FEED Validator

for Atom and RSS and KML

Congratulations!

This is a valid RSS feed.

Recommendations

This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.

line 105, column 0: Invalid HTML: malformed start tag, at line 72, column 19 (2 occurrences) [help]
```
    Rob Allen <rob@akrabat.com>
```
line 173, column 3: content:encoded should not contain relative URL references: #script (2 occurrences) [help]
```
]]></content:encoded>
   ^
```
line 306, column 0: Non-html tag: picture (6 occurrences) [help]
```
<picture><source  
```
line 313, column 0: content:encoded should not contain decoding attribute (9 occurrences) [help]
```
    <img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/0 ...
```
line 313, column 0: content:encoded should not contain loading attribute (7 occurrences) [help]
```
    <img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/0 ...
```
line 443, column 0: content:encoded should not contain fetchpriority attribute [help]
```
<p><img fetchpriority="high" decoding="async" src="https://akrabat.com/wp-co ...
```

Source: http://akrabat.com/feed/

<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
xmlns:content="http://purl.org/rss/1.0/modules/content/"
xmlns:wfw="http://wellformedweb.org/CommentAPI/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:atom="http://www.w3.org/2005/Atom"
xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
>
<channel>
<title>Rob Allen</title>
<atom:link href="https://akrabat.com/feed/" rel="self" type="application/rss+xml" />
<link>https://akrabat.com</link>
<description>Pragmatism in today's world</description>
<lastBuildDate>Tue, 19 Aug 2025 12:30:31 +0000</lastBuildDate>
<language>en-US</language>
<sy:updatePeriod>
hourly </sy:updatePeriod>
<sy:updateFrequency>
1 </sy:updateFrequency>
<generator>https://wordpress.org/?v=6.8.2</generator>
<item>
<title>Converting JWKS JSON to PEM using Python</title>
<link>https://akrabat.com/converting-jwks-json-to-pem-using-python/</link>
<comments>https://akrabat.com/converting-jwks-json-to-pem-using-python/#respond</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 09 Sep 2025 10:00:00 +0000</pubDate>
<category><![CDATA[Command Line]]></category>
<category><![CDATA[Python]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7484</guid>
<description><![CDATA[Following on from my earlier exploration of JWKS (RFC7517), I found myself needing to convert the JWKS into PEM format. This time I turned to Python with my preference of using uv with inline script metadata and created jwks-to-pem.py. The really nice thing about inline script metadata is that we can use the cryptography package to do all the hard work with RSA and serialisation. We just have to remember that the base64 encoded values… <a href="https://akrabat.com/converting-jwks-json-to-pem-using-python/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>Following on from my <a href="https://akrabat.com/creating-jwks-json-file-in-php/">earlier exploration of JWKS</a> (<a href="https://www.rfc-editor.org/rfc/rfc7517">RFC7517</a>), I found myself needing to convert the JWKS into PEM format.</p>
<p>This time I turned to Python with my preference of using <a href="https://github.com/astral-sh/uv">uv</a> with <a href="https://akrabat.com/defining-python-dependencies-at-the-top-of-the-file/">inline script metadata</a> and created <a href="#script"><tt>jwks-to-pem.py</tt></a>.</p>
<p>The really nice thing about inline script metadata is that we can use the <a href="https://pypi.org/project/cryptography/">cryptography package</a> to do all the hard work with RSA and serialisation. We just have to remember that the base64 encoded values are <a href="https://datatracker.ietf.org/doc/html/rfc4648#section-5">base64 URL encoded</a> and account for it.</p>
<p>As a single file python script, I make it executable with <tt>chmod +x jwks-to-pem.py</tt> and made it so that I can pipe the output of a <a href="https://curl.se">curl</a> call to it, or pass in a JSON file. I prefer to use the <tt>curl</tt> solution though with:</p>
<pre>
curl -s https://example.com/.well-known/jwks.json | jwks-to-pem.py
</pre>
<h3>Example</h3>
<p>Here's an example from the <a href="https://developer.api.apps.cam.ac.uk/docs/oauth2/1/routes/.well-known/jwks.json/get">University of Cambridge</a>.</p>
<p>On the day I wrote this article, the JWKS looks like this:</p>
<pre>
$ curl -s https://api.apps.cam.ac.uk/oauth2/v1/.well-known/jwks.json
{
"keys": [
{
"alg": "RS256",
"e": "AQAB",
"n": "6kKjjctVPalX0ypJ2irwog8xIXS9JTABqrSnK_n3YJ4q0aH2-1bjGbWz8p1CaCUqDxQSDuqzvOgMdNGvZrxlNJ-G8hfc39jrb_KnB0T3ZsuxFz6X0mDzmHhdiPjSDK3M0syC4qg5_PB7xwKail5VWOcY0SypIYCPD6Ct5DGnQ_XONGXIVG7eaJAHdxJp2BOz0n3BVEFnZUgM5JcfGrSFfGqb0ZotX2AblwjZKQc58E0EVVykJw8gxW1Bob8rbaVXlMHssfY-9Jx0zua7ZrjO5C4OMmt9J6zYbVnGVwf62ehGtcLSP6iCG4_XM2sAMQwqJnPBss0U9WwDERk17FMHvb_FBwxAFxRygd0DclWmQmCYr5uFYck57KGARtyoxrNNAf4AFUHuObjbV24TyInYEgMhKi3SAML_4ke3dbbG-mjchXPN9OqNd4fydnQIP39WFHmFNk_nIlqvYnALI4xPE-w09T9jCvjU8hYHHlVMRvRluBnUzJkFnxLse5W-agC6ITe3wYvKH7SHVp6MYQWVD_0I2rCLV4gqjSpXzKIMs5eejjTQQq0VYumgL_f1ETvzDoewzXLOC8GGu2LZDwDbP0ea6DchReWjZfj4nJx23uQyGAj1h_uPI1jCd9oeJhbN8jFz2ltYgXYBp51qdSzsbtdec9BPPBVeXjI--c0AWU8",
"kid": "70e0ed3c",
"kty": "RSA",
"use": "sig"
}
]
}
</pre>
<p>They very kindly pretty-print it too!</p>
<p>We can then get the PEM version by piping to <tt>jwks-to-pem.py</tt>:</p>
<pre>
$ curl -s https://api.apps.cam.ac.uk/oauth2/v1/.well-known/jwks.json | jwks-to-pem.py
# Key 0 (kid: 70e0ed3c)
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6kKjjctVPalX0ypJ2irw
og8xIXS9JTABqrSnK/n3YJ4q0aH2+1bjGbWz8p1CaCUqDxQSDuqzvOgMdNGvZrxl
NJ+G8hfc39jrb/KnB0T3ZsuxFz6X0mDzmHhdiPjSDK3M0syC4qg5/PB7xwKail5V
WOcY0SypIYCPD6Ct5DGnQ/XONGXIVG7eaJAHdxJp2BOz0n3BVEFnZUgM5JcfGrSF
fGqb0ZotX2AblwjZKQc58E0EVVykJw8gxW1Bob8rbaVXlMHssfY+9Jx0zua7ZrjO
5C4OMmt9J6zYbVnGVwf62ehGtcLSP6iCG4/XM2sAMQwqJnPBss0U9WwDERk17FMH
vb/FBwxAFxRygd0DclWmQmCYr5uFYck57KGARtyoxrNNAf4AFUHuObjbV24TyInY
EgMhKi3SAML/4ke3dbbG+mjchXPN9OqNd4fydnQIP39WFHmFNk/nIlqvYnALI4xP
E+w09T9jCvjU8hYHHlVMRvRluBnUzJkFnxLse5W+agC6ITe3wYvKH7SHVp6MYQWV
D/0I2rCLV4gqjSpXzKIMs5eejjTQQq0VYumgL/f1ETvzDoewzXLOC8GGu2LZDwDb
P0ea6DchReWjZfj4nJx23uQyGAj1h/uPI1jCd9oeJhbN8jFz2ltYgXYBp51qdSzs
btdec9BPPBVeXjI++c0AWU8CAwEAAQ==
-----END PUBLIC KEY-----
</pre>
<h3>The script</h3>
