Keepassxc: Full synchronization on CLI

The problem with sync is when there are conflicts... To manage all the kinds of conflicts that can occur you would have to recreate a complete git-like tool :{

If your problem is just about typing twice the password and you're using bash, a workaround could be:
user$ KEEPASS_PASS=MyPass
user$ keepassxc-cli merge $first $second< ${KEEPASS_PASS}
EOF
user$ keepassxc-cli merge $second $first< ${KEEPASS_PASS}
END
user$ unset KEEPASS_PASS

As an exercise, I let it up to you to rewrite that as a script that does not store the pass in clear (e.g. expecting the env var to be set or asking it on the command line but with no echo...)

@liar666

The problem with sync is when there are conflicts... To manage all the kinds of conflicts that can occur you would have to recreate a complete git-like tool :{

keepass2 has this feature, no conflict resolution dialog needed.
I believe that's because, for the worst case scenario, your intended latest version ends up in the history tab.
Wouldn't the same problem apply to the merge command?

@Querulous
Wouldn't these commands be equivalent to the desired synchronize feature?

keepassxc-cli merge $first $second
cp $first $second

That being said, I agree with you that having a "synchronize" command would make the user more confident that he is doing the right thing and ends up with both databases in the correct state.

@joaoportela As I remember merging databases doesn't leave them in identical state. Ideally synchronization should work as you described it.

@Querulous I was just proposing that, based on the documentation.

   merge [options] <database1> <database2>
         Merges two databases together. The first database file is going to be  replaced  by
         the  result  of  the merge, for that reason it is advisable to keep a backup of the
         two database files before attempting a merge. In the case that both databases  make
         use of the same credentials, the --same-credentials or -s option can be used.

Since the has the result of the merge, you can just copy it over to end up with two complete databases (instead of doing two merges).

Hi Team,
Details of Sync feature from KeePass are described on the Keepass help page https://keepass.info/help/v2/sync.html#tech

The synchronization algorithm is rather complex and it would take many pages to describe in detail how it's working. Developers interested in this can have a look into the KeePass source code. Here are the most important properties of the synchronization algorithm:

In order to decide which copy of an object is the latest one, KeePass mainly uses the last modification time of the object (which KeePass updates automatically each time the object is changed).
The synchronization is performed on entry level. This e.g. means that a combination of user name / password is always consistent (synchronization on field level will not be implemented, because combinations could become inconsistent with this).
In case of parallel updates and collisions, KeePass tries to store all information in an appropriate place. For example, when you have an entry E in a database A, make a copy B of A, change E in B, change E in A, and synchronize A and B, then E in A is treated as current and the changes made to E in B are stored as a history version of E (see tab 'History' in the entry dialog), i.e. the changes made in B aren't lost.