Bug 245388 - devel/git-cola: dependency on Tcl/Tk
Summary: devel/git-cola: dependency on Tcl/Tk
Status: Closed Unable to Reproduce
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Dave Cottlehuber
Depends on:
Reported: 2020-04-06 00:42 UTC by waitman
Modified: 2020-05-25 21:59 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (dch)

add tk87 to Makefile, change wish to wish8.7 in ssh-askpass (1.25 KB, patch)
2020-04-06 22:49 UTC, waitman
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description waitman 2020-04-06 00:42:36 UTC
Git Cola appears to have a dependency on Tcl and Tk, and calls 

/usr/bin/env tclsh and 
exec wish "$0" -- "$@"

both of which do not exist (?) even after unless manual soft-links are created, or perhaps the tcl-wrapper port is installed. (not sure if that solves the problem with wish)

When setting up a new "remote" in Git Cola, it causes and error "wish not found". Git Cola uses wish/Tk to get the SSH key password.
Comment 1 waitman 2020-04-06 22:49:21 UTC
Created attachment 213141 [details]
add tk87 to Makefile, change wish to wish8.7 in ssh-askpass

proposed patch for port
Comment 2 Dave Cottlehuber freebsd_committer 2020-04-07 08:37:55 UTC
waitman thanks for the bug & patch.

I'd prefer to add this as an option to the port, rather than include a dependency
for everybody, as using ssh passwords is considered poor security practise these days, but I'm sure you have good reasons for doing so.

Would that work for you?

Alternatively I can make the script change, skip the dependency, and mention it in pkg-message for those who need it.
Comment 3 Dave Cottlehuber freebsd_committer 2020-04-07 09:09:08 UTC
wwops I might have mis-read your error report - you're saying that if you're not using ssh-agent *and* your ssh key needs a password, then this happens?

I can't replicate the issue at all here, can you clarify what you're doing and how your ssh(agent) is set up?
Comment 4 waitman 2020-04-07 15:17:12 UTC
yes, take a look at 


the line "exec wish" (wish from ports is wish8.7 or whatever version installed)

one could simply make a softlink, so a note would be OK. 

note, in git-cola master on github they changed that script to use
#!/usr/bin/env tclsh

instead of using sh, which causes another problem coming down the pike.
Comment 5 Dave Cottlehuber freebsd_committer 2020-04-09 08:04:04 UTC
I'm not sure we have the right solution yet, some comments.

- ssh-askpass is a generic interface, this included one is a fallback
- ports has 3 versions of Tk8[567] available & defaults to Tk86
- if we have to require a Tk8 optional dependency then that port should install /usr/local/bin/wish as a default for other ports like this to depend on
- I still can't reproduce this locally, can you please explain what is needed to trigger this?

I suspect the correct approach is to install one of these:

security/R-cran-askpass   Safe Password Entry for R, Git, and SSH
security/gnome-ssh-askpass Graphical SSH askpass utility for Gnome2
security/lxqt-openssh-askpass LXQt GUI dialog for OpenSSH authentication
security/openssh-askpass  Graphical password applet for entering SSH passphrase
security/plasma5-ksshaskpass Plasma5 ssh-add frontend
security/ssh_askpass_gtk2 Tiny GTK2 ssh askpass replacement

waitman any other comments? if you install one of the above, does this resolve your issue? if so, I'll add this as a post-install message.
Comment 6 Dave Cottlehuber freebsd_committer 2020-04-23 21:32:35 UTC

As I can't replicate the issue, and there are a few alternatives proposed, if I don't get an update I'll close this in a couple of weeks.
Comment 7 Dave Cottlehuber freebsd_committer 2020-05-25 21:58:36 UTC
per last request for info, closing as I can't reproduce this.

NB upstream mentions in https://github.com/git-cola/git-cola/issues/377

> We honor both GIT_ASKPASS and SSH_ASKPASS set in the environment, via git.

This is probably a workable solution.