<p>This is the script in case anyone else finds it useful:</p>
<pre lang="python" id="script">
#!/usr/bin/env -S uv run --script --quiet
# /// script
# dependencies = [
# "cryptography",
# ]
# ///
"""Convert JWK keys to PEM format.
This script reads .well-known/jwks.json and outputs PEM encoded versions
of the public keys in that file.
Usage:
curl -s https://example.com/.well-known/jwks.json | jwks-to-pem.py
uv run jwks-to-pem.py jwks.json
uv run jwks-to-pem.py < jwks.json
Requirements:
- uv (https://github.com/astral-sh/uv)
- cryptography library
Author:
Rob Allen <rob@akrabat.com>
Copyright 2025
License:
MIT License - https://opensource.org/licenses/MIT
"""
import json
import base64
import sys
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
def base64url_decode(data):
"""Decode base64url to bytes"""
# Add padding if needed
padding = 4 - len(data) % 4
if padding != 4:
data += '=' * padding
# Replace URL-safe chars
data = data.replace('-', '+').replace('_', '/')
# Decode
return base64.b64decode(data)
def jwk_to_pem(jwk_key):
"""Convert JWK to PEM format"""
if jwk_key['kty'] != 'RSA':
raise ValueError("Only RSA keys are supported")
# Decode the modulus (n) and exponent (e) to int
n = int.from_bytes(base64url_decode(jwk_key['n']), 'big')
e = int.from_bytes(base64url_decode(jwk_key['e']), 'big')
# Create RSA public key
public_key = rsa.RSAPublicNumbers(e, n).public_key()
# Serialize to PEM
pem = public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo
)
return pem.decode()
def main():
if len(sys.argv) > 2:
print("Usage: jwk_to_pem.py [jwks.json]")
print("If no file is provided, reads from stdin")
sys.exit(1)
if len(sys.argv) == 2 and sys.argv[1] != '-':
# Read from file
with open(sys.argv[1], 'r') as f:
jwks = json.load(f)
else:
# Read from stdin
jwks = json.load(sys.stdin)
# Convert each key
for i, key in enumerate(jwks['keys']):
kid = key.get('kid', f'key-{i}')
print(f"# Key {i} (kid: {kid})")
print(jwk_to_pem(key))
if __name__ == "__main__":
main()
</pre>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/converting-jwks-json-to-pem-using-python/feed/</wfw:commentRss>
<slash:comments>0</slash:comments>
</item>
<item>
<title>Stop in-place editing of bash history items</title>
<link>https://akrabat.com/stop-in-place-editing-of-bash-history-items/</link>
<comments>https://akrabat.com/stop-in-place-editing-of-bash-history-items/#comments</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 02 Sep 2025 10:00:00 +0000</pubDate>
<category><![CDATA[Command Line]]></category>
<category><![CDATA[Shell Scripting]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7480</guid>
<description><![CDATA[Recently, since getting a new computer, I've noticed that I've been losing bash history items and it took a while to work out what was going on, though I'm still not completely sure as it never seemed to be so much of a problem. I regularly use the up and down keys with context specific history. For example, I will type ma and then press up to search back through all the make commands I've… <a href="https://akrabat.com/stop-in-place-editing-of-bash-history-items/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>Recently, since getting a new computer, I've noticed that I've been losing bash history items and it took a while to work out what was going on, though I'm still not completely sure as it never seemed to be so much of a problem. </p>
<p>I regularly use the up and down keys with <a href="/context-specific-history-at-the-bash-prompt/">context specific history</a>. For example, I will type <tt>ma</tt> and then press up to search back through all the <tt>make</tt> commands I've used recently and then press enter to run it. </p>
<p>Sometimes, I'll realise that I don't actually want this command and edit it and press enter. Sometimes I'll decide halfway through editing that really I should use a <tt>docker compose</tt> command instead and I'll just back out of my edit via some key stroke that works. I'm not sure what I do here though, probably up/down, or maybe ctrl+c. Whatever I do, sometimes, the history for that line is now my edited mess and not the original command. Then later, when I go to try and find it via the up arrow, it's missing.</p>
<p>This happened infrequently enough that I thought I was misremembering what was in the history, or that maybe it was another tab I was thinking about.</p>
<p>I never want the bash history to be editable; if I cancel out, then I want it back to what it was.</p>
<h2>Fixing with revert-all-at-newline</h2>
<p>This finally annoyed me enough that I sat down with the Internet to work out how to fix it with the <tt>revert-all-at-newline</tt> setting.</p>
<p>The revert-all-at-newline option in bash controls whether readline reverts any changes made to a history line when you press Enter. Note that this is part of readline's behavior, so it affects command line editing in bash and other programs that use <a href="https://en.wikipedia.org/wiki/GNU_Readline">readline</a>.</p>
<p>The simplest thing is to add this to <tt>.bashrc</tt>:</p>
<pre lang="bash">
bind 'set revert-all-at-newline on'
</pre>
<p>Alternatively, you can create a <tt>.inputrc</tt> file with this in it:</p>
<pre>
$include /etc/inputrc
set revert-all-at-newline on
</pre>
<p>To view the current value of <tt>revert-all-at-newline</tt>, use: </p>
<pre>
bind -V | grep revert-all-at-newline
</pre>
<p>It solved my problem, and I've not yet found a case when I want it set the other way.</p>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/stop-in-place-editing-of-bash-history-items/feed/</wfw:commentRss>
<slash:comments>1</slash:comments>
</item>
<item>
<title>Extending an OpenAPI Component Schema</title>
<link>https://akrabat.com/extending-an-openapi-component-schema/</link>
<comments>https://akrabat.com/extending-an-openapi-component-schema/#respond</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 26 Aug 2025 10:00:00 +0000</pubDate>
<category><![CDATA[OpenAPI]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7477</guid>
