build(deps): bump protobuf from 6.33.1 to 6.33.2

Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 6.33.1 to 6.33.2. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: protobuf dependency-version: 6.33.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
remove useless --use-pep517 in build.sh
2025-12-12 09:49:46 +01:00 · 2025-12-08 15:10:16 +00:00 · 2025-12-03 21:02:19 +01:00 · 2025-12-02 22:26:16 +01:00 · 2025-12-02 22:26:03 +01:00 · 2025-12-02 22:25:40 +01:00
86 changed files with 7737 additions and 912 deletions
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -6,7 +6,7 @@
        "context": "..",
        //Update 'VARIANT' to pick a Python version: 3, 3.10, ...
        "args": {
-            "VARIANT": "3.10"
+            "VARIANT": "3.14"
        }
    },
    // Add the IDs of extensions you want installed when the container is created.
--- a/.editorconfig
+++ b/.editorconfig
@@ -5,4 +5,11 @@ indent_style = space
 indent_size = 4
 charset = utf-8
 trim_trailing_whitespace = true
-insert_final_newline = true
+insert_final_newline = true
+
+[*.md]
+indent_size = 4
+trim_trailing_whitespace = false
+
+[*.{yml,toml}]
+indent_size = 2
--- a/.envrc
+++ b/.envrc
@@ -0,0 +1,3 @@
+source_url "https://raw.githubusercontent.com/cachix/devenv/95f329d49a8a5289d31e0982652f7058a189bfca/direnvrc" "sha256-d+8cBpDfDBj41inrADaJt+bDWhOktwslgoP5YiGJ1v0="
+
+use devenv
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1,21 @@
+* text eol=lf
+*.csv text eol=auto
+*.txt text eol=auto
+*.md text eol=auto
+*.sh text eol=lf
+*.bat text eol=crlf
+*.cmd text eol=crlf
+*.ps1 text eol=crlf
+*.png binary
+*.webp binary
+*.jpg binary
+*.jpeg binary
+*.gif binary
+*.ico binary
+*.zip binary
+*.tar binary
+*.gz binary
+*.7z binary
+*.exe binary
+*.dll binary
+*.pdf binary
--- a/.github/copilot-instructions.md
+++ b/.github/copilot-instructions.md
@@ -0,0 +1,17 @@
+# Copilot Instructions
+
+This project is a web application that allows users to create and manage tasks. The application is built using Python.
+
+## Coding Standards
+
+- Use snakeCase for variable and function names.
+- Use PascalCase for component names.
+- Use double quotes for strings.
+- Use 4 spaces for indentation.
+
+## Tone
+
+- If I tell you that you are wrong, think about whether or not you think that's true and respond with facts.
+- Avoid apologizing or making conciliatory statements.
+- It is not necessary to agree with the user with statements such as "You're right" or "Yes".
+- Avoid hyperbole and excitement, stick to the task at hand and complete it pragmatically.
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -8,4 +8,4 @@ updates:
  - package-ecosystem: "pip" # See documentation for possible values
    directory: "/" # Location of package manifests
    schedule:
-      interval: "weekly"
+      interval: "daily"
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,32 +1,79 @@
 name: tests

-on: [push]
+# https://docs.github.com/de/actions/using-workflows/workflow-syntax-for-github-actions
+# https://docs.github.com/en/actions/using-workflows
+# https://docs.github.com/en/actions/learn-github-actions/contexts
+# https://docs.github.com/en/actions/learn-github-actions/expressions
+
+on:
+  push:
+    paths-ignore:
+      - 'docs/**'
+      - '**.md'
+      - 'build.sh'
+  # pull_request:
+  schedule:
+    # Run daily on default branch
+    - cron: '37 3 * * *'

 jobs:
  build:

-    runs-on: ubuntu-latest
    strategy:
+      fail-fast: false
      matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10", "3.x"]
+        # 3.x is used to run code coverage
+        python-version: ["3.x", "3.14", "3.13", "3.12", "3.11", "3.10", "3.9"]
+        platform: [ubuntu-latest, macos-latest, windows-latest, ubuntu-24.04-arm, macos-15-intel]
+#        exclude:
+
+    runs-on: ${{ matrix.platform }}

    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v5
      - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v6
        with:
          python-version: ${{ matrix.python-version }}
+          check-latest: ${{ github.event_name == 'schedule' }}
+          allow-prereleases: false
+      - name: Install zbar shared lib for QReader (Linux)
+        if: runner.os == 'Linux'
+        run: |
+          sudo apt-get install -y libzbar0
+      - name: Install zbar shared lib for QReader (macOS)
+        if: runner.os == 'macOS'
+        run: |
+          brew install zbar
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
-          pip install flake8 pytest
-          if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+          pip install -U -r requirements-dev.txt
+          pip install -U .
