[bug#58381] yubikey-agent

[bug#58381] yubikey-agent

[Nicolas Graves via Guix-patches via]

Small go package series to add yubikey-agent.

-- 
Best regards,
Nicolas Graves

[bug#58381] [PATCH 1/3] gnu: Add go-github-com-go-piv-piv-go.

[Nicolas Graves via Guix-patches via]

* gnu/packages/security-token.scm (go-github-com-go-piv-piv-go): New variable.
---
 gnu/packages/security-token.scm | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index 447a7a582d..3dc619ed4f 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -17,6 +17,7 @@
 ;;; Copyright © 2022 John Kehayias <john.kehayias@protonmail.com>
 ;;; Copyright © 2022 Petr Hodina <phodina@protonmail.com>
 ;;; Copyright © 2022 Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
+;;; Copyright © 2022 Nicolas Graves <ngraves@ngraves.fr>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -44,6 +45,7 @@ (define-module (gnu packages security-token)
   #:use-module (guix build-system cargo)
   #:use-module (guix build-system cmake)
   #:use-module (guix build-system gnu)
+  #:use-module (guix build-system go)
   #:use-module (guix build-system glib-or-gtk)
   #:use-module (guix build-system python)
   #:use-module (gnu packages autotools)
@@ -967,3 +969,30 @@ (define-public cardpeek
 It also has limited support for Mifare Classic compatible cards (Thalys card)")
     (license license:gpl3+)
     (home-page "http://pannetrat.com/Cardpeek")))
+
+(define-public go-github-com-go-piv-piv-go
+  (package
+    (name "go-github-com-go-piv-piv-go")
+    (version "1.10.0")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://github.com/go-piv/piv-go")
+             (commit (string-append "v" version))))
+       (file-name (git-file-name name version))
+       (sha256
+        (base32 "1j2szvvwgd0ysbap42rap4f60pj4smmmrxjlx0y131l3ki6v6gdm"))))
+    (build-system go-build-system)
+    (arguments
+     '(#:import-path "github.com/go-piv/piv-go/piv"
+       #:unpack-path "github.com/go-piv/piv-go"
+       #:tests? #f))
+    (native-inputs (list pkg-config))
+    (propagated-inputs (list pcsc-lite))
+    (home-page "https://github.com/go-piv/piv-go")
+    (synopsis "A Go YubiKey PIV implementation")
+    (description "YubiKeys implement the PIV specification for managing smart
+card certificates. This package provides a simpler alternative to GPG for
+managing asymmetric keys on a YubiKey.")
+    (license license:asl2.0)))
-- 
2.38.0

[bug#58381] [PATCH 2/3] gnu: Add go-github-com-twpayne-go-pinentry-minimal.

[Nicolas Graves via Guix-patches via]

* gnu/packages/security-token.scm (go-github-com-twpayne-go-pinentry-minimal): New variable.
---
 gnu/packages/security-token.scm | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index 3dc619ed4f..af7325ee79 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -996,3 +996,28 @@ (define-public go-github-com-go-piv-piv-go
 card certificates. This package provides a simpler alternative to GPG for
 managing asymmetric keys on a YubiKey.")
     (license license:asl2.0)))
+
+(define-public go-github-com-twpayne-go-pinentry-minimal
+  (package
+    (name "go-github-com-twpayne-go-pinentry-minimal")
+    (version "0.0.0-20220113210447-2a5dc4396c2a")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://github.com/twpayne/go-pinentry-minimal")
+             (commit (go-version->git-ref version))))
+       (file-name (git-file-name name version))
+       (sha256
+        (base32 "1rzy0r8bf6qhfvymsg36db07pgrv10kn0yanc12ph73mg9rw2qgz"))))
+    (build-system go-build-system)
+    (arguments
+     '(#:import-path "github.com/twpayne/go-pinentry-minimal/pinentry"
+       #:unpack-path "github.com/twpayne/go-pinentry-minimal"))
+    (home-page "https://github.com/twpayne/go-pinentry-minimal")
+    (synopsis "Pinentry client")
+    (description
+     "This package provides a minimal client to GnuPG's pinentry,
+which only depends on Go's standard library.  It is a fork of
+@url{https://github.com/twpayne/go-pinentry}.")
+    (license license:expat)))
-- 
2.38.0

[bug#58381] [PATCH 3/3] gnu: Add yubikey-agent.