<description><![CDATA[One project that I'm working on uses RFC 9457 Problem Details for HTTP APIs for its error responses. In the OpenAPI spec, we can define this as a component and use in the relevant paths as appropriate: components: schemas: ProblemDetails: type: object properties: type: type: string format: uri-reference description: A URI reference that identifies the problem type default: about:blank example: https://example.com/probs/out-of-credit title: type: string description: A short, human-readable summary of the problem type example: You… <a href="https://akrabat.com/extending-an-openapi-component-schema/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>One project that I'm working on uses <a href="https://www.rfc-editor.org/rfc/rfc9457.html">RFC 9457 Problem Details for HTTP APIs </a> for its error responses.</p>
<p>In the OpenAPI spec, we can define this as a component and use in the relevant paths as appropriate:</p>
<pre lang="yaml">
components:
schemas:
ProblemDetails:
type: object
properties:
type:
type: string
format: uri-reference
description: A URI reference that identifies the problem type
default: about:blank
example: https://example.com/probs/out-of-credit
title:
type: string
description: A short, human-readable summary of the problem type
example: You do not have enough credit.
status:
type: integer
format: int32
description: The HTTP status code for this occurrence of the problem
minimum: 100
maximum: 599
example: 403
detail:
type: string
description: A human-readable explanation specific to this occurrence of the problem
example: Your current balance is 30, but that costs 50.
instance:
type: string
format: uri-reference
description: A URI reference that identifies the specific occurrence of the problem
example: /account/12345/msgs/abc
additionalProperties: true
</pre>
<p>When we return a validation error, we add an <tt>errors</tt> property. Rather than repeating the <tt>ProblemDetails</tt> properties into <tt>ValidationError</tt>, we can add the <tt>errors</tt> using <a href="https://json-schema.org/understanding-json-schema/reference/combining#allOf"><tt>allOf</tt></a>:</p>
<pre lang="yaml">
ValidationError:
allOf:
- $ref: '#/components/schemas/ProblemDetails'
- type: object
properties:
errors:
type: object
description: Field-specific validation error messages
additionalProperties:
type: string
example:
name: "name must be provided"
dateOfBirth: "date must be in the past"
</pre>
<p>This is quite handy!</p>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/extending-an-openapi-component-schema/feed/</wfw:commentRss>
<slash:comments>0</slash:comments>
</item>
<item>
<title>Saving the current URL to a Note</title>
<link>https://akrabat.com/saving-the-current-url-to-a-note/</link>
<comments>https://akrabat.com/saving-the-current-url-to-a-note/#respond</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 19 Aug 2025 10:00:00 +0000</pubDate>
<category><![CDATA[Mac]]></category>
<category><![CDATA[Shortcuts]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7467</guid>
<description><![CDATA[Inspired by John Gruber mentioning on the Cortex podcast that he has a shortcut that saves links to a note in Tot, I thought I'd do something similar for saving to a note in Apple Notes. I want to store as a bullet item containing the name of the page, the link and the date. Something like this: (Funny that the spellchecker doesn't know that Thu is the short form for Thursday) The Save Links… <a href="https://akrabat.com/saving-the-current-url-to-a-note/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>Inspired by John Gruber mentioning on the <a href="https://www.relay.fm/cortex/169">Cortex podcast</a> that he has a shortcut that saves links to a note in <a href="https://tot.rocks">Tot</a>, I thought I'd do something similar for saving to a note in Apple Notes.</p>
<p>I want to store as a bullet item containing the name of the page, the link and the date. Something like this:</p>
<picture><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025saved-link-text-dark.png"
media="(prefers-color-scheme: dark)"
/><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025saved-link-text-light.png"
media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)"
/><br />
<img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025saved-link-text-light.png" loading="lazy" alt="Saved link text light." class="border" width="408"/>
</picture>
<p>(Funny that the spellchecker doesn't know that Thu is the short form for Thursday)</p>
<h2>The <em>Save Links to Notes</em> Shortcut</h2>
<p>This is the shortcut that I created to do it:
<picture><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025save-links-to-notes-shortcut-dark.png"
media="(prefers-color-scheme: dark)"
/><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025save-links-to-notes-shortcut-light.png"
media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)"
/><br />
<img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025save-links-to-notes-shortcut-light.png" loading="lazy" alt="Save links to notes shortcut light." class="noborder" width="558"/>
</picture>
<p>You can download it here:<br />
<a href="https://www.icloud.com/shortcuts/6c12e888f9da431d9977985b229d636b">https://www.icloud.com/shortcuts/6c12e888f9da431d9977985b229d636b</a></p>
<h2>Breaking down the actions</h2>
<p>To get the URL into the shortcut, we want:</p>
<ul>
<li><em>Show in Share Sheet</em> so that it's available on iOS/iPadOS</li>
<li><em>Receive What's Onscreen</em> so that when a browser is focussed on Mac, it finds the URL</li>
<li><em>Use as a Quick Action</em> so that we can assign a keyboard shortcut (<tt style="font-family: sans-serif">⌃⌥⌘U</tt> in case)</li>
</ul>
<p>We can then use <em>Get Contents of web page</em> along with <em>Get Details of Safari Web Page</em> to get the pages's title which Shortcuts calls <em>Name</em> for some reason.</p>
<p>There's an action for <em>Current Date</em>, so we add that to get the variable.</p>
<p>Creating formatted text in a note is a little involved. Firstly we use a <em>Text</em> action to set out the Markdown that we want. I used the date format <tt>EEE, dd MMM yyyy</tt> as it's short and clear to me.</p>
<p>There's a <em>Make Rich Text from Markdown</em> action which processes the Markdown for us, but if you just append it to the note, it doesn't work. The workaround is to add it to a <em>List</em> action and then append the list to the note. </p>
<h2>That's it</h2>
<p>All we need to do now is show a notification including the <tt>Shortcut Input</tt> variable as that's the URL that we've just saved.