      - name: Lint with flake8
        run: |
          # stop the build if there are Python syntax errors or undefined names
          flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
          # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
          flake8 . --count --exit-zero --max-complexity=10 --max-line-length=200 --statistics
-      - name: Test with pytest
+      - name: Type checking with mypy
        run: |
-          pytest
+          mypy --install-types --non-interactive src/*.py tests/*.py
+          mypy --strict src/*.py tests/*.py
+        if: matrix.python-version == '3.x' && matrix.platform == 'ubuntu-latest'
+      - name: Test with pytest
+        run: pytest
+        if: (matrix.python-version != '3.x' || matrix.platform != 'ubuntu-latest') && (matrix.python-version != '3.10' && matrix.platform != 'macos-latest')
+      - name: Test with pytest (with code coverage)
+        run: pytest --cov=extract_otp_secrets_test --junitxml=pytest.xml --cov-report=term-missing | tee pytest-coverage.txt
+        if: matrix.python-version == '3.x' && matrix.platform == 'ubuntu-latest'
+      # https://github.com/marketplace/actions/pytest-coverage-comment
+      - name: Pytest coverage comment
+        uses: MishaKav/pytest-coverage-comment@main
+        with:
+          pytest-coverage-path: ./pytest-coverage.txt
+          junitxml-path: ./pytest.xml
+        if: |
+          false && matrix.python-version == '3.x' && matrix.platform == 'ubuntu-latest'
+          && !contains(github.ref, 'refs/tags/')
+
--- a/.github/workflows/ci_docker.yml
+++ b/.github/workflows/ci_docker.yml
@@ -0,0 +1,413 @@
+name: docker
+
+# https://docs.github.com/de/actions/using-workflows/workflow-syntax-for-github-actions
+# https://docs.github.com/en/actions/using-workflows
+# https://docs.github.com/en/actions/learn-github-actions/contexts
+# https://docs.github.com/en/actions/learn-github-actions/expressions
+
+# How to setup: https://event-driven.io/en/how_to_buid_and_push_docker_image_with_github_actions/
+# How to run: https://aschmelyun.com/blog/using-docker-run-inside-of-github-actions/
+
+on:
+  # run it on push to the default repository branch
+  push:
+    paths-ignore:
+      - 'docs/**'
+      - '**.md'
+      - 'build.sh'
+    tags-ignore:
+      - '**'
+    # branches is needed if tags-ignore is used
+    branches:
+      - '**'
+  schedule:
+    # Run weekly on default branch
+    - cron: '47 3 * * 6'
+
+jobs:
+  build-and-push-docker-debian-image:
+    name: Build Docker Bookworm image and push to repositories
+    # run only when code is compiling and tests are passing
+    strategy:
+      matrix:
+        include:
+          - DOCKER_ARCH: amd64
+            platform: ubuntu-latest
+            PLATFORM_ARCH: x86_64
+          - DOCKER_ARCH: arm64
+            platform: ubuntu-24.04-arm
+            PLATFORM_ARCH: arm64
+
+    runs-on: ${{ matrix.platform }}
+
+    # steps to perform in job
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      # avoid building if there are testing errors
+      - name: Run smoke test
+        run: |
+          sudo apt-get install -y libzbar0
+          python -m pip install --upgrade pip
+          pip install -U -r requirements-dev.txt
+          pip install -U .
+          pytest
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      # setup Docker build action
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to Github Packages
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GHCR_IO_TOKEN }}
+
+      - name: "Build image (Bookworm/Debian 12) and push to Docker Hub and GitHub Container Registry"
+        id: docker_build_qr_reader_latest
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/${{ matrix.DOCKER_ARCH }}
+          # relative path to the place where source code with Dockerfile is located
+          # TODO file:, move to docker/
+          context: .
+          file: docker/Dockerfile
+          # builder: ${{ steps.buildx.outputs.name }}
+          # Note: tags has to be all lower-case
+          build-args: |
+            BASE_IMAGE=python:3.14-slim-trixie
+          pull: true
+          tags: |
+            docker.io/scit0/extract_otp_secrets:latest-${{ matrix.PLATFORM_ARCH }}
+            docker.io/scit0/extract_otp_secrets:bookworm-${{ matrix.PLATFORM_ARCH }}
+            ghcr.io/scito/extract_otp_secrets:latest-${{ matrix.PLATFORM_ARCH }}
+            ghcr.io/scito/extract_otp_secrets:bookworm-${{ matrix.PLATFORM_ARCH }}
+          provenance: true
+          sbom: true
+          # build on feature branches, push only on master branch
+          push: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}}
+
+      - name: Image digest
+        # TODO upload digests to assets
+        run: |
+          echo "extract_otp_secrets digests: ${{ steps.docker_build_qr_reader_latest.outputs.digest }}"
+          echo "${{ steps.docker_build_qr_reader_latest.outputs.digest }}" > digests.txt
+      - name: Save docker digests as artifacts
+        if: github.ref == 'refs/heads/master'
+        uses: actions/upload-artifact@v4
+        with:
+          name: digests_bookworm_${{ matrix.PLATFORM_ARCH }}
+          path: digests.txt
+
+  create-multiarch-debian-manifests:
+    name: Create multiarch manifests for Debian image
+    if: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}}
+    runs-on: ubuntu-latest
+    needs:
+      - build-and-push-docker-debian-image
+    steps:
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to Github Packages
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GHCR_IO_TOKEN }}
+
+      - name: Create multiarch manifests
+        if: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}}
+        shell: bash
+        run: |
+          for tag in \
+            docker.io/scit0/extract_otp_secrets:latest \
+            ghcr.io/scito/extract_otp_secrets:latest \
+            docker.io/scit0/extract_otp_secrets:bookworm \
+            ghcr.io/scito/extract_otp_secrets:bookworm \
+          ; do
+            docker buildx imagetools create -t $tag \
+              $tag-x86_64 \
+              $tag-arm64
+          done
+
+
+  build-and-push-docker-alpine-image:
+    name: Build Docker Alpine image and push to repositories
+    # run only when code is compiling and tests are passing
+    strategy:
+      matrix:
+        include:
+          - DOCKER_ARCH: amd64
+            platform: ubuntu-latest
+            PLATFORM_ARCH: x86_64
+          - DOCKER_ARCH: arm64
+            platform: ubuntu-24.04-arm
+            PLATFORM_ARCH: arm64
+
+    runs-on: ${{ matrix.platform }}
+
+    # steps to perform in job
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      # avoid building if there are testing errors
+      - name: Run smoke test
+        run: |
+          sudo apt-get install -y libzbar0
+          python -m pip install --upgrade pip
+          pip install -U -r requirements-dev.txt
+          pip install -U .
+          pytest
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      # setup Docker build action
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to Github Packages
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GHCR_IO_TOKEN }}
+
+      - name: "only_txt: Build image and push to Docker Hub and GitHub Container Registry"
+        id: docker_build_only_txt
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/${{ matrix.DOCKER_ARCH }}
+          # relative path to the place where source code with Dockerfile is located
+          context: .
