Merge pull request #209 from brotskydotcom/issue-207

Re-enable access to secret-service items with no target attribute.

Cargo.toml

@@ -6,7 +6,7 @@ keywords = ["password", "credential", "keychain", "keyring", "cross-platform"]
 license = "MIT OR Apache-2.0"
 name = "keyring"
 repository = "https://github.com/hwchen/keyring-rs.git"
-version = "3.2.0"
+version = "3.2.1"
 rust-version = "1.75"
 edition = "2021"
 exclude = [".github/"]
@@ -67,3 +67,6 @@ rpassword = "7"
 rand = "0.8"
 doc-comment = "0.3"
 whoami = "1"
+
+[package.metadata.docs.rs]
+features = ["apple-native", "windows-native", "sync-secret-service", "crypto-rust"]

README.md

@@ -61,7 +61,7 @@ This crate provides built-in implementations of the following platform-specific
 * _macOS_, _iOS_: The local keychain.
 * _Windows_: The Windows Credential Manager.
 
-To enable the stores you want, you use features: there is one feature for each possibly-included credential store. If you specify a feature (e.g., `dbus-secret-service`) _and_ your target platform (e.g., `freebsd`) supports that credential store, it will be included as the default credential store in that build. That way you can have a build command that specifies a single credential store for each of your target platforms, and use that same build command for all targets.
+To enable the stores you want, you use features: there is one feature for each possibly-included credential store. If you specify a feature (e.g., `dbus-secret-service`) _and_ your target platform (e.g., `freebsd`) supports that credential store, it will be included as the default credential store in that build. That way you can have a build command that specifies a single credential store for each of your target platforms, and use that same build command for all targets. (You cannot enable more than one keystore for a given platform, except when producing docs.)
 
 If you don't enable any credential stores that are supported on a specific target, the _mock_ keystore will be the default on that target. If you enable multiple credential stores for a specific target, you will get a compile error. See the [developer docs](https://docs.rs/keyring/) for details of which features control the inclusion of which credential stores (and which platforms each credential store targets).
 
@@ -91,7 +91,7 @@ The main API change between v2 and v3 is the addition of support for non-string
 
 Another API change between v2 and v3 is that the notion of a default feature set has gone away: you must now specify explicitly which crate-supported keystores you want included (other than the `mock` keystore, which is always present). So all keyring client developers will need to update their `Cargo.toml` file to use the new features correctly.
 
-All v2 data is fully forward-compatible with v3 data; there have been no changes at all in that respect. _However_, unlike v2, the v3 implementation of the secret service credential store will _not_ read credentials that were written by the v1 keyring. (For details about why this decision was made, see [this issue](https://github.com/hwchen/keyring-rs/issues/204)). Keyring clients who use the secret service and are still using old v1 credentials should replace those credentials with v2/v3 credentials. The CLI has been extended to allow reading and deleting v1 credentials (and thus provides sample code for how to do this).
+All v2 data is fully forward-compatible with v3 data; there have been no changes at all in that respect.
 
 The MSRV has been moved to 1.75, and all direct dependencies are at their latest stable versions.
 

examples/cli.rs

@@ -60,33 +60,6 @@ fn main() {
     }
 }
 
-#[cfg(all(
-    any(target_os = "linux", target_os = "freebsd", target_os = "openbsd"),
-    any(feature = "sync-secret-service", feature = "async-secret-service")
-))]
-mod v1 {
-    use keyring::{secret_service::SsCredential, Entry, Result};
-
-    /// Create a v1-like entry (one with no target attribute)
-    pub fn new_entry(service: &str, user: &str) -> Result<Entry> {
-        let cred = SsCredential::new_with_no_target(service, user)?;
-        Ok(Entry::new_with_credential(Box::new(cred)))
-    }
-}
-#[cfg(not(all(
-    any(target_os = "linux", target_os = "freebsd", target_os = "openbsd"),
-    any(feature = "sync-secret-service", feature = "async-secret-service")
-)))]
-mod v1 {
-    use keyring::Entry;
-
-    /// For everything but the secret service, v1 entries are the same as
-    /// regular entries with the default target.
-    pub fn new_entry(service: &str, user: &str) -> keyring::Result<Entry> {
-        Entry::new(service, user)
-    }
-}
-
 #[derive(Debug, Parser)]
 #[clap(author = "github.com/hwchen/keyring-rs")]
 /// Keyring CLI: A command-line interface to platform secure storage
@@ -108,12 +81,6 @@ pub struct Cli {
     /// The user for the entry.
     pub user: String,
 
-    #[clap(long, action, verbatim_doc_comment)]
-    /// Whether to look for v1 entries (that have no target).
-    /// N.B.: v1 entries can only be read or deleted, not set.
-    /// This may also find v2/v3 entries that have a target.
-    pub v1: bool,
-
     #[clap(subcommand)]
     pub command: Command,
 }
@@ -152,13 +119,7 @@ impl Cli {
     }
 
     fn entry_for(&self) -> Result<Entry> {
-        if self.v1 {
-            if self.target.is_some() {
-                eprintln!("usage error: You cannot specify both --target and --v1");
-                std::process::exit(1)
-            }
-            v1::new_entry(&self.service, &self.user)
-        } else if let Some(target) = &self.target {
+        if let Some(target) = &self.target {
             Entry::new_with_target(target, &self.service, &self.user)
         } else {
             Entry::new(&self.service, &self.user)

src/lib.rs

@@ -168,10 +168,13 @@ pub mod mock;
 //
 // no duplicate keystores on any platform
 //
-#[cfg(any(
-    all(feature = "linux-native", feature = "sync-secret-service"),
-    all(feature = "linux-native", feature = "async-secret-service"),
-    all(feature = "sync-secret-service", feature = "async-secret-service")
+#[cfg(all(
+    not(doc),
+    any(
+        all(feature = "linux-native", feature = "sync-secret-service"),
+        all(feature = "linux-native", feature = "async-secret-service"),
+        all(feature = "sync-secret-service", feature = "async-secret-service")
+    )
 ))]
 compile_error!("You can enable at most one keystore per target architecture");
 
@@ -181,7 +184,14 @@ compile_error!("You can enable at most one keystore per target architecture");
 
 #[cfg(all(target_os = "linux", feature = "linux-native"))]
 pub mod keyutils;
-#[cfg(all(target_os = "linux", feature = "linux-native"))]
+#[cfg(all(
+    target_os = "linux",
+    feature = "linux-native",
+    not(all(
+        doc,
+        any(feature = "sync-secret-service", feature = "async-secret-service")
+    ))
+))]
 pub use keyutils as default;
 
 #[cfg(all(