<picture><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025save-links-to-notes-notification-dark.png"
media="(prefers-color-scheme: dark)"
/><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025save-links-to-notes-notification-light.png"
media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)"
/><br />
<img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025save-links-to-notes-notification-light.png" loading="lazy" alt="Save links to notes notification light." class="noborder" width="376"/>
</picture>
<p>With this shortcut, I can add a new entry to my note from both my Mac, iPad and iPhone with minimal effort. </p>
<p>I like it.</p>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/saving-the-current-url-to-a-note/feed/</wfw:commentRss>
<slash:comments>0</slash:comments>
</item>
<item>
<title>Accessing Longplay info for SwiftBar</title>
<link>https://akrabat.com/accessing-longplay-info-for-swiftbar/</link>
<comments>https://akrabat.com/accessing-longplay-info-for-swiftbar/#respond</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 12 Aug 2025 10:00:00 +0000</pubDate>
<category><![CDATA[Mac]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7447</guid>
<description><![CDATA[One app that I find incredibly useful is SwiftBar and one use I have is to display track info for the currently playing song in Apple Music. SwiftBar plugins work as shell scripts that execute on a timer and echo specially formatted text which SwiftBar then turns into an item on the menu bar with an attached menu I use a heavily modified Now Playing plugin that was originally written by Adam Kenyon, so all… <a href="https://akrabat.com/accessing-longplay-info-for-swiftbar/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>One app that I find incredibly useful is <a href="https://github.com/swiftbar/SwiftBar">SwiftBar</a> and one use I have is to display track info for the currently playing song in Apple Music.</p>
<p>SwiftBar plugins work as shell scripts that execute on a timer and echo specially formatted text which SwiftBar then turns into an item on the menu bar with an attached menu</p>
<p>I use a heavily modified <a href="https://github.com/matryer/xbar-plugins/blob/main/Music/nowplaying.5s.sh">Now Playing plugin</a> that was originally written by Adam Kenyon, so all the hard work was done by them.</p>
<p>Recently, I've been using <a href="https://longplay.rocks">Longplay</a> to play albums and wanted the same functionality.</p>
<p>Now Playing uses AppleScript to determine if a music player is playing and what the track info is:</p>
<pre>
app_playing=$(osascript -e "tell application \"$i\" to player state as string")
</pre>
<p>And</p>
<pre>
track=$(osascript -e "tell application \"$app\" to name of current track")
artist=$(osascript -e "tell application \"$app\" to artist of current track")
</pre>
<p>When looking at adding Longplay, I was pleased to discover that it has AppleScript support, but perusing the Dictionary, I discovered that it doesn't support the features I need here.</p>
<p>Upon emailing the developer, they very helpfully pointed out that Longplay also has Shortcuts support and that I could probably use that instead. They were right.</p>
<p>I knocked up a couple of shortcuts:</p>
<picture><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025longplay-status-dark.png"
media="(prefers-color-scheme: dark)"
/><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025longplay-status-light.png"
media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)"
/><br />
<img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025longplay-status-light.png" loading="lazy" alt="Longplay status Apple Shortcut" class="noborder" width="431"/>
</picture>
<p>and</p>
<picture><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025longplay-now-playing-dark.png"
media="(prefers-color-scheme: dark)"
/><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025longplay-now-playing-light.png"
media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)"
/><br />
<img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025longplay-now-playing-light.png" loading="lazy" alt="Longplay now playing light." class="noborder" width="431"/>
</picture>
<p>With these set-up, I can now run them from the command line using <tt>shortcuts</tt>:</p>
<pre>
app_playing=$(shortcuts run "Longplay status");
</pre>
<p>This will set <tt>$app_playing</tt> to either "Yes" or "No" as strings as it is defined as boolean in Shortcuts.</p>
<pre>
track=$(shortcuts run "Longplay now playing");
</pre>
<p>This simply sets <tt>$track</tt> to the string of the currently playing track.</p>
<h2>Updated Now Playing script</h2>
<p>With the ability to get the info I needed from the command line, I <s>hacked</s> updated my copy of the Now Playing script and all is good.</p>
<p>I've updated it a bit over the years, so I've uploaded my version to Gist: <a href="https://gist.github.com/akrabat/8bcfac9dfef5fd4e9b67ac5bb504ea7a">nowplaying.5s.sh</a>.</p>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/accessing-longplay-info-for-swiftbar/feed/</wfw:commentRss>
<slash:comments>0</slash:comments>
</item>
<item>
<title>Responding to StreamDeck buttons with Keyboard Maestro</title>
<link>https://akrabat.com/controlling-the-streamdeck-via-keyboard-maestro/</link>
<comments>https://akrabat.com/controlling-the-streamdeck-via-keyboard-maestro/#respond</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 05 Aug 2025 10:00:00 +0000</pubDate>
<category><![CDATA[AppleScript]]></category>
<category><![CDATA[Keyboard Maestro]]></category>
<category><![CDATA[Mac]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7440</guid>