+          file: docker/Dockerfile_only_txt
+          # builder: ${{ steps.buildx.outputs.name }}
+          # Note: tags has to be all lower-case
+          pull: true
+          tags: |
+            docker.io/scit0/extract_otp_secrets:only-txt-${{ matrix.PLATFORM_ARCH }}
+            docker.io/scit0/extract_otp_secrets:alpine-${{ matrix.PLATFORM_ARCH }}
+            ghcr.io/scito/extract_otp_secrets:only-txt-${{ matrix.PLATFORM_ARCH }}
+            ghcr.io/scito/extract_otp_secrets:alpine-${{ matrix.PLATFORM_ARCH }}
+          provenance: true
+          sbom: true
+          # build on feature branches, push only on master branch
+          push: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}}
+          build-args: |
+            RUN_TESTS=true
+
+      - name: Image digest
+        # TODO upload digests to assets
+        run: |
+          echo "extract_otp_secrets:only-txt digests: ${{ steps.docker_build_only_txt.outputs.digest }}"
+          echo "${{ steps.docker_build_qr_reader_latest.outputs.digest }}" > digests.txt
+
+      - name: Save docker digests as artifacts
+        if: github.ref == 'refs/heads/master'
+        uses: actions/upload-artifact@v4
+        with:
+          name: digests_alpine_${{ matrix.PLATFORM_ARCH }}
+          path: digests.txt
+
+  create-multiarch-alpine-manifests:
+    name: Create multiarch manifests for Alpine image
+    if: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}}
+    runs-on: ubuntu-latest
+    needs:
+      - build-and-push-docker-alpine-image
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to Github Packages
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GHCR_IO_TOKEN }}
+
+      - name: Create multiarch manifests
+        if: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}}
+        shell: bash
+        run: |
+          for tag in \
+              docker.io/scit0/extract_otp_secrets:only-txt \
+              docker.io/scit0/extract_otp_secrets:alpine \
+              ghcr.io/scito/extract_otp_secrets:only-txt \
+              ghcr.io/scito/extract_otp_secrets:alpine \
+            ; do
+              docker buildx imagetools create -t $tag \
+                $tag-x86_64 \
+                $tag-arm64
+            done
+
+  build-and-push-docker-bullseye-image:
+    name: Build Docker Bullseye image (for PyInstsaller) and push to repositories
+    # run only when code is compiling and tests are passing
+    strategy:
+      matrix:
+        include:
+          - DOCKER_ARCH: amd64
+            platform: ubuntu-latest
+            PLATFORM_ARCH: x86_64
+          - DOCKER_ARCH: arm64
+            platform: ubuntu-24.04-arm
+            PLATFORM_ARCH: arm64
+
+    runs-on: ${{ matrix.platform }}
+
+    # steps to perform in job
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      # avoid building if there are testing errors
+      - name: Run smoke test
+        run: |
+          sudo apt-get install -y libzbar0
+          python -m pip install --upgrade pip
+          pip install -U -r requirements-dev.txt
+          pip install -U .
+          pytest
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      # setup Docker build action
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to Github Packages
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GHCR_IO_TOKEN }}
+
+      - name: "Build image from Bullseye (Debian 11) and push to GitHub Container Registry"
+        id: docker_build_bullseye
+        if: github.ref == 'refs/heads/master'
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/${{ matrix.DOCKER_ARCH }}
+          # relative path to the place where source code with Dockerfile is located
+          context: .
+          file: docker/Dockerfile
+          # builder: ${{ steps.buildx.outputs.name }}
+          build-args: |
+            BASE_IMAGE=python:3.13-slim-bullseye
+          # Note: tags has to be all lower-case
+          pull: true
+          tags: |
+            docker.io/scit0/extract_otp_secrets:bullseye-${{ matrix.PLATFORM_ARCH }}
+            ghcr.io/scito/extract_otp_secrets:bullseye-${{ matrix.PLATFORM_ARCH }}
+          provenance: true
+          sbom: true
+          push: ${{ github.secret_source == 'Actions' }}
+
+      - name: Image digest
+        # TODO upload digests to assets
+        run: |
+          echo "extract_otp_secrets digests: ${{ steps.docker_build_qr_reader_latest.outputs.digest }}"
+          echo "${{ steps.docker_build_qr_reader_latest.outputs.digest }}" > digests.txt
+      - name: Save docker digests as artifacts
+        if: github.ref == 'refs/heads/master'
+        uses: actions/upload-artifact@v4
+        with:
+          name: digests_bullseye_${{ matrix.PLATFORM_ARCH }}
+          path: digests.txt
+
+  create-multiarch-bullseye-manifests:
+    name: Create multiarch manifests for Bullseye image
+    runs-on: ubuntu-latest
+    if: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}}
+    needs:
+      - build-and-push-docker-bullseye-image
+    steps:
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to Github Packages
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GHCR_IO_TOKEN }}
+
+      - name:
+        if: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}}
+        shell: bash
+        run: |
+          for tag in \
+              docker.io/scit0/extract_otp_secrets:bullseye \
+              ghcr.io/scito/extract_otp_secrets:bullseye \
+            ; do
+              docker buildx imagetools create -t $tag \
+                $tag-x86_64 \
+                $tag-arm64
+            done
+
+  container-images-clean-up:
+    name: Cleanup old container images
+    runs-on: ubuntu-latest
+    steps:
+      - name: Delete Container Packages
+        uses: actions/delete-package-versions@v5
+        if: ${{ github.secret_source == 'Actions'}}
+        with:
+          package-name: 'extract_otp_secrets'
+          package-type: 'container'
+          min-versions-to-keep: 1
+          delete-only-untagged-versions: 'true'
--- a/.github/workflows/ci_release.yml
+++ b/.github/workflows/ci_release.yml
@@ -0,0 +1,435 @@
+name: release
+
+# https://data-dive.com/multi-os-deployment-in-cloud-using-pyinstaller-and-github-actions
+# https://github.com/actions/upload-artifact
+# https://github.com/actions/download-artifact
+# https://github.com/docker/metadata-action
+# https://github.com/marketplace/actions/generate-release-hashes
+
