to parse .netrc files without a password token in Python up to version 3.9. To mitigate this, .netrc parse errors are now downgraded to warnings when SieveManager is executed by Python version 3.9 or earlier.

  • Fixed SCRAM-SHA3-512 authentication.

0.5.1

“CRAM-MD5” and “LOGIN” are no longer enabled by default.

This is because both of them are, de facto, obsolete (“LOGIN” is non-standard and superseded by “PLAIN”, “CRAM-MD5” was close to being declared “historic” and is superseded by “SCRAM-*”) and because RFC 5804 (sec. 2.1) does not mandate that they must be used over TLS.

They can be enabled by -o authmechs=scram-*,cram-md5,plain,login.

0.5

First release.