[Nicolas Graves via Guix-patches via]

* gnu/packages/security-token.scm (yubikey-agent): New variable.
---
 gnu/packages/security-token.scm | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index af7325ee79..306d0b86e6 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -62,6 +62,7 @@ (define-module (gnu packages security-token)
   #:use-module (gnu packages graphviz)
   #:use-module (gnu packages gnome)
   #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages golang)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages libusb)
   #:use-module (gnu packages linux)
@@ -1021,3 +1022,34 @@ (define-public go-github-com-twpayne-go-pinentry-minimal
 which only depends on Go's standard library.  It is a fork of
 @url{https://github.com/twpayne/go-pinentry}.")
     (license license:expat)))
+
+(define-public yubikey-agent
+  (let* ((commit "6d9db9c29100daacbe83e74653c79c94acc5958d")
+         (revision "1"))
+    (package
+      (name "yubikey-agent")
+      (version (git-version "0" revision commit))
+      (source
+       (origin
+         (method git-fetch)
+         (uri (git-reference
+               (url "https://github.com/FiloSottile/yubikey-agent")
+               (commit commit)))
+         (file-name (git-file-name name version))
+         (sha256
+          (base32 "06y2qjq0m365sdl6inxzfnqyd346i5sgfis5crw2zmgsl1q5kdws"))))
+      (build-system go-build-system)
+      (arguments
+       '(#:import-path "filippo.io/yubikey-agent"))
+      (propagated-inputs
+       (list go-golang-org-x-term
+             go-golang-org-x-sys
+             go-golang-org-x-crypto
+             go-github-com-twpayne-go-pinentry-minimal
+             go-github-com-go-piv-piv-go
+             pcsc-lite))
+      (native-inputs (list pkg-config))
+      (home-page "https://filippo.io/yubikey-agent")
+      (synopsis "yubikey-agent")
+      (description "yubikey-agent is a seamless ssh-agent for YubiKeys.")
+      (license license:bsd-3))))
-- 
2.38.0

[bug#58381] [PATCH 1/3] gnu: Add go-github-com-go-piv-piv-go.

[Christopher Baines]

[-- Attachment #1: Type: text/plain, Size: 2534 bytes --]


Nicolas Graves via Guix-patches via <guix-patches@gnu.org> writes:

> * gnu/packages/security-token.scm (go-github-com-go-piv-piv-go): New variable.
> ---
>  gnu/packages/security-token.scm | 29 +++++++++++++++++++++++++++++
>  1 file changed, 29 insertions(+)

Hi Nicolas,

These patches look pretty good to me, just some things to check with
propagated-inputs though.

> diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
> index 447a7a582d..3dc619ed4f 100644
> --- a/gnu/packages/security-token.scm
> +++ b/gnu/packages/security-token.scm
> @@ -17,6 +17,7 @@
>  ;;; Copyright © 2022 John Kehayias <john.kehayias@protonmail.com>
>  ;;; Copyright © 2022 Petr Hodina <phodina@protonmail.com>
>  ;;; Copyright © 2022 Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
> +;;; Copyright © 2022 Nicolas Graves <ngraves@ngraves.fr>
>  ;;;
>  ;;; This file is part of GNU Guix.
>  ;;;
> @@ -44,6 +45,7 @@ (define-module (gnu packages security-token)
>    #:use-module (guix build-system cargo)
>    #:use-module (guix build-system cmake)
>    #:use-module (guix build-system gnu)
> +  #:use-module (guix build-system go)
>    #:use-module (guix build-system glib-or-gtk)
>    #:use-module (guix build-system python)
>    #:use-module (gnu packages autotools)
> @@ -967,3 +969,30 @@ (define-public cardpeek
>  It also has limited support for Mifare Classic compatible cards (Thalys card)")
>      (license license:gpl3+)
>      (home-page "http://pannetrat.com/Cardpeek")))
> +
> +(define-public go-github-com-go-piv-piv-go
> +  (package
> +    (name "go-github-com-go-piv-piv-go")
> +    (version "1.10.0")
> +    (source
> +     (origin
> +       (method git-fetch)
> +       (uri (git-reference
> +             (url "https://github.com/go-piv/piv-go")
> +             (commit (string-append "v" version))))
> +       (file-name (git-file-name name version))
> +       (sha256
> +        (base32 "1j2szvvwgd0ysbap42rap4f60pj4smmmrxjlx0y131l3ki6v6gdm"))))
> +    (build-system go-build-system)
> +    (arguments
> +     '(#:import-path "github.com/go-piv/piv-go/piv"
> +       #:unpack-path "github.com/go-piv/piv-go"
> +       #:tests? #f))
> +    (native-inputs (list pkg-config))
> +    (propagated-inputs (list pcsc-lite))

What relation does pcsc-lite have to this package, and why does it need
to be propagated?

