Show HN: HiSHtory: Your shell history in context, synced, and queryable (github.com)
hiSHtory is a better shell history. It stores your shell history in context (what directory you ran the command it, whether it succeeded or failed, how long it took, etc). This is all stored locally and end-to-end encrypted for syncing to to all your other computers. All of this is easily queryable via Control-R and via the hishtory CLI. This means from your laptop, you can easily find that complex bash pipeline you wrote on your server, and see the context in which you ran it.
74 comments
[ 3.7 ms ] story [ 119 ms ] thread[0]: https://atuin.sh/
But otherwise yes, the tools are pretty similar! Nice to see another in the space
*: context, I'm the maintainer so may be biased ;)
[0]: https://github.com/curusarn/resh
(Btw I read the util name in Sean Connerys voice)
> curl https://hishtory.dev/install.py | python3 -
Also just a heads up, I find the demo gif to be unintelligibly fast.
> if I delete something using `hishtory redact` does it delete it from my native shell history too
It does not (though if you think it should, please open an issue and I'm happy to add this!)
> Also just a heads up, I find the demo gif to be unintelligibly fast.
Ah thanks! Updating.
Is the history visible and editable by the user ? ( does not have to be overriding a existing command )
I used to use something before, probably McFly, that had way better search results.
https://github.com/cantino/mcfly
https://github.com/ellie/atuin
> You may use either the server I host, or host your own! Or just don't use sync at all.
I sincerely appreciate the fact that you provided these as alternatives, because wow, offline only, with no synchronization? That's honestly really nice to see compared to this tool.
[1] https://til.marcuse.info/bash/bash-infinite-history.html
This isn't supported quite yet, but is the next item on the road map.
If it can't be self hosted, despite end to end encryption it's a big no no for me.
Edit. I read the code
As it is, this is a blocker for me even trying it out. Even if it could eventually be disabled, I don't want it to have network access at all.
another suggestion is to have a setting for the timestamp format
What was much more interesting to me is how this tool hooks into the shell to record commands. This can be found here: https://github.com/ddworken/hishtory/tree/master/client/lib/...
Also, Github pro tip: Press `t` when on any github repo to bring up fuzzy matching that can be used to easily find any specific file.
[Q: can this tool help? As far as in understand, it seems that YEEEES!!!]
#write to history file at each shell prompt
(Unless I read your comment wrong.)I will try it because the history tool looks like an interesting take, but the security model is not ok for multi computer use.
Yesterday I was tired and working on a friend serveur. The ssh prompt was different and I entered the password from a account while the remote port has hang up on me. So effectively typing “password” straight on my shell.
His password is in my history now. I removed it but that type of thing happen all the time. ( Not that much in a professional settings, password tends to fade away )
Not that it probably would have helped in this situation, but maybe useful for others.
Usually if I have to enter secrets in my shell, I do something like this in order to save the useful stuff to history but hiding the secrets:
- ` export PASSWORD=hunter2` (notice the space before "export")
- `service-cli login username $PASSWORD` (no space before, gets saved to shell history)
HISTCONTROL=ignorespace # bash
setopt hist_ignore_space # zsh
These go into ~/.bashrc or ~/.zshrc, respectively. zsh is really smart about this and always enables you to retrieve the immediate previous line with arrow-up, no matter whether it's got preceding whitespace or not.
- read -s PASSWORD
- service-cli login username $(cat)
At least you probably don't want to use `export` when setting the variable.
The better written ones might accept it in env but that will also stay in history.
But if someone have access to your home they can put keylogger in the .profile/.bashrc so it's not really relevant...
`the-command --password $(read -s;echo $REPLY)`
also you still have the `export REPLY=password` in history.
sure you can source it out of file but, well, that file have same permissions (or looser! if you forgot to change) as your .bash_history file.
`cat password|command` is the safest one (or, well, something 12 factor app clowns hate, a config file)
A table comparing these and existing tools would be ideal to show what's unique about this one.
I also did not enjoy that the install script is not in the repo.
All jokes aside, from reading the threads, I see there are other alternatives, most interestingly atuin and fzf. I used fzf for a while, but didn't use the history features. Atuin looks amazing, and installs using nix-shell. My litmus test for whether something is safe to use is nix-shell these days; I'm not excited about running a curl script into python as my starting point!
Does anyone have references on whether atuin and fzf can be used together, or should you only use one or the other? I liked fzf but the encrypted remote sync feature of atuin looks really fascinating.