<description><![CDATA[I run Apple Music on my Mac desktop and send the output to my HomePod minis. To control the volume, you need to manipulate the Apple Music volume slider rather than the global volume controls for the Mac. It's easier to press buttons than use a mouse, so I used Keyboard Maestro to respond to two buttons on my Stream Deck instead. This is possible because Keyboard Maestro has a Stream Deck Plugin, so you… <a href="https://akrabat.com/controlling-the-streamdeck-via-keyboard-maestro/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>I run Apple Music on my Mac desktop and send the output to my HomePod minis. To control the volume, you need to manipulate the Apple Music volume slider rather than the global volume controls for the Mac.</p>
<p>It's easier to press buttons than use a mouse, so I used <a href="https://www.keyboardmaestro.com/">Keyboard Maestro</a> to respond to two buttons on my <a href="https://www.elgato.com/uk/en/p/stream-deck">Stream Deck</a> instead.</p>
<p>This is possible because Keyboard Maestro has a <a href="https://marketplace.elgato.com/product/keyboard-maestro-35c7590b-b7fb-4be0-9e5d-9fd4b4c0f013">Stream Deck Plugin</a>, so you need to install that first.</p>
<h2>Setting up the Stream Deck button</h2>
<p>You can now assign Keyboard Maestro to a button in the Stream Deck software:</p>
<p><img fetchpriority="high" decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025streamdeck-km-button.png" alt="Keyboard Maestro automation configuration interface showing a button setup with a speaker/volume icon. The interface displays fields for Title (empty), Button ID (R3C1), Virtual Row (3), and Virtual Column (1). The left side shows a black square button with white speaker and minus icons." title="streamdeck-km-button.png" border="0" width="500" height="239" /></p>
<p>This is the configuration for my volume down button, as you can tell by the icon I chose. The Button ID defaults to the row and column number of where you have placed it on the Stream Deck.</p>
<h2>Responding to the button in Keyboard Maestro</h2>
<p>On the Keyboard Maestro side, we need a macro that is trigged by the Stream Deck button. This is easy to do as it looks like a USB device key and you can press the button the Stream Deck and Keyboard Maestro will recognise it and fill in the correct details.</p>
<p><img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025streamdeck-km-control.png" alt="Screenshot of an Keyboard Maestro automation interface showing a "Music volume down" macro. The trigger is a Stream Deck R3C1 button press with modifiers. The action executes AppleScript code that decreases the Music app's volume by 1, with a minimum volume of 0." title="streamdeck-km-control.png" border="0" width="500" height="529" /></p>
<p>Upon clicking the button, we simply run some AppleScript to control the Music app's volume.</p>
<h2>That's it</h2>
<p>That's all there is to responding to a button on the Stream Deck on a Mac. In this case, I'm using AppleScript, but Keyboard Maestro lets you do practically anything on the computer!</p>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/controlling-the-streamdeck-via-keyboard-maestro/feed/</wfw:commentRss>
<slash:comments>0</slash:comments>
</item>
<item>
<title>Step-debugging Docker Compose NestJS services</title>
<link>https://akrabat.com/step-debugging-docker-compose-nestjs-services/</link>
<comments>https://akrabat.com/step-debugging-docker-compose-nestjs-services/#respond</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 29 Jul 2025 10:00:00 +0000</pubDate>
<category><![CDATA[NodeJS]]></category>
<category><![CDATA[TypeScript]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7454</guid>
<description><![CDATA[I'm working on a NestJS project that uses monorepo mode. It consists of a number of separate microservice applications that each have their own Docker container that are managed in development using Docker Compose. I like step-debugging in my IDE and so needed to set it up for this application. This is what I did. The application setup Each service in our project has its own container in docker-compose.yaml and we use a reverse proxy to… <a href="https://akrabat.com/step-debugging-docker-compose-nestjs-services/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>I'm working on a <a href="https://nestjs.com">NestJS</a> project that uses <a href="https://docs.nestjs.com/cli/monorepo#monorepo-mode">monorepo mode</a>. It consists of a number of separate microservice applications that each have their own <a href="https://www.docker.com">Docker</a> container that are managed in development using <a href="https://docs.docker.com/compose/">Docker Compose</a>.</p>
<p>I like step-debugging in my IDE and so needed to set it up for this application. This is what I did.</p>
<h2>The application setup</h2>
<p>Each service in our project has its own container in docker-compose.yaml and we use a reverse proxy to have a single endpoint that routes requests to the correct microservice. Each custom <tt>Dockerfile</tt> runs <tt>ppm run start:dev:{service name}></tt> which is defined in <tt>package.json</tt> like this:</p>
<pre>
"start:dev:service1": "nest start service1 --watch --tsc --watchOptions.poll=1000 --preserveWatchOutput",
</pre>
<p>Using <tt>--watchOptions.poll=1000</tt> is just more reliable when running in Docker with volumes mounted into the container. We also set the <tt>--preserveWatchOutput</tt> flag to ensure that the service doesn't take control of the terminal as this is unhelpful when you have multiple services in play.</p>