If this can be avoid, that would be good. Otherwise it would be good to
mention why the propagation is needed in a comment.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 987 bytes --]

[bug#58381] [PATCH 3/3] gnu: Add yubikey-agent.

[Christopher Baines]

[-- Attachment #1: Type: text/plain, Size: 542 bytes --]


Nicolas Graves via Guix-patches via <guix-patches@gnu.org> writes:

> +      (propagated-inputs
> +       (list go-golang-org-x-term
> +             go-golang-org-x-sys
> +             go-golang-org-x-crypto
> +             go-github-com-twpayne-go-pinentry-minimal
> +             go-github-com-go-piv-piv-go
> +             pcsc-lite))

Similar comment here regarding the propagated inputs.

This looks excessive, I'm guessing yubikey-agent includes binaries, so
why are these go things required in the profile at runtime?

Thanks,

Chris

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 987 bytes --]

[bug#58381] [PATCH 1/3] gnu: Add go-github-com-go-piv-piv-go.

[Nicolas Graves via Guix-patches via]

On 2022-10-11 11:48, Christopher Baines wrote:

> What relation does pcsc-lite have to this package, and why does it need
> to be propagated?
>
> If this can be avoid, that would be good. Otherwise it would be good to
> mention why the propagation is needed in a comment.

For piv-go, in their README:

To build on Linux, piv-go requires PCSC lite. To install on Debian-based distros, run:
sudo apt-get install libpcsclite-dev

==> So probably no need to propagate here.

----

For yubikey-agent:

The package relies on pcscd (daemon) to run on linux, which is already
available in guix. Maybe it's better to say that in the README ? Instead
of the package, what it needs is actually the service.

I've also written some tested lines for a yubikey-agent
configuration/feature (as done in the RDE project) shepherd service,
although as it is really tiny, I didn't know if I should've contributed
this.

It looks like that, and did work (it also depends on the acceptance of
the patch https://issues.guix.gnu.org/52900 in this case):

(define* (feature-yubikey-agent
          #:key
          (yubikey-agent yubikey-agent))
  "Configure Yubikey-Agent."
  (ensure-pred file-like? yubikey-agent)

  (define (get-system-services _)
    (list
     (service pcscd-service-type)
     (udev-rules-service
      'yubikey
      (file->udev-rule
       "70-u2f.rules"
       (file-append libfido2 "/udev/rules.d/70-u2f.rules")))))

  ;; (define (get-home-services config)
  ;;   (list
  ;;    ;; MAYBE: It should be installed system-wide?
  ;;    (simple-service
  ;;     'yubikey-agent-add-yubikey-agent-package
  ;;     home-profile-service-type
  ;;     (list yubikey-agent))
  ;;    (simple-service
  ;;    'start-yubikey-agent-at-startup
  ;;    home-shepherd-service-type
  ;;    (list (shepherd-service
  ;;           (documentation "Run the yubikey-agent.")
  ;;           (provision '(yubikey-agent))
  ;;           (requirement '())
  ;;           (start #~(make-forkexec-constructor
  ;;                     (list (string-append
  ;;                            #$yubikey-agent "/bin/yubikey-agent")
  ;;                            "-l" "/tmp/yubikey-agent.sock")))
  ;;           (stop #~(make-kill-destructor)))))))

  (feature
   (name 'yubikey-agent)
   (values `((yubikey-agent . ,yubikey-agent)))
   (system-services-getter get-system-services)
   ;; (home-services-getter get-home-services)
   ))


I'm not sure what would be the guideline here regarding doing or
avoiding propagations. WDYT? (I'm sending a V2 once I have a clearer
idea of what makes sense).

---

From the package README:

On Arch, use [the `yubikey-agent` package](https://aur.archlinux.org/packages/yubikey-agent/) from the AUR.

```
git clone https://aur.archlinux.org/yubikey-agent.git
cd yubikey-agent && makepkg -si

systemctl daemon-reload --user
sudo systemctl enable --now pcscd.socket
systemctl --user enable --now yubikey-agent

export SSH_AUTH_SOCK="${XDG_RUNTIME_DIR}/yubikey-agent/yubikey-agent.sock"
```
-- 
Best regards,
Nicolas Graves

[bug#58381] [PATCH 1/3] gnu: Add go-github-com-go-piv-piv-go.