+# https://github.com/oleksis/pyinstaller-manylinux
+# https://github.com/pypa/manylinux
+# https://github.com/batonogov/docker-pyinstaller
+
+# https://docs.github.com/de/actions/using-workflows/workflow-syntax-for-github-actions
+# https://docs.github.com/en/actions/using-workflows
+# https://docs.github.com/en/actions/learn-github-actions/contexts
+# https://docs.github.com/en/actions/learn-github-actions/expressions
+
+# https://docs.github.com/en/rest/releases/releases
+
+# https://peps.python.org/pep-0440/
+# https://semver.org/
+
+# macOS:
+# https://pyinstaller.org/en/stable/usage.html#building-macos-app-bundles
+# https://github.com/pyinstaller/pyinstaller/wiki/Recipe-OSX-Code-Signing
+
+# Build matrix:
+# - Linux x86_64 glibc 2.35: ubuntu-latest
+# - Linux x86_64 glibc 2.31: extract_otp_secrets:bullseye
+# - Linux x86_64 glibc 2.36: extract_otp_secrets:bookworm
+# - Windows x86_64: windows-latest
+# - MacOS x86_64: macos-11
+# - Linux x86_64 glibc 2.28: extract_otp_secrets:buster
+# - Linux aarch64 glibc 2.28: extract_otp_secrets:buster
+# - MacOS universal2: macos-11
+# - Windows arm64: [buildx + https://github.com/batonogov/docker-pyinstaller]
+
+on:
+  push:
+    tags:
+      - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
+  pull_request:
+  schedule:
+    # Run weekly on default branch
+    - cron: '47 4 * * 6'
+
+jobs:
+
+  create-release:
+    name: Create Release
+    runs-on: ubuntu-latest
+    outputs:
+      date: ${{ steps.meta.outputs.date }}
+      version: ${{ steps.meta.outputs.version }}
+      inline_version: ${{ steps.meta.outputs.inline_version }}
+      tag_name: ${{ steps.meta.outputs.tag_name }}
+      tag_message: ${{ steps.meta.outputs.tag_message }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+      - name: Set meta data
+        id: meta
+        # Writing to env with >> $GITHUB_ENV is an alternative
+        run: |
+          echo "date=$(TZ=Europe/Zurich date +'%d.%m.%Y')" >> $GITHUB_OUTPUT
+          echo "version=${TAG_NAME/v/}" >> $GITHUB_OUTPUT
+          echo "inline_version=${TAG_NAME/v/_}" >> $GITHUB_OUTPUT
+          echo "tag_name=${{ github.ref_name }}" >> $GITHUB_OUTPUT
+          echo "tag_message=$(git tag -l --format='%(contents:subject)' ${{ github.ref_name }})" >> $GITHUB_OUTPUT
+        env:
+          TAG_NAME: ${{ github.ref_name }}
+          PYTHONHASHSEED: 31
+      - name: Create Release
+        id: create_release
+        if: startsWith(github.ref, 'refs/tags/v')
+        # https://docs.github.com/en/rest/releases/releases?apiVersion=2022-11-28#create-a-release
+        run: |
+          echo "date: ${{ steps.meta.outputs.date }}"
+          echo "version: ${{ steps.meta.outputs.version }}"
+          echo "inline_version: ${{ steps.meta.outputs.inline_version }}"
+          echo "tag_name: ${{ steps.meta.outputs.tag_name }}"
+          echo "tag_message: ${{ steps.meta.outputs.tag_message }}"
+          response=$(curl \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}"\
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/repos/scito/extract_otp_secrets/releases \
+            --silent \
+            --show-error \
+            -d '{"tag_name":"${{ github.ref }}","target_commitish":"master","name":"${{ steps.meta.outputs.version }} - ${{ steps.meta.outputs.date }}","body":"${{ steps.meta.outputs.tag_message }}\n\n## Executables\n\nDownload the executable for your platform and execute it, see [README.md](https://github.com/scito/extract_otp_secrets#readme)\n\n | Executable | Description |\n | --- | --- |\n | extract_otp_secrets${{ steps.meta.outputs.inline_version }}_linux_x86_64 | Linux x86_64/amd64 (glibc >= 2.31) |\n | extract_otp_secrets${{ steps.meta.outputs.inline_version }}_linux_arm64 | Linux arm64 (glibc >= 2.31) |\n | extract_otp_secrets${{ steps.meta.outputs.inline_version }}_win_x86_64.exe | Windows x86_64/amd64/x64 |\n | extract_otp_secrets${{ steps.meta.outputs.inline_version }}_win_arm64.exe | N/A |\n | extract_otp_secrets${{ steps.meta.outputs.inline_version }}_macos_x86_64.dmg | N/A, see [README.md](https://github.com/scito/extract_otp_secrets#readme) |\n | extract_otp_secrets${{ steps.meta.outputs.inline_version }}_macos_x86_64.pkg | N/A, see [README.md](https://github.com/scito/extract_otp_secrets#readme) |\n | extract_otp_secrets${{ steps.meta.outputs.inline_version }}_macos_x86_64 | MacOS x86_64/amd64 (bare executable, see [README.md](https://github.com/scito/extract_otp_secrets#readme); optional libzbar must be installed manually, see [README.md](https://github.com/scito/extract_otp_secrets#readme)) |\n | extract_otp_secrets${{ steps.meta.outputs.inline_version }}_macos_arm64 | N/A |\n","draft":true,"prerelease":false,"generate_release_notes":true}')
+          echo upload_url=$(jq '.upload_url' <<< "$response") >> $GITHUB_OUTPUT
+          echo $(jq -r '.upload_url' <<< "$response") > release_url.txt
+          echo $(jq -r '.id' <<< "$response") > release_id.txt
+      - name: Save Release URL File for publish
+        if: startsWith(github.ref, 'refs/tags/v')
+        uses: actions/upload-artifact@v4
+        with:
+          name: release_url
+          path: release_url.txt
+      - name: Save asset upload id for publish
+        if: startsWith(github.ref, 'refs/tags/v')
+        uses: actions/upload-artifact@v4
+        with:
+          name: release_id
+          path: release_id.txt
+
+  build-linux-executable-in-docker:
+    name: Build ${{ matrix.platform }} release in docker container
+    # run only when code is compiling and tests are passing
+    needs: create-release
+    strategy:
+      matrix:
+        include:
+          - DOCKER_PLATFORM: linux/amd64
+            platform: ubuntu-latest
+            EXE: extract_otp_secrets_linux_x86_64
+            ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_x86_64
+          - DOCKER_PLATFORM: linux/arm64
+            platform: ubuntu-24.04-arm
+            EXE: extract_otp_secrets_linux_arm64
+            ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_arm64
+
+    runs-on: ${{ matrix.platform }}
+
+    # steps to perform in job
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      # avoid building if there are testing errors
+      - name: Run smoke test
+        run: |
+          sudo apt-get install -y libzbar0
+          python -m pip install --upgrade pip
+          pip install -U -r requirements-dev.txt
+          pip install -U .