<h2>Set the apps up for debugging</h2>
<p>We need to make some modification for step debugging. Firstly, I created a set of <tt>start:debug:{service name}</tt> scripts in <tt>package.json</tt> that look like this:</p>
<pre>
"start:debug:service1": "nest start service1 --debug 0.0.0.0:9229 --watch --tsc --watchOptions.poll=1000 --preserveWatchOutput",
</pre>
<p>We enabled the <tt>--debug</tt> flag to enable node's <tt>--inspect</tt> flag so that port <tt>9229</tt> is available to the debugger. However, buy default this is bound to <tt>127.0.0.1</tt> which is not useful in a container, so we bind to <tt>0.0.0.0:9229</tt> so that it's available outside the container.</p>
<p>Next, we need to our new <tt>start:debug:{service name}</tt> scripts and expose port 92229 to our local environment for each service. We do this in <tt>docker-compose.override.yaml</tt>:</p>
<pre lang="yaml">
services:
service1:
ports:
- "9230:9229"
command: pnpm run start:debug:service1
service2:
ports:
- "9231:9229"
command: pnpm run start:debug:service2
</pre>
<p>I don't tend to like binding to the default port as that invariably confuses me when I run some test thing locally, so I've picked ports starting from <tt>9230</tt> onwards for my services.</p>
<p>Running <tt>docker compose up</tt> will now start the containers.</p>
<h2>Debugging in WebStorm</h2>
<p>To set up <a href="https://www.jetbrains.com/webstorm/">WebStorm</a> for step debugging, create a <em>Run/Debug configuration</em> entry of type <tt>Attach to Node.js/Chrome</tt> for each container.</p>
<p>The settings for service1 are:</p>
<ul>
<li>Name: Debug service1</li>
<li>Host: localhost</li>
<li>Port: 9230</li>
</ul>
<p>For the other services, change the name and port.</p>
<picture><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025webstorm-nodejs-debug-config-dark.png"
media="(prefers-color-scheme: dark)"
/><source
srcset="https://akrabat.com/wp-content/uploads/2025/07/2025webstorm-nodejs-debug-config-light.png"
media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)"
/><br />
<img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025webstorm-nodejs-debug-config-light.png" loading="lazy" alt="Webstorm nodejs debug config light." class="noborder" width="600"/>
</picture>
<p>From the Debugging dropdown at in the title bar select the service and press the green "bug" button. You'll see a "Debugger attached." message in the Docker logs.</p>
<p>Attach a breakpoint and access the endpoint using <tt>curl</tt> or another HTTP client and the IDE should stop execution at the breakpoint.</p>
<h2>Debugging in VS Code</h2>
<p>To set up <a href="https://code.visualstudio.com">VS Code</a> for step debugging, create a <tt>.vscode/launch.json</tt> file in your project. It should look like this:</p>
<pre lang="json">
{
"version": "0.2.0",
"configurations": [
{
"name": "Debug service1",
"type": "node",
"request": "attach",
"port": 9230,
"address": "localhost",
"localRoot": "${workspaceFolder}",
"remoteRoot": "/usr/src/app",
"restart": true
},
{
"name": "Debug service2",
"type": "node",
"request": "attach",
"port": 9231,
"address": "localhost",
"localRoot": "${workspaceFolder}",
"remoteRoot": "/usr/src/app",
"restart": true
}
]
}
</pre>
<p>Set <tt>remoteRoot</tt> to the directory within the Docker container where the project is mounted.</p>
<p>Start debugging by selecting the <em>Run and Debug</em> pane in the left hand toolbar and choose the service from the dropdown at the top. Then press the green <em>Start debugging</em> button (or press F5).You'll see a "Debugger attached." message in the Docker logs.</p>
<p>Attach a breakpoint and access the endpoint using <tt>curl</tt> or another HTTP client and the IDE should stop execution at the breakpoint.</p>
<h2>That's it</h2>
<p>Having done this, I can now enjoy step debugging this new-to-me codebase and understand what it does!</p>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/step-debugging-docker-compose-nestjs-services/feed/</wfw:commentRss>
<slash:comments>0</slash:comments>
</item>
<item>
<title>QuickSS: Screenshot the active window on Mac</title>
<link>https://akrabat.com/quickss-screenshot-the-active-window-on-mac/</link>
<comments>https://akrabat.com/quickss-screenshot-the-active-window-on-mac/#respond</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 22 Jul 2025 09:00:00 +0000</pubDate>
<category><![CDATA[Mac]]></category>
<category><![CDATA[Software]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7418</guid>
<description><![CDATA[Back in 2016, I wrote about using QuickGrab to take a screenshot of the active window via a single key press with no mouse use required. It's now 2025 and I'm still using this and Apple has announced that Rosetta 2 will be phased out in a couple of years. As QuickGrab is one of the few Intel-only apps I still use, I thought I'd recompile for Apple Silicon and it was then that I… <a href="https://akrabat.com/quickss-screenshot-the-active-window-on-mac/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>Back in 2016, I wrote about using QuickGrab to take a screenshot of the active window via a single key press with no mouse use required.</p>
<p>It's now 2025 and I'm still using this and Apple has announced that Rosetta 2 will be phased out in a couple of years. As QuickGrab is one of the few Intel-only apps I still use, I thought I'd recompile for Apple Silicon and it was then that I ran into trouble:</p>
<pre>
$ gcc -framework cocoa -x objective-c -o quickgrab quickgrab.m
quickgrab.m:92:26: error: 'CGWindowListCreateImage' is unavailable:
obsoleted in macOS 15.0 - Please use ScreenCaptureKit instead.
