we also include --decrypt=auto in the tab completion.
return
;;
--decrypt)
- COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
+ COMPREPLY=( $( compgen -W "true false auto" -- "${cur}" ) )
return
;;
esac
$split &&
case "${prev}" in
--decrypt)
- COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
+ COMPREPLY=( $( compgen -W "true false auto" -- "${cur}" ) )
return
;;
esac
$split &&
case "${prev}" in
--decrypt)
- COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
+ COMPREPLY=( $( compgen -W "true false auto" -- "${cur}" ) )
return
;;
esac
``--no-hooks``
Prevent hooks from being run.
- ``--decrypt=(true|false)``
+ ``--decrypt=(true|auto|false)``
- If true and the message is encrypted, try to decrypt the
- message while indexing. If decryption is successful, index
+ If ``true`` and the message is encrypted, try to decrypt the
+ message while indexing. If ``auto``, and notmuch already
+ knows about a session key for the message, it will try
+ decrypting using that session key but will not try to access
+ the user's secret keys. If decryption is successful, index
the cleartext itself. Either way, the message is always
- stored to disk in its original form (ciphertext). Be aware
- that the index is likely sufficient to reconstruct the
- cleartext of the message itself, so please ensure that the
+ stored to disk in its original form (ciphertext).
+
+ Be aware that the index is likely sufficient to reconstruct
+ the cleartext of the message itself, so please ensure that the
notmuch message index is adequately protected. DO NOT USE
``--decrypt=true`` without considering the security of
your index.
``--quiet``
Do not print progress or results.
- ``--decrypt=(true|false)``
+ ``--decrypt=(true|auto|false)``
- If true, when encountering an encrypted message, try to
+ If ``true``, when encountering an encrypted message, try to
decrypt it while indexing. If decryption is successful, index
- the cleartext itself. Be aware that the index is likely
+ the cleartext itself. If ``auto``, try to use any session key
+ already known to belong to this message, but do not attempt to
+ use the user's secret keys.
+
+ Be aware that the index is likely
sufficient to reconstruct the cleartext of the message itself,
so please ensure that the notmuch message index is adequately
protected. DO NOT USE ``--decrypt=true`` without
Supported options for **reindex** include
- ``--decrypt=(true|false)``
-
- If true, when encountering an encrypted message, try to
- decrypt it while reindexing. If decryption is successful,
- index the cleartext itself. Be aware that the index is likely
- sufficient to reconstruct the cleartext of the message itself,
- so please ensure that the notmuch message index is adequately
- protected. DO NOT USE ``--decrypt=true`` without
- considering the security of your index.
+ ``--decrypt=(true|auto|false)``
+
+ If ``true``, when encountering an encrypted message, try to
+ decrypt it while reindexing. If ``auto``, and notmuch already
+ knows about a session key for the message, it will try
+ decrypting using that session key but will not try to access
+ the user's secret keys. If decryption is successful, index
+ the cleartext itself.
+
+ Be aware that the index is likely sufficient to reconstruct
+ the cleartext of the message itself, so please ensure that the
+ notmuch message index is adequately protected. DO NOT USE
+ ``--decrypt=true`` without considering the security of your
+ index.
See also ``index.decrypt`` in **notmuch-config(1)**.