+          pytest
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      # setup Docker build action
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+        # Workaround for failing builds: https://github.com/docker/build-push-action/issues/761#issuecomment-1383822381
+        # TODO remove workaround when fixed
+        with:
+          driver-opts: |
+            image=moby/buildkit:latest
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to Github Packages
+        uses: docker/login-action@v3
+        if: github.secret_source == 'Actions'
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GHCR_IO_TOKEN }}
+
+      - name: Image digest
+        # TODO upload digests to assets
+        run: |
+          echo "extract_otp_secrets: ${{ steps.docker_build_bullseye.outputs.digest }}"
+
+        # TODO use local docker image https://stackoverflow.com/a/61155718/1663871
+        # https://github.com/multiarch/qemu-user-static
+        # https://hub.docker.com/r/multiarch/qemu-user-static/
+      - name: Run Pyinstaller in container for ${{ matrix.EXE }}
+        run: |
+          docker run --pull always --entrypoint /bin/bash --rm -v "$(pwd)":/files -w /files docker.io/scit0/extract_otp_secrets:bullseye -c 'apt-get update && apt-get -y install binutils && pip install -U -r /files/requirements.txt && pip install pyinstaller && PYTHONHASHSEED=31 && pyinstaller -y --add-data /usr/local/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name ${{ matrix.EXE }} --distpath /files/dist/ /files/src/extract_otp_secrets.py'
+
+      - name: Smoke tests linux/amd64
+        if: matrix.DOCKER_PLATFORM == 'linux/amd64'
+        run: |
+          dist/${{ matrix.EXE }} -V
+          dist/${{ matrix.EXE }} -h
+          dist/${{ matrix.EXE }} --debug
+          dist/${{ matrix.EXE }} example_export.png
+          dist/${{ matrix.EXE }} - < example_export.txt
+          dist/${{ matrix.EXE }} --qr ZBAR example_export.png
+          dist/${{ matrix.EXE }} --qr QREADER example_export.png
+          dist/${{ matrix.EXE }} --qr QREADER_DEEP example_export.png
+          dist/${{ matrix.EXE }} --qr CV2 example_export.png
+          dist/${{ matrix.EXE }} --qr CV2_WECHAT example_export.png
+      - name: Smoke tests linux/arm64
+        if: matrix.DOCKER_PLATFORM == 'linux/arm64'
+        run: |
+          docker run --pull always --entrypoint /bin/bash --rm -v "$(pwd)":/files -w /files docker.io/scit0/extract_otp_secrets -c 'dist/${{ matrix.EXE }} -V && dist/${{ matrix.EXE }} -h && dist/${{ matrix.EXE }} example_export.png && dist/${{ matrix.EXE }} - < example_export.txt && dist/${{ matrix.EXE }} --qr ZBAR example_export.png && dist/${{ matrix.EXE }} --qr QREADER example_export.png && dist/${{ matrix.EXE }} --qr QREADER_DEEP example_export.png && dist/${{ matrix.EXE }} --qr CV2 example_export.png && dist/${{ matrix.EXE }} --qr CV2_WECHAT example_export.png'
+      - name: Load Release URL File from release job
+        if: startsWith(github.ref, 'refs/tags/v')
+        uses: actions/download-artifact@v5
+        with:
+          name: release_url
+      - name: Display structure of files
+        run: ls -R
+      - name: Upload EXE to artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ matrix.EXE }}
+          path: dist/${{ matrix.EXE }}
+      - name: Upload Release Asset
+        id: upload-release-asset
+        if: startsWith(github.ref, 'refs/tags/v')
+        run: |
+          response=$(curl \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Content-Type: application/x-executable" \
+            -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}"\
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            --silent \
+            --show-error \
+            --data-binary @dist/${{ matrix.EXE }} \
+            $(cat release_url.txt)=${{ matrix.ASSET_NAME }})
+
+  build-native-executables:
+    name: Build native packages
+    needs: create-release
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#choosing-github-hosted-runners
+        include:
+          - os: windows-latest
+            TARGET: windows
+            # TODO add --icon
+            # TODO add --manifest
+            # TODO find more elegant solution for pyzbar\libiconv.dll and pyzbar\libzbar-64.dll
+            # Files of Visual C++ 2013 Redistributable Package: https://support.microsoft.com/en-us/topic/update-for-visual-c-2013-redistributable-package-d8ccd6a5-4e26-c290-517b-8da6cfdf4f10
+            EXE: extract_otp_secrets.exe
+            ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_win_x86_64.exe
+            ASSET_MIME: application/vnd.microsoft.portable-executable
+            UPLOAD: true
+            CMD_BUILD: |
+              pyinstaller -y --add-data "$($Env:pythonLocation)\__yolo_v3_qr_detector:__yolo_v3_qr_detector" --add-binary "$($Env:pythonLocation)\Lib\site-packages\pyzbar\libiconv.dll:pyzbar" --add-binary "$($Env:pythonLocation)\Lib\site-packages\pyzbar\libzbar-64.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\msvcr120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\msvcp120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\vcamp120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\vcomp120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\vccorlib120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120u.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120chs.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120cht.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120deu.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120enu.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120esn.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120fra.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120ita.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120jpn.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120kor.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120rus.dll:pyzbar" --onefile --version-file build\win_file_version_info.txt --name extract_otp_secrets.exe src\extract_otp_secrets.py
+          - os: ubuntu-latest
+            TARGET: linux
+            EXE: extract_otp_secrets_ubuntu
+            ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_x86_64_ubuntu_latest
+            ASSET_MIME: application/x-executable
+            UPLOAD: false
+            CMD_BUILD: |
+                pyinstaller -y --add-data $pythonLocation/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name extract_otp_secrets_ubuntu src/extract_otp_secrets.py
+          - os: ubuntu-24.04-arm
+            TARGET: linux
+            EXE: extract_otp_secrets_ubuntu_arm64
+            ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_arm64_ubuntu_latest
+            ASSET_MIME: application/x-executable
+            UPLOAD: false
+            CMD_BUILD: |
+                pyinstaller -y --add-data $pythonLocation/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name extract_otp_secrets_ubuntu_arm64 src/extract_otp_secrets.py
+          - os: macos-15-intel
+            TARGET: macos
+            # https://pyinstaller.org/en/stable/spec-files.html#spec-file-options-for-a-macos-bundle
+            EXE: extract_otp_secrets
+            ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_macos_x86_64
+            DMG: extract_otp_secrets.dmg
+            ASSET_NAME_DMG: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_macos_x86_64.dmg
+            ASSET_MIME: application/octet-stream
+            UPLOAD: true
+            CMD_BUILD: |
+              VERSION_STR=$(setuptools-git-versioning) COPYRIGHT_YEARS='2020-2025' envsubst < installer/extract_otp_secrets_macos_template.spec > extract_otp_secrets_macos.spec
+              pyinstaller -y extract_otp_secrets_macos.spec
+              installer/build_dmg.sh
+          # Disable WARN: Cannot import pyzbar module. This problem is probably due to the missing zbar shared library.