</pre>
<p><em>Obsoleted in macOS 15.0</em> isn't something you want to see! The APIs that QuickGrab use are no longer part of the SDK and so it cannot be compiled. Hence I decided to replace it with a Swift version and also take the opportunity to add additional features that I wanted.</p>
<p>While on holiday, I wrote <a href="https://github.com/akrabat/QuickSS">QuickSS</a>. I spent some time playing around with ScreenCaptureKit, but couldn't get it to replicate the window shadows that the standard screenshot tool on <tt>shift+cmd+4</tt> does. To solve this I decided to use <tt>screencapture</tt> to take the screenshot which is provided by macOS. </p>
<h2>Screenshot to file</h2>
<p>To save a screenshot of the active window directly to a file, just run <tt>quickss</tt>. You probably want to select cmd+tab to a different window, so prefix with <tt>sleep</tt>:</p>
<pre>
rob@Caledonia QuickGrab (master *) $ sleep 3; quickss
Capturing window ID: 5940 [Safari: 'Rob Allen – Pragmatism in the real world']
Screenshot saved to: /Users/rob/Downloads/Screenshot 2025-07-22 at 11.00.00.png
</pre>
<p>As it's my app, I made some changes to match the way I work with it. Firstly it defaults to saving the file to the Downloads folder and names it the same as the default screenshot utility. You can use <tt>--file</tt> to override this should you need to and <tt>--quiet</tt> will output just the filename which is useful for onward scripting, or displaying in notifications.</p>
<h2>Screenshot directly to clipboard</h2>
<p>I also added the ability to put the screenshot directly onto the clipboard with <tt>--clipboard</tt></p>
<pre>
$ sleep 3; quickss --clipboard
Capturing window ID: 5940 [Safari: 'Rob Allen – Pragmatism in the real world']
Screenshot copied to clipboard
</pre>
<p>I can now paste directly into Slack/Discord/Messages/Messenger/WhatsApp/Signal/etc. (Yes, there are far too many of these services nowadays!)</p>
<h2>Keyboard shortcut</h2>
<p>Obviously, the best way to run this is to use global keyboard shortcuts. My preference is to use <tt style="font-family: sans-serif">⌃⌥⌘4</tt> to put the screenshot onto the clipboard and <tt style="font-family: sans-serif">⇧⌃⌥⌘4</tt> to save it to file.</p>
<h3>Using Shortcuts.app</h3>
<p>You can use the Shortcuts app for this and create a shortcut for copying to clipboard like this:</p>
<p><img decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025quickss-take-screenshot-to-cliboard.png" alt="Quickss take screenshot to cliboard." title="quickss-take-screenshot-to-cliboard.png" border="0" width="700" height="511" /></p>
<p>The equivalent for saving to file is the same, except that you don't need the <tt>--clipboard</tt> parameter.</p>
<h3>Using Alfred</h3>
<p>I use <a href="https://www.alfredapp.com/">Alfred</a> for these sort of things, so I wrote a Workflow to do this based on the previous one:</p>
<p><img loading="lazy" decoding="async" src="https://akrabat.com/wp-content/uploads/2025/07/2025quickss-alfred-workflow.png" alt="Quickss alfred workflow." title="quickss-alfred-workflow.png" border="0" width="700" height="363" /></p>
<p>It's downloadable from the <a href="https://github.com/akrabat/QuickSS/releases/latest">QuickSS latest release</a> page.</p>
<h2>That's it</h2>
<p>Over the years, I've found that having a global hotkey to screenshot the current active window is really helpful. I like it even more now that it goes directly to the clipboard.</p>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/quickss-screenshot-the-active-window-on-mac/feed/</wfw:commentRss>
<slash:comments>0</slash:comments>
</item>
<item>
<title>Notarising a macOS standalone binary</title>
<link>https://akrabat.com/notarising-a-macos-standalone-binary/</link>
<comments>https://akrabat.com/notarising-a-macos-standalone-binary/#respond</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 15 Jul 2025 09:00:00 +0000</pubDate>
<category><![CDATA[Command Line]]></category>
<category><![CDATA[Development]]></category>
<category><![CDATA[Shell Scripting]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7413</guid>
<description><![CDATA[I've been writing a simple Swift command line tool called QuickSS. It's a single file swift file, that I compile to a standalone binaryusing: swiftc quickss.swift -o quickss To distribute it on modern Macs, I need to sign it and then get Apple to notarise it. Signing the binary To sign the binary, you need a "Developer ID Application" certificate from your paid developer account. If you don't have one there already create a new… <a href="https://akrabat.com/notarising-a-macos-standalone-binary/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>I've been writing a simple Swift command line tool called QuickSS. It's a single file swift file, that I compile to a standalone binaryusing:</p>
<pre>
swiftc quickss.swift -o quickss
</pre>
<p>To distribute it on modern Macs, I need to sign it and then get Apple to notarise it.</p>
<h2>Signing the binary</h2>
<p>To sign the binary, you need a "Developer ID Application" certificate from your paid <a href="https://developer.apple.com/account/resources/certificates/list">developer account</a>. If you don't have one there already create a new one, which requires a CSR from Keychain. Fortunately, the <a href="https://developer.apple.com/help/account/certificates/create-a-certificate-signing-request">info on what to do</a> is clear.</p>
<p>Download your Developer ID Application certificate and add to Keychain Access.</p>
<p>Next you need its name. This is done using <tt>security find-identity -v -p codesigning</tt> which gives you a list of certs. You want the text between the <tt>"</tt> that starts "Developer ID Application:". The easiest way to get this if you are scripting it is:</p>
<pre>
IDENTITY=$(security find-identity -v -p codesigning | grep "Developer ID Application" | grep -m 1 -oE '"[^"]+"' | tr -d '"')
</pre>
<p>To actually sign the binary, use the <tt>codesign</tt> utility:</p>
<pre>
codesign --timestamp --options runtime --sign "$IDENTITY" quickss
</pre>
<h2>Notarising</h2>
<p>To notarise the binary, you use the <tt>notarytool</tt> utility within <tt>xcrun</tt>. This expects a zip or pkg file, so zip up the binary first. You also need to know your Apple developer account's Team ID, your Apple ID and you need an app-specific password from <a href="https://account.apple.com">account.apple.com</a>.</p>
