Your shell history: synced, queryable, and in context
Go to file
David Dworken 4751004d7e
Add TODO
2023-10-21 09:48:36 -07:00
.github Update docker compose test to ensure that the redaction worked 2023-10-15 19:05:32 -07:00
backend Avoid returning DB error when deleted message identifiers don't have a device ID 2023-10-18 18:59:12 -07:00
client Promote the background updates of the DB from BetaMode to prod 2023-10-21 09:47:20 -07:00
scripts More refactoring to use cobra 2022-11-16 08:03:23 -08:00
shared Wire through a flag so that we can track when installations come from tests, and delete those from the DB more aggressively 2023-10-15 13:09:48 -07:00
.dockerignore Revert "Remove no longer used dot files" 2022-10-15 14:36:29 -07:00
.errcheck_excludes.txt Add progress bar to monitor importing history entries for #93 2023-10-12 19:35:52 -07:00
.gitignore Add fully tested instructions for self hosting 2022-11-05 13:30:37 -07:00
.pre-commit-config.yaml Manually vendor the slsa_verifier lib so we can make tweaks to it 2022-06-04 21:21:49 -07:00
demo.vhs Update demo gif to show the most recent TUI 2023-10-14 18:43:04 -07:00
go.mod Add progress bar to monitor importing history entries for #93 2023-10-12 19:35:52 -07:00
go.sum Add progress bar to monitor importing history entries for #93 2023-10-12 19:35:52 -07:00
hishtory.go Add TODO 2023-10-21 09:48:36 -07:00
LICENSE Create LICENSE 2022-09-24 01:03:16 -07:00
Makefile Increase test timeout since macos tests sometimes just barely go over 45 minutes for the whole test suite--and yes... that is very slow :( 2023-09-22 20:04:40 -07:00
README.md Update README and make column name matching more relaxed 2023-10-18 19:17:05 -07:00
VERSION Release v0.238 2023-10-21 00:30:06 -07:00

hiSHtory: Better Shell History

hishtory is a better shell history. It stores your shell history in context (what directory you ran the command in, whether it succeeded or failed, how long it took, etc). This is all stored locally and end-to-end encrypted for syncing to to all your other computers. All of this is easily queryable via the hishtory CLI. This means from your laptop, you can easily find that complex bash pipeline you wrote on your server, and see the context in which you ran it.

demo

Getting Started

To install hishtory on your first machine:

curl https://hishtory.dev/install.py | python3 -

At this point, hishtory is already managing your shell history (for bash, zsh, and fish!). Give it a try by pressing Control+R and see below for more details on the advanced search features.

Then to install hishtory on your other computers, you need your secret key. Get this by running hishtory status. Once you have it, you follow similar steps to install hiSHtory on your other computers:

curl https://hishtory.dev/install.py | python3 -
hishtory init $YOUR_HISHTORY_SECRET

Now if you press Control+R on first computer, you can automatically see the commands you've run on all your other computers!

Features

Querying

There are two ways to interact with hiSHtory.

  1. Via pressing Control+R in your terminal. Search for a command, select it via Enter, and then have it ready to execute in your terminal's buffer.
  2. Via hishtory query if you just want to explore your shell history.

Both support the same query format, see the below annotated queries:

Query Explanation
psql Find all commands containing psql
psql db.example.com Find all commands containing psql and db.example.com
docker hostname:my-server Find all commands containing docker that were run on the computer with hostname my-server
nano user:root Find all commands containing nano that were run as root
exit_code:127 Find all commands that exited with code 127
service before:2022-02-01 Find all commands containing service run before February 1st 2022
service after:2022-02-01 Find all commands containing service run after February 1st 2022

For true power users, you can even query directly in SQLite via sqlite3 -cmd 'PRAGMA journal_mode = WAL' ~/.hishtory/.hishtory.db.

Enable/Disable

If you want to temporarily turn on/off hiSHtory recording, you can do so via hishtory disable (to turn off recording) and hishtory enable (to turn on recording). You can check whether or not hishtory is enabled via hishtory status.

Deletion

hishtory redact can be used to delete history entries that you didn't intend to record. It accepts the same search format as hishtory query. For example, to delete all history entries containing psql, run hishtory redact psql.

Alternatively, you can delete items from within the terminal UI. Press Control+R to bring up the TUI, search for the item you want to delete, and then press Control+K to delete the currently selected entry.

Updating

To update hishtory to the latest version, just run hishtory update to securely download and apply the latest update.

Advanced Features

TUI key bindings The TUI (opened via `Control+R`) supports a number of key bindings:
Key Result
Left/Right Scroll the search query left/right
Up/Down Scroll the table up/down
Page Up/Down Scroll the table up/down by one page
Shift + Left/Right Scroll the table left/right
Control+K Delete the selected command
Changing the displayed columns

You can customize the columns that are displayed via hishtory config-set displayed-columns. For example, to display only the cwd and command:

hishtory config-set displayed-columns CWD Command

The list of supported columns are: Hostname, CWD, Timestamp, Runtime, ExitCode, Command, and User.

