[Bug 4197] New: Mercurial should solicit passwords as text (Unicode)

[mercurial-bugs at selenic.com]

http://bz.selenic.com/show_bug.cgi?id=4197

          Priority: normal
            Bug ID: 4197
                CC: mercurial-devel at selenic.com
          Assignee: bugzilla at selenic.com
           Summary: Mercurial should solicit passwords as text (Unicode)
          Severity: feature
    Classification: Unclassified
                OS: All
          Reporter: jaraco at jaraco.com
          Hardware: All
            Status: UNCONFIRMED
           Version: unspecified
         Component: Mercurial
           Product: Mercurial

Currently, at least in some environments, Mercurial solicits passwords
(user-input text) as byte strings with an unknown encoding. When these
passwords are passed to downstream libraries like mercurial_keyring, it results
in complications when trying to store those passwords (see
https://bitbucket.org/Mekk/mercurial_keyring/issue/33/unicodedecodeerror-when-entering-password).
Mercurial_keyring leverages keyring, which provides a higher-level interface,
allowing only text or byte strings that can be decoded with the default
encoding. Keyring requires this interface because (a) some of its backends
require Unicode and (b) it's the right thing to do (decode early, encode late,
always pass Unicode).

Because Mercurial solicits the passwords and consumes the passwords, it is the
only library with the potential to properly decode the passwords to text.

Mercurial should provide this guarantee or some guarantee about the encoding of
passwords.

-- 
You are receiving this mail because:
You are on the CC list for the bug.