[Christopher Baines]

[-- Attachment #1: Type: text/plain, Size: 2874 bytes --]


Nicolas Graves <ngraves@ngraves.fr> writes:

> On 2022-10-11 11:48, Christopher Baines wrote:
>
>> What relation does pcsc-lite have to this package, and why does it need
>> to be propagated?
>>
>> If this can be avoid, that would be good. Otherwise it would be good to
>> mention why the propagation is needed in a comment.
>
> For piv-go, in their README:
>
> To build on Linux, piv-go requires PCSC lite. To install on Debian-based distros, run:
> sudo apt-get install libpcsclite-dev
>
> ==> So probably no need to propagate here.
>
> ----
>
> For yubikey-agent:
>
> The package relies on pcscd (daemon) to run on linux, which is already
> available in guix. Maybe it's better to say that in the README ? Instead
> of the package, what it needs is actually the service.
>
> I've also written some tested lines for a yubikey-agent
> configuration/feature (as done in the RDE project) shepherd service,
> although as it is really tiny, I didn't know if I should've contributed
> this.
>
> It looks like that, and did work (it also depends on the acceptance of
> the patch https://issues.guix.gnu.org/52900 in this case):
>
> (define* (feature-yubikey-agent
>           #:key
>           (yubikey-agent yubikey-agent))
>   "Configure Yubikey-Agent."
>   (ensure-pred file-like? yubikey-agent)
>
>   (define (get-system-services _)
>     (list
>      (service pcscd-service-type)
>      (udev-rules-service
>       'yubikey
>       (file->udev-rule
>        "70-u2f.rules"
>        (file-append libfido2 "/udev/rules.d/70-u2f.rules")))))
>
>   ;; (define (get-home-services config)
>   ;;   (list
>   ;;    ;; MAYBE: It should be installed system-wide?
>   ;;    (simple-service
>   ;;     'yubikey-agent-add-yubikey-agent-package
>   ;;     home-profile-service-type
>   ;;     (list yubikey-agent))
>   ;;    (simple-service
>   ;;    'start-yubikey-agent-at-startup
>   ;;    home-shepherd-service-type
>   ;;    (list (shepherd-service
>   ;;           (documentation "Run the yubikey-agent.")
>   ;;           (provision '(yubikey-agent))
>   ;;           (requirement '())
>   ;;           (start #~(make-forkexec-constructor
>   ;;                     (list (string-append
>   ;;                            #$yubikey-agent "/bin/yubikey-agent")
>   ;;                            "-l" "/tmp/yubikey-agent.sock")))
>   ;;           (stop #~(make-kill-destructor)))))))
>
>   (feature
>    (name 'yubikey-agent)
>    (values `((yubikey-agent . ,yubikey-agent)))
>    (system-services-getter get-system-services)
>    ;; (home-services-getter get-home-services)
>    ))
>
>
> I'm not sure what would be the guideline here regarding doing or
> avoiding propagations. WDYT? (I'm sending a V2 once I have a clearer
> idea of what makes sense).

I'd try avoiding all the propagated inputs and then tackle the issue of
getting the service working separately.

Thanks,

Chris

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 987 bytes --]

[bug#58381] [PATCH 1/3] gnu: Add go-github-com-go-piv-piv-go.

[Nicolas Graves via Guix-patches via]

* gnu/packages/security-token.scm (go-github-com-go-piv-piv-go): New variable.
---
 gnu/packages/security-token.scm | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index 447a7a582d..a286f7a631 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -17,6 +17,7 @@
 ;;; Copyright © 2022 John Kehayias <john.kehayias@protonmail.com>
 ;;; Copyright © 2022 Petr Hodina <phodina@protonmail.com>
 ;;; Copyright © 2022 Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
+;;; Copyright © 2022 Nicolas Graves <ngraves@ngraves.fr>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -44,6 +45,7 @@ (define-module (gnu packages security-token)
   #:use-module (guix build-system cargo)
   #:use-module (guix build-system cmake)
   #:use-module (guix build-system gnu)
+  #:use-module (guix build-system go)
   #:use-module (guix build-system glib-or-gtk)
   #:use-module (guix build-system python)
   #:use-module (gnu packages autotools)
@@ -967,3 +969,30 @@ (define-public cardpeek
 It also has limited support for Mifare Classic compatible cards (Thalys card)")
     (license license:gpl3+)
     (home-page "http://pannetrat.com/Cardpeek")))
+
+(define-public go-github-com-go-piv-piv-go
+  (package
+    (name "go-github-com-go-piv-piv-go")
+    (version "1.10.0")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://github.com/go-piv/piv-go")
+             (commit (string-append "v" version))))
+       (file-name (git-file-name name version))
+       (sha256
+        (base32 "1j2szvvwgd0ysbap42rap4f60pj4smmmrxjlx0y131l3ki6v6gdm"))))
+    (build-system go-build-system)
+    (arguments
+     '(#:import-path "github.com/go-piv/piv-go/piv"
+       #:unpack-path "github.com/go-piv/piv-go"
+       #:tests? #f))
+    (inputs (list pcsc-lite))
+    (native-inputs (list pkg-config))
+    (home-page "https://github.com/go-piv/piv-go")
+    (synopsis "A Go YubiKey PIV implementation")
+    (description "YubiKeys implement the PIV specification for managing smart
+card certificates. This package provides a simpler alternative to GPG for
+managing asymmetric keys on a YubiKey.")
+    (license license:asl2.0)))
-- 
2.38.0

