Daniel Clemente <n142...@gmail.com> writes: > Sometimes org-crypt fails to reencrypt the data. E.g. if Emacs > crashes, or if you fail to type the same password twice, or of course > if you don't use (org-crypt-use-before-save-magic), etc.
I do not think that there is anything left on disk if Emacs crashes. As for not typing the same password twice and not using org-crypt-use-before-save-magic, we should somehow fix this. (I am starting a new thread branch.) One simple idea is to disable backups if encryption fails. Or use `write-contents-functions' instead of `before-save-hook' - that way, Emacs will not ignore errors thrown by org-crypt and will not actually save anything if encryption fails. > At the end of the day when I do "git diff" + "git commit" sometimes I > realize there's unencrypted data and then I have to reencrypt it. In > the meantime I might have killed and reopened the buffer, thus > updating the file cache. > That may be a problem by org-encrypt and something to document in > org-crypt itself. The point is that users of org-encrypt should take > extra precautions when enabling org-element-cache-persistent. Like: > not closing buffers while the sections are unencrypted. These things should be considered bugs. And we should fix them. Cache and other libraries should not be responsible for special treatment of optional org-crypt library. -- Ihor Radchenko // yantar92, Org mode contributor, Learn more about Org mode at <https://orgmode.org/>. Support Org development at <https://liberapay.com/org-mode>, or support my work at <https://liberapay.com/yantar92>