+          # - os: macos-14
+          #   TARGET: macos
+          #   # https://pyinstaller.org/en/stable/spec-files.html#spec-file-options-for-a-macos-bundle
+          #   EXE: extract_otp_secrets
+          #   ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_macos_arm64
+          #   DMG: extract_otp_secrets.dmg
+          #   ASSET_NAME_DMG: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_macos_arm64.dmg
+          #   ASSET_MIME: application/octet-stream
+          #   UPLOAD: true
+          #   CMD_BUILD: |
+          #     VERSION_STR=$(setuptools-git-versioning) COPYRIGHT_YEARS='2020-2025' envsubst < installer/extract_otp_secrets_macos_template.spec > extract_otp_secrets_macos.spec
+          #     pyinstaller -y extract_otp_secrets_macos.spec
+          #     installer/build_dmg.sh
+    steps:
+      - name: Output path
+        if: runner.os == 'Windows'
+        run: echo "$($Env:Path)"
+      - name: List Windir
+        if: runner.os == 'Windows'
+        run: ls "$($Env:WinDir)\system32"
+      - uses: actions/checkout@v5
+      - name: Set macos macos_python_path
+        # TODO use variable for Python version
+        run: echo "macos_python_path=/Library/Frameworks/Python.framework/Versions/3.14" >> $GITHUB_ENV
+      - name: Set up Python 3.14
+        uses: actions/setup-python@v6
+        with:
+          python-version: 3.14
+          check-latest: true
+      - name: Install zbar shared lib for QReader (Linux)
+        if: runner.os == 'Linux'
+        run: |
+          sudo apt-get install -y libzbar0
+      - name: Install zbar shared lib for QReader (macOS)
+        if: runner.os == 'macOS'
+        run: |
+          brew install zbar create-dmg
+      - name: Install dependencies
+        # TODO fix --use-pep517
+        run: |
+          python -m pip install --upgrade pip
+          pip install -U -r requirements-dev.txt
+          pip install -U .
+      - name: Create Windows win_file_version_info.txt
+        shell: bash
+        run: |
+              mkdir -p build/
+              VERSION_STR=$(setuptools-git-versioning) VERSION_MAJOR=$(cut -d '.' -f 1 <<< "$(setuptools-git-versioning)") VERSION_MINOR=$(cut -d '.' -f 2 <<< "$(setuptools-git-versioning)") VERSION_PATCH=$(echo $(cut -d '.' -f 3 <<< "$(setuptools-git-versioning)") | sed -E -n "s/^([0-9]+).*/\1/p") VERSION_BUILD=$(echo $(cut -d '.' -f 3 <<< "$(setuptools-git-versioning)") | sed -E -n -e"s/^[0-9]+.+/99/p")$(($(git rev-list --count $(git tag | sort -V -r | sed '1!d')..HEAD))) COPYRIGHT_YEARS='2020-2025' envsubst < installer/win_file_version_info_template.txt > build/win_file_version_info.txt
+      - name: Build with pyinstaller for ${{ matrix.TARGET }}
+        env:
+          # Reproducible build: https://pyinstaller.org/en/stable/advanced-topics.html#creating-a-reproducible-build
+          PYTHONHASHSEED: 31
+        run: ${{ matrix.CMD_BUILD }}
+      - name: Smoke tests for generated exe (general)
+        run: |
+          dist/${{ matrix.EXE }} -V
+          dist/${{ matrix.EXE }} -h
+          dist/${{ matrix.EXE }} --debug
+          dist/${{ matrix.EXE }} example_export.png
+          dist/${{ matrix.EXE }} --qr ZBAR example_export.png
+          dist/${{ matrix.EXE }} --qr QREADER example_export.png
+          dist/${{ matrix.EXE }} --qr QREADER_DEEP example_export.png
+          dist/${{ matrix.EXE }} --qr CV2 example_export.png
+          dist/${{ matrix.EXE }} --qr CV2_WECHAT example_export.png
+      - name: Smoke tests for generated exe (stdin)
+        if: runner.os != 'Windows'
+        run: |
+          dist/${{ matrix.EXE }} - < example_export.txt
+      - name: Load Release URL File from release job
+        if: startsWith(github.ref, 'refs/tags/v')
+        uses: actions/download-artifact@v5
+        with:
+          name: release_url
+      - name: Load Release Id File from release job
+        if: startsWith(github.ref, 'refs/tags/v')
+        uses: actions/download-artifact@v5
+        with:
+          name: release_id
+      - name: Display structure of files
+        run: ls -R
+      - name: Set meta data
+        id: meta
+        if: startsWith(github.ref, 'refs/tags/v')
+        shell: bash
+        run: |
+          echo "release_id=$(cat release_id.txt)" >> $GITHUB_OUTPUT
+          echo "upload_url=https://uploads.github.com/repos/scito/extract_otp_secrets/releases/$(cat release_id.txt)/assets?name=" >> $GITHUB_OUTPUT
+      - name: Upload EXE to artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ matrix.EXE }}
+          path: dist/${{ matrix.EXE }}
+      - name: Upload DMG to artifacts
+        uses: actions/upload-artifact@v4
+        if: runner.os == 'macOS'
+        with:
+          name: ${{ matrix.DMG }}
+          path: dist/${{ matrix.DMG }}
+      - name: Upload Release Asset
+        id: upload-release-asset
+        if: matrix.UPLOAD && startsWith(github.ref, 'refs/tags/v')
+        run: |
+          curl -X POST -H "Accept: application/vnd.github+json" -H "Content-Type: ${{ matrix.ASSET_MIME }}" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --show-error --data-binary @dist/${{ matrix.EXE }} ${{ steps.meta.outputs.upload_url }}=${{ matrix.ASSET_NAME }}
+      - name: Upload Release Asset DMG (macOS)
+        id: upload-release-asset-dmg
+        if: false && matrix.UPLOAD && startsWith(github.ref, 'refs/tags/v') && runner.os == 'macOS'
+        run: |
