{"id":13441847,"url":"https://github.com/jamessan/vim-gnupg","last_synced_at":"2026-01-26T20:11:30.467Z","repository":{"id":3355411,"uuid":"4400803","full_name":"jamessan/vim-gnupg","owner":"jamessan","description":"This script implements transparent editing of gpg encrypted files.","archived":false,"fork":false,"pushed_at":"2022-09-29T13:08:48.000Z","size":274,"stargazers_count":734,"open_issues_count":22,"forks_count":73,"subscribers_count":37,"default_branch":"main","last_synced_at":"2025-06-07T23:53:25.501Z","etag":null,"topics":["encryption","gnupg","vim-plugin","viml"],"latest_commit_sha":null,"homepage":"http://www.vim.org/scripts/script.php?script_id=3645","language":"Vim script","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jamessan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2012-05-22T01:19:49.000Z","updated_at":"2025-05-18T02:30:37.000Z","dependencies_parsed_at":"2023-01-11T16:16:43.204Z","dependency_job_id":null,"html_url":"https://github.com/jamessan/vim-gnupg","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/jamessan/vim-gnupg","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamessan%2Fvim-gnupg","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamessan%2Fvim-gnupg/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamessan%2Fvim-gnupg/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamessan%2Fvim-gnupg/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jamessan","download_url":"https://codeload.github.com/jamessan/vim-gnupg/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamessan%2Fvim-gnupg/sbom","scorecard":{"id":504210,"data":{"date":"2025-08-11","repo":{"name":"github.com/jamessan/vim-gnupg","commit":"f9b608f29003dfde6450931dc0f495a912973a88"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.7,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Code-Review","score":0,"reason":"Found 0/24 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":8,"reason":"2 out of the last 2 releases have a total of 2 signed artifacts.","details":["Info: signed release artifact: vim-gnupg-v2.7.1.tar.gz.asc: https://github.com/jamessan/vim-gnupg/releases/tag/v2.7.1","Info: signed release artifact: vim-gnupg-v2.7.0.tar.gz.asc: https://github.com/jamessan/vim-gnupg/releases/tag/v2.7.0","Warn: release artifact v2.7.1 does not have provenance: https://api.github.com/repos/jamessan/vim-gnupg/releases/33823376","Warn: release artifact v2.7.0 does not have provenance: https://api.github.com/repos/jamessan/vim-gnupg/releases/33683564"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 10 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-19T22:52:35.916Z","repository_id":3355411,"created_at":"2025-08-19T22:52:35.916Z","updated_at":"2025-08-19T22:52:35.916Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28787146,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-26T13:55:28.044Z","status":"ssl_error","status_checked_at":"2026-01-26T13:55:26.068Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["encryption","gnupg","vim-plugin","viml"],"created_at":"2024-07-31T03:01:38.800Z","updated_at":"2026-01-26T20:11:30.451Z","avatar_url":"https://github.com/jamessan.png","language":"Vim script","funding_links":[],"categories":["HarmonyOS","Vim Script"],"sub_categories":["Windows Manager"],"readme":"# vim-gnupg\n\nThis script implements transparent editing of gpg encrypted files. The filename\nmust have a `.gpg`, `.pgp` or `.asc` suffix. When opening such a file the\ncontent is decrypted, when opening a new file the script will ask for the\nrecipients of the encrypted file. The file content will be encrypted to all\nrecipients before it is written. The script turns off viminfo, swapfile, and\nundofile to increase security.\n\n## Installation\n\nUse your favorite [plugin manager](https://github.com/mhinz/vim-galore#managing-plugins).\n\nFor manual installation, use either\n[pathogen](https://github.com/tpope/vim-pathogen) (for old Vim versions) or\nVim's [packages](https://vimhelp.org/repeat.txt.html#packages).\n\n### pathogen\n\nClone or unpack into `$HOME/.vim/bundle`\n\n### Vim package\n\nClone or unpack into `$HOME/.vim/pack/gnupg/start/`\n\n## GPG Agent\n\nFrom `man 1 gpg-agent`:\n\n\u003e You should always add the following lines to your `.bashrc` or whatever\n\u003e initialization file is used for all shell invocations:\n\u003e\n\u003e     GPG_TTY=`tty`\n\u003e     export GPG_TTY\n\u003e\n\u003e It is important that this environment variable always reflects the output of\n\u003e the tty command. For W32 systems this option is not required.\n\nMost distributions provide software to ease handling of gpg and gpg-agent.\nExamples are keychain or seahorse.\n\n## Reacting to opening an encrypted file\n\nIf there are specific actions that should take place when editing a\nGnuPG-managed buffer, an autocmd for the User event and GnuPG pattern can be\ndefined. For example, the following will set `textwidth` to 72 for all\nGnuPG-encrypted buffers:\n\n    autocmd User GnuPG setl textwidth=72\n\nThis will be triggered before any BufRead or BufNewFile autocmds, and therefore\nwill not take precedence over settings specific to any filetype that may get\nset.\n\n## Known Issues\n\nIn some cases gvim can't decrypt files.\n\nThis is caused by the fact that a running gvim has no TTY and thus gpg is not\nable to ask for the passphrase by itself. This is a problem for Windows and\nLinux versions of gvim and could not be solved unless a \"terminal emulation\" is\nimplemented for gvim. To circumvent this you have to use any combination of\ngpg-agent and a graphical pinentry program:\n\n- gpg-agent only:\n  you need to provide the passphrase for the needed key to gpg-agent\n  in a terminal before you open files with gvim which require this key.\n- pinentry only:\n  you will get a popup window every time you open a file that needs to\n  be decrypted.\n- gpgagent and pinentry:\n  you will get a popup window the first time you open a file that\n  needs to be decrypted.\n\n## Credits\n\n- Mathieu Clabaut for inspirations through his vimspell.vim script.\n- Richard Bronosky for patch to enable `.pgp` suffix.\n- Erik Remmelzwaal for patch to enable windows support and patient beta testing.\n- Lars Becker for patch to make gpg2 working.\n- Thomas Arendsen Hein for patch to convert encoding of gpg output.\n- Karl-Heinz Ruskowski for patch to fix unknown recipients and trust model and\n  patient beta testing.\n- Giel van Schijndel for patch to get `GPG_TTY` dynamically.\n- Sebastian Luettich for patch to fix issue with symmetric encryption an set\n  recipients.\n- Tim Swast for patch to generate signed files.\n- James Vega for patches for better `*.asc` handling, better filename escaping\n  and better handling of multiple keyrings.\n\n## License\n\nThis program is free software; you can redistribute it and/or modify it under\nthe terms of the GNU General Public License as published by the Free Software\nFoundation; either version 2 of the License, or (at your option) any later\nversion. See https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjamessan%2Fvim-gnupg","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjamessan%2Fvim-gnupg","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjamessan%2Fvim-gnupg/lists"}