v0.0.3 Release

The first functional release for early adopters. All core features implemented, and CLI is working.

Release Notes

• 📝 Fix typo in help output (pki-cli should be pinki)
• 🐞 Try using a shell script as the primary CLI entry-point

Full Changelog: twuni/pinki@v0.0.2...v0.0.3

Early Adopters Welcome!

Generate your own key from scratch right now by running npx pinki key.

Store that somewhere safe, and pipe it in as input to npx pinki key export to get a public key you can share for others to verify your signatures.

Sign a file by piping it in as input to npx pinki sign "$(cat /path/to/your-private-key)". Save the result to a file and publish it alongside the file you signed.

When your users download the file, they can download your public key and the signature for that file, then verify it via npx pinki verify "$(cat /path/to/your-public-key)" "$(cat /path/to/the-file.sig)" < /path/to/the-file.

Currently, Pinki does not interact with the filesystem directly. Each command is designed to (optionally) read some primary thing from standard input, and (definitely) output something meaningful to standard output. A side effect of that is that commands tend to look much different than typical CLI tools. Pinki encourages the use of subshells to resolve and provide inputs rather than being given a path to find them. While this may take some getting used to if you're not super comfortable with the command-line, it really shines when integrating Pinki into scripts and workflows where different pieces ultimately come from somewhere else, like a web server, a password manager, etc.