+          curl -X POST -H "Accept: application/vnd.github+json" -H "Content-Type: ${{ matrix.ASSET_MIME }}" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --show-error --data-binary @dist/${{ matrix.DMG }} ${{ steps.meta.outputs.upload_url }}=${{ matrix.ASSET_NAME_DMG }}
+
+  upload-hashes:
+    name: Upload hashes
+    if: startsWith(github.ref, 'refs/tags/v')
+    needs:
+      - build-linux-executable-in-docker
+      - build-native-executables
+    runs-on: ubuntu-latest
+    steps:
+      - name: Load Release Id File from release job
+        uses: actions/download-artifact@v5
+        with:
+          name: release_id
+      - name: Set meta data
+        id: meta
+        run: |
+          echo "release_id=$(cat release_id.txt)" >> $GITHUB_OUTPUT
+          echo "upload_url=https://uploads.github.com/repos/scito/extract_otp_secrets/releases/$(cat release_id.txt)/assets?name=" >> $GITHUB_OUTPUT
+      - name: Calculate and upload hashes from assets
+        run: |
+          GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+          for asset_url in $(curl \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer $GITHUB_TOKEN"\
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            --silent \
+            --show-error \
+            https://api.github.com/repos/scito/extract_otp_secrets/releases/${{ steps.meta.outputs.release_id }}/assets |
+          jq -r '.[].url'); do
+              echo "Download $asset_url"
+              name=$(curl \
+                  -H "Accept: application/vnd.github+json" \
+                  -H "Authorization: Bearer $GITHUB_TOKEN"\
+                  -H "X-GitHub-Api-Version: 2022-11-28" \
+                  --output-dir assets \
+                  -L \
+                  $asset_url |
+                  jq -r '.name')
+              curl \
+                  -H "Accept: application/octet-stream" \
+                  -H "Authorization: Bearer $GITHUB_TOKEN"\
+                  -H "X-GitHub-Api-Version: 2022-11-28" \
+                  --create-dirs \
+                  --output-dir assets \
+                  -L \
+                  -o $name \
+                  $asset_url
+          done
+          (cd assets/ && sha256sum * > ../sha256_hashes.txt)
+          curl -X POST -H "Accept: application/vnd.github+json" -H "Content-Type: text/plain" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --show-error --data-binary @sha256_hashes.txt ${{ steps.meta.outputs.upload_url }}=sha256_hashes.txt
+
+          (cd assets/ && sha512sum * > ../sha512_hashes.txt)
+          curl -X POST -H "Accept: application/vnd.github+json" -H "Content-Type: text/plain" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --show-error --data-binary @sha512_hashes.txt ${{ steps.meta.outputs.upload_url }}=sha512_hashes.txt
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,74 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "master" ]
+  schedule:
+    - cron: '25 19 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'python' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines.
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{matrix.language}}"
--- a/.gitignore
+++ b/.gitignore
@@ -9,7 +9,38 @@ venv/
 !example_output.csv
 !.github/
 !.flake8
-.vscode
-!.vscode/settings.json
+!.vscode/
 !.devcontainer/
 !.devcontainer/*.json
+*.whl
+build/
+dist/
+*.egg-info/
+*.xml
+pytest-coverage.txt
+tests/reports/
+dist_*/
+
+file_version_info_python.txt
+file_version_info_explorer.txt
+file_version_info.txt
+assets/*
+extract_otp_secrets_linux_arm64.spec
+extract_otp_secrets_linux_x86_64_bullseye.spec
+extract_otp_secrets_linux_x86_64_bookworm.spec
+extract_otp_secrets_linux_x86_64.spec
+extract_otp_secrets.spec
+test.txt
+extract_otp_secrets.build/
+extract_otp_secrets.dist/
+extract_otp_secrets.onefile-build/
+extract_otp_secrets.bin
+# Devenv
+.devenv*
+devenv.local.nix
+
+# direnv
+.direnv
+
+# pre-commit
+.pre-commit-config.yaml
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -0,0 +1,7 @@
+{
+    "recommendations": [
+        "ms-python.python",
+        "ms-python.isort",
+        "tamasfe.even-better-toml",
+    ]
+}
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -0,0 +1,39 @@
+{
+    // Use IntelliSense to learn about possible attributes.
+    // Hover to view descriptions of existing attributes.
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Python: extract_otp_secrets.py",
+            "type": "python",
+            "request": "launch",
+            "program": "src/extract_otp_secrets.py",
+            "args": [
+                "example_export.txt"
+            ],
+            "console": "integratedTerminal"
+        },
+        {
+            "name": "Python: extract_otp_secrets.py stdin pic",
+            "type": "python",
+            "request": "launch",
+            "program": "src/extract_otp_secrets.py",
+            "args": [
+                "-",
+                "<",
+                "test/test_googleauth_export.png",
+            ],
+            "console": "integratedTerminal"
+        },
+        {
+            "name": "Python: extract_otp_secrets.py capture",
+            "type": "python",
+            "request": "launch",
+            "program": "src/extract_otp_secrets.py",
+            "args": [
+            ],
+            "console": "integratedTerminal"
+        },
+    ]
+}
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -16,5 +16,9 @@
        "qrcode",
        "TOTP",
        "venv"
-    ]
+    ],
+    "search.exclude": {
+        "**/build": true,
+        "**/dist": true
+      },
 }
--- a/20
+++ b/20
@@ -4,12 +4,28 @@ verify_ssl = true
 name = "pypi"

 [packages]
+colorama = "0.4.6"
+opencv-contrib-python = "*"
+numpy = "2.3.5"
+# for macOS: opencv-contrib-python = "<=4.7.0"
+pillow = "*"
+pyzbar = "*"
 protobuf = "*"
 qrcode = "*"
-pillow = "*"
+qreader = "1.3.2"

 [dev-packages]
+build = "*"
+flake8 = "*"
+gfm-toc = "*"
+mypy = "*"
+mypy-protobuf = "*"
+nuitka = "*"
+pylint = "*"
 pytest = "*"
+pytest-cov = "*"
+pytest-mock = "*"
+types-protobuf = "*"

 [requires]
-python_version = "3.10"
+python_version = "3.14"
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -1,11 +1,11 @@
 {
    "_meta": {
        "hash": {
-            "sha256": "360af7adfda239c3869ca72b8c07e4d53b66dc3c83c38dc304a175fe408f6737"
+            "sha256": "4f9e58825e5552f28ded7c17fbe0d3546970bf18fa9c1a866adcc7e9d67f5d5b"
        },
        "pipfile-spec": 6,
        "requires": {
-            "python_version": "3.10"
+            "python_version": "3.14"
        },
        "sources": [
            {
@@ -16,161 +16,844 @@
        ]
    },
    "default": {
-        "pillow": {
+        "colorama": {
            "hashes": [
-                "sha256:0030fdbd926fb85844b8b92e2f9449ba89607231d3dd597a21ae72dc7fe26927",
-                "sha256:030e3460861488e249731c3e7ab59b07c7853838ff3b8e16aac9561bb345da14",
-                "sha256:0ed2c4ef2451de908c90436d6e8092e13a43992f1860275b4d8082667fbb2ffc",
-                "sha256:136659638f61a251e8ed3b331fc6ccd124590eeff539de57c5f80ef3a9594e58",
-                "sha256:13b725463f32df1bfeacbf3dd197fb358ae8ebcd8c5548faa75126ea425ccb60",
-                "sha256:1536ad017a9f789430fb6b8be8bf99d2f214c76502becc196c6f2d9a75b01b76",
-                "sha256:15928f824870535c85dbf949c09d6ae7d3d6ac2d6efec80f3227f73eefba741c",
-                "sha256:17d4cafe22f050b46d983b71c707162d63d796a1235cdf8b9d7a112e97b15bac",
-                "sha256:1802f34298f5ba11d55e5bb09c31997dc0c6aed919658dfdf0198a2fe75d5490",
-                "sha256:1cc1d2451e8a3b4bfdb9caf745b58e6c7a77d2e469159b0d527a4554d73694d1",
-                "sha256:1fd6f5e3c0e4697fa7eb45b6e93996299f3feee73a3175fa451f49a74d092b9f",
-                "sha256:254164c57bab4b459f14c64e93df11eff5ded575192c294a0c49270f22c5d93d",
-                "sha256:2ad0d4df0f5ef2247e27fc790d5c9b5a0af8ade9ba340db4a73bb1a4a3e5fb4f",
-                "sha256:2c58b24e3a63efd22554c676d81b0e57f80e0a7d3a5874a7e14ce90ec40d3069",
-                "sha256:2d33a11f601213dcd5718109c09a52c2a1c893e7461f0be2d6febc2879ec2402",
-                "sha256:336b9036127eab855beec9662ac3ea13a4544a523ae273cbf108b228ecac8437",
-                "sha256:337a74fd2f291c607d220c793a8135273c4c2ab001b03e601c36766005f36885",
-                "sha256:37ff6b522a26d0538b753f0b4e8e164fdada12db6c6f00f62145d732d8a3152e",
-                "sha256:3d1f14f5f691f55e1b47f824ca4fdcb4b19b4323fe43cc7bb105988cad7496be",
-                "sha256:4134d3f1ba5f15027ff5c04296f13328fecd46921424084516bdb1b2548e66ff",
-                "sha256:4ad2f835e0ad81d1689f1b7e3fbac7b01bb8777d5a985c8962bedee0cc6d43da",
-                "sha256:50dff9cc21826d2977ef2d2a205504034e3a4563ca6f5db739b0d1026658e004",
-                "sha256:510cef4a3f401c246cfd8227b300828715dd055463cdca6176c2e4036df8bd4f",
-                "sha256:5aed7dde98403cd91d86a1115c78d8145c83078e864c1de1064f52e6feb61b20",
-                "sha256:69bd1a15d7ba3694631e00df8de65a8cb031911ca11f44929c97fe05eb9b6c1d",
-                "sha256:6bf088c1ce160f50ea40764f825ec9b72ed9da25346216b91361eef8ad1b8f8c",
-                "sha256:6e8c66f70fb539301e064f6478d7453e820d8a2c631da948a23384865cd95544",
-                "sha256:74a04183e6e64930b667d321524e3c5361094bb4af9083db5c301db64cd341f3",
-                "sha256:75e636fd3e0fb872693f23ccb8a5ff2cd578801251f3a4f6854c6a5d437d3c04",
-                "sha256:7761afe0126d046974a01e030ae7529ed0ca6a196de3ec6937c11df0df1bc91c",
-                "sha256:7888310f6214f19ab2b6df90f3f06afa3df7ef7355fc025e78a3044737fab1f5",
-                "sha256:7b0554af24df2bf96618dac71ddada02420f946be943b181108cac55a7a2dcd4",
-                "sha256:7c7b502bc34f6e32ba022b4a209638f9e097d7a9098104ae420eb8186217ebbb",
-                "sha256:808add66ea764ed97d44dda1ac4f2cfec4c1867d9efb16a33d158be79f32b8a4",
-                "sha256:831e648102c82f152e14c1a0938689dbb22480c548c8d4b8b248b3e50967b88c",
-                "sha256:93689632949aff41199090eff5474f3990b6823404e45d66a5d44304e9cdc467",
-                "sha256:96b5e6874431df16aee0c1ba237574cb6dff1dcb173798faa6a9d8b399a05d0e",
-                "sha256:9a54614049a18a2d6fe156e68e188da02a046a4a93cf24f373bffd977e943421",
-                "sha256:a138441e95562b3c078746a22f8fca8ff1c22c014f856278bdbdd89ca36cff1b",
-                "sha256:a647c0d4478b995c5e54615a2e5360ccedd2f85e70ab57fbe817ca613d5e63b8",
-                "sha256:a9c9bc489f8ab30906d7a85afac4b4944a572a7432e00698a7239f44a44e6efb",
-                "sha256:ad2277b185ebce47a63f4dc6302e30f05762b688f8dc3de55dbae4651872cdf3",
-                "sha256:adabc0bce035467fb537ef3e5e74f2847c8af217ee0be0455d4fec8adc0462fc",
-                "sha256:b6d5e92df2b77665e07ddb2e4dbd6d644b78e4c0d2e9272a852627cdba0d75cf",
-                "sha256:bc431b065722a5ad1dfb4df354fb9333b7a582a5ee39a90e6ffff688d72f27a1",
-                "sha256:bdd0de2d64688ecae88