Custom Columns

You can create custom column definitions that are populated from arbitrary commands. For example, if you want to create a new column named git_remote that contains the git remote if the cwd is in a git directory, you can run:

hishtory config-add custom-columns git_remote '(git remote -v 2>/dev/null | grep origin 1>/dev/null ) && git remote get-url origin || true'
hishtory config-add displayed-columns git_remote
Disabling Control+R integration

If you'd like to disable the Control+R integration in your shell, you can do so by running hishtory config-set enable-control-r false.

Filtering duplicate entries

By default, hishtory query will show all results even if this includes duplicate history entries. This helps you keep track of how many times you've run a command and in what contexts. If you'd rather disable this so that hiSHtory won't show duplicate entries, you can run:

hishtory config-set filter-duplicate-commands true
Offline Install Without Syncing

If you don't need the ability to sync your shell history, you can install hiSHtory in offline mode.

Download the latest binary from Github Releases, and then run ./hishtory-binary install --offline to install hiSHtory in a fully offline mode. This disables syncing and it is not possible to re-enable syncing after doing this.

Self-Hosting

By default, hiSHtory relies on a backend for syncing. All data is end-to-end encrypted, so the backend can't view your history.

But if you'd like to self-host the hishtory backend, you can! The backend is a simple go binary in backend/server/server.go (with prebuilt binaries here). It can either use SQLite or Postgres for persistence.

To make hishtory use your self-hosted server, set the HISHTORY_SERVER environment variable to the origin of your self-hosted server. For example, put export HISHTORY_SERVER=http://my-hishtory-server.example.com at the end of your .bashrc.

Check out the docker-compose.yml file for an example config to start a hiSHtory server using Postgres.

A few configuration options:

  • If you want to use a SQLite backend, you can do so by setting the HISHTORY_SQLITE_DB environment variable to point to a file. It will then create a SQLite DB at the given location.
  • If you want to limit the number of users that your server allows (e.g. because you only intend to use the server for yourself), you can set the environment variable HISHTORY_MAX_NUM_USERS=1 (or to whatever value you wish for the limit to be). Leave it unset to allow registrations with no cap.
Importing existing history

hiSHtory imports your existing shell history by default. If for some reason this didn't work (e.g. you had your shell history in a non-standard file), you can import it by piping it into hishtory import (e.g. cat ~/.my_history | hishtory import).

Custom timestamp formats

You can configure a custom timestamp format for hiSHtory via hishtory config-set timestamp-format '2006/Jan/2 15:04'. The timestamp format string should be in the format used by Go's time.Format(...).

Customizing the install folder

By default, hiSHtory is installed in ~/.hishtory/. If you want to customize this, you can do so by setting the HISHTORY_PATH environment variable to a path relative to your home directory (e.g. export HISHTORY_PATH=.config/hishtory). This must be set both when you install hiSHtory and when you use hiSHtory, so it is recommend to set it in your .bashrc/.zshrc/.fishrc before installing hiSHtory.

Viewing debug logs

Debug logs are stored in ~/.hishtory/hishtory.log. If you run into any issues, these may contain useful information.

Uninstalling

If you'd like to uninstall hishtory, just run hishtory uninstall. Note that this deletes the SQLite DB storing your history, so consider running a hishtory export first.

Note that if you're experiencing any issues with hiSHtory, try running hishtory update first! Performance and reliability is always improving, and we highly value your feedback.

Design

The hishtory CLI is written in Go. It hooks into the shell in order to track information about all commands that are run. It takes this data and saves it in a local SQLite DB managed via GORM. This data is then encrypted and sent to your other devices through a backend that essentially functions as a one-to-many queue. When you press press Control+R or run hishtory query, a SQL query is run to find matching entries in the local SQLite DB.

Syncing Design

See hiSHtory: Cross-device Encrypted Syncing Design to learn how syncing works. The tl;dr is that everything magically works so that:

  • The backend can't read your history.
  • Your history is queryable from all your devices.
  • You can delete items from your history as needed.
  • If you go offline, you'll have an offline copy of your history. And once you come back online, syncing will transparently resume.

Security

hishtory is a CLI tool written in Go and uses AES-GCM for end-to-end encrypting your history entries and syncing them. The binary is reproducibly built and SLSA Level 3 to make it easy to verify you're getting the code contained in this repository.

This all ensures that the minimalist backend cannot read your shell history, it only sees encrypted data. hiSHtory also respects shell conventions and will not record any commands prefixed with a space.

If you find any security issues in hiSHtory, please reach out to david@daviddworken.com.