<p>Submit your app for notarising with:</p>
<pre>
zip -q quickss.zip quickss
xcrun notarytool submit --wait --no-progress -f json \
--team-id "$TEAM_ID" \
--apple-id "$APPLE_ID" \
--password "$APP_SPECIFIC_PASSWORD" \
quickss.zip
rm quickss.zip
</pre>
<p>If it fails, use the submission ID to query the log:</p>
<pre>
xcrun notarytool log \
--team-id "$TEAM_ID" \
--apple-id "$APPLE_ID" \
--password "$APP_SPECIFIC_PASSWORD" \
"<submission ID>"
</pre>
<p>Apple has now notarised your app.</p>
<h2>Note: No need to staple</h2>
<p>For a standard Mac applications (<tt>.app</tt> bundles), you can "staple" the notarisation into it. This makes things more efficient for the GateKeeper technology. However, for a standalone binary, <em>this cannot be done</em> as there is no directory into which to store the notarisation file.</p>
<p>If you try to staple, you'll get <tt>The staple and validate action failed! Error 73</tt> with no further information which is not entirely helpful.</p>
<p>For standalone binaries GateKeeper checks directly with Apple's servers the first time they are run, so stapling is unnecessary.</p>
<h2>That's it</h2>
<p>That's it. You now have a notarised standalone binary that can be easily distributed.</p>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/notarising-a-macos-standalone-binary/feed/</wfw:commentRss>
<slash:comments>0</slash:comments>
</item>
<item>
<title>Using the 1Password CLI in a script</title>
<link>https://akrabat.com/using-the-1password-cli-in-a-script/</link>
<comments>https://akrabat.com/using-the-1password-cli-in-a-script/#respond</comments>
<dc:creator><![CDATA[Rob]]></dc:creator>
<pubDate>Tue, 08 Jul 2025 09:00:00 +0000</pubDate>
<category><![CDATA[Command Line]]></category>
<category><![CDATA[Development]]></category>
<category><![CDATA[Shell Scripting]]></category>
<guid isPermaLink="false">https://akrabat.com/?p=7407</guid>
<description><![CDATA[I'm currently writing a script that notarises a macOS CLI app which needs to access a password. Rather than put it in an environment variable, I thought I'd use the 1Password CLI. This is the first time I've used it, so these are my notes. The 1Password CLI tool is call op. I installed it via Homebrew with: brew install 1password-cli Sign in You need to sign in. op signin As I have multiple accounts… <a href="https://akrabat.com/using-the-1password-cli-in-a-script/">continue reading</a>.]]></description>
<content:encoded><![CDATA[<p>I'm currently writing a script that notarises a macOS CLI app which needs to access a password. Rather than put it in an environment variable, I thought I'd use the 1Password CLI. This is the first time I've used it, so these are my notes.</p>
<p>The 1Password CLI tool is call <tt>op</tt>. I installed it via Homebrew with:</p>
<pre>brew install 1password-cli</pre>
<h2>Sign in</h2>
<p>You need to sign in. </p>
<pre>op signin</pre>
<p>As I have multiple accounts as various clients have shared access to specific vaults, it asks me which account I want to sign in. To save this step, you can set the <tt>OP_ACCOUNT</tt> environment variable:</p>
<pre>export OP_ACCOUNT=my.1password.com</pre>
<p>Alternatively, use the <tt>--account</tt> parameter.</p>
<p>You get a dialog box where for me, I use TouchID to sign in.</p>
<p><tt>op signin</tt> is idempotent so is a no-op if the Terminal is already signed in.</p>
<h2>Access data</h2>
<p>There are multiple ways to retrieve the data from a 1Password item.</p>
<h3><tt style="color:inherit">op item get</tt></h3>
<p>Use <tt>op item get "<item>" --field "<fieldname>"</tt> to get a specific field. e.g</p>
<pre>op item get "Apple App Notarisation" --field "username"</pre>
<p>The <tt><item></tt> can be the name of the item or its id. e.g. something like <tt>dajka2z5l57m4p43s6bapd3eo4</tt></p>
<p>Note, that for a password, you also need to pass in <tt>--reveal</tt>.</p>
<p>As I'm writing a script, I assign to a variable:</p>
<pre>
APPLE_ID=$(op item get "Apple App Notarisation" --field username)
APP_SPECIFIC_PASSWORD=$(op item get "Apple App Notarisation" --field password --reveal)
TEAM_ID=$(op item get "Apple App Notarisation" --field team_id)
</pre>
<p>Alternatively, you can get back multiple fields in one go by providing a list of comma separated fields:</p>
<pre>
FIELDS=$(op item get "Apple App Notarisation" --fields username,password,team_id --reveal)
IFS=',' read -r APPLE_ID APP_SPECIFIC_PASSWORD TEAM_ID <<< "$FIELDS"
</pre>
<h3><tt style="color:inherit">op read</tt></h3>
<p>You can also use the <tt>read parameter</tt> which takes a URL-style path:</p>
<pre>
op read op://<vault>/<item>/<field>
</pre>
<p>Use <tt>op vault list</tt> to view the list of vault names and you don't need <tt>--reveal</tt> for passwords. </p>
<p>For my case, I can use:</p>
<pre>
APPLE_ID=$(read "op://Private/Apple App Notarisation/username")
APP_SPECIFIC_PASSWORD=$(op read "op://Private/Apple App Notarisation/password")
TEAM_ID=$(op read "op://Private/Apple App Notarisation/team_id")
</pre>
<h3>Format as JSON</h3>
<p>You can also get the entire item in JSON using:</p>
<pre>op item get "Apple App Notarisation" --format json</pre>
<p>Then use <a href="https://jqlang.org/"><tt>jq</tt></a> to extract what you need. e.g to print the username and password you could do:</p>
<pre>op item get "Apple App Notarisation" --format json | jq -r '
.fields[] | select(.label=="username" or .label=="password") | "\(.label): \(.value)"
'</pre>
<h3>That's it</h3>
<p>That's it. Very simple to put into a script and keep my password secure.</p>
]]></content:encoded>
<wfw:commentRss>https://akrabat.com/using-the-1password-cli-in-a-script/feed/</wfw:commentRss>
<slash:comments>0</slash:comments>
</item>
</channel>
</rss>

If you would like to create a banner that links to this page (i.e. this validation result), do the following:

Download the "valid RSS" banner.
Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)
Add this HTML to your page (change the image src attribute if necessary):

<a href="http://www.feedvalidator.org/check.cgi?url=http%3A//akrabat.com/feed/"><img src="valid-rss-rogers.png" alt="[Valid RSS]" title="Validate my RSS feed" /></a>

If you would like to create a text link instead, here is the URL you can use:

http://www.feedvalidator.org/check.cgi?url=http%3A//akrabat.com/feed/

Home · About · News · Docs · Terms