[bug#58381] [PATCH 2/3] gnu: Add go-github-com-twpayne-go-pinentry-minimal.

[Nicolas Graves via Guix-patches via]

* gnu/packages/security-token.scm (go-github-com-twpayne-go-pinentry-minimal): New variable.
---
 gnu/packages/security-token.scm | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index a286f7a631..78a6388006 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -996,3 +996,28 @@ (define-public go-github-com-go-piv-piv-go
 card certificates. This package provides a simpler alternative to GPG for
 managing asymmetric keys on a YubiKey.")
     (license license:asl2.0)))
+
+(define-public go-github-com-twpayne-go-pinentry-minimal
+  (package
+    (name "go-github-com-twpayne-go-pinentry-minimal")
+    (version "0.0.0-20220113210447-2a5dc4396c2a")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://github.com/twpayne/go-pinentry-minimal")
+             (commit (go-version->git-ref version))))
+       (file-name (git-file-name name version))
+       (sha256
+        (base32 "1rzy0r8bf6qhfvymsg36db07pgrv10kn0yanc12ph73mg9rw2qgz"))))
+    (build-system go-build-system)
+    (arguments
+     '(#:import-path "github.com/twpayne/go-pinentry-minimal/pinentry"
+       #:unpack-path "github.com/twpayne/go-pinentry-minimal"))
+    (home-page "https://github.com/twpayne/go-pinentry-minimal")
+    (synopsis "Pinentry client")
+    (description
+     "This package provides a minimal client to GnuPG's pinentry,
+which only depends on Go's standard library.  It is a fork of
+@url{https://github.com/twpayne/go-pinentry}.")
+    (license license:expat)))
-- 
2.38.0

[bug#58381] [PATCH 3/3] gnu: Add yubikey-agent.

[Nicolas Graves via Guix-patches via]

* gnu/packages/security-token.scm (yubikey-agent): New variable.
---
 gnu/packages/security-token.scm | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index 78a6388006..a6782804fd 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -62,6 +62,7 @@ (define-module (gnu packages security-token)
   #:use-module (gnu packages graphviz)
   #:use-module (gnu packages gnome)
   #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages golang)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages libusb)
   #:use-module (gnu packages linux)
@@ -1021,3 +1022,34 @@ (define-public go-github-com-twpayne-go-pinentry-minimal
 which only depends on Go's standard library.  It is a fork of
 @url{https://github.com/twpayne/go-pinentry}.")
     (license license:expat)))
+
+(define-public yubikey-agent
+  (let* ((commit "6d9db9c29100daacbe83e74653c79c94acc5958d")
+         (revision "1"))
+    (package
+      (name "yubikey-agent")
+      (version (git-version "0" revision commit))
+      (source
+       (origin
+         (method git-fetch)
+         (uri (git-reference
+               (url "https://github.com/FiloSottile/yubikey-agent")
+               (commit commit)))
+         (file-name (git-file-name name version))
+         (sha256
+          (base32 "06y2qjq0m365sdl6inxzfnqyd346i5sgfis5crw2zmgsl1q5kdws"))))
+      (build-system go-build-system)
+      (arguments
+       '(#:import-path "filippo.io/yubikey-agent"))
+      (inputs
+       (list go-golang-org-x-term
+             go-golang-org-x-sys
+             go-golang-org-x-crypto
+             go-github-com-twpayne-go-pinentry-minimal
+             go-github-com-go-piv-piv-go
+             pcsc-lite))
+      (native-inputs (list pkg-config))
+      (home-page "https://filippo.io/yubikey-agent")
+      (synopsis "yubikey-agent")
+      (description "yubikey-agent is a seamless ssh-agent for YubiKeys.")
+      (license license:bsd-3))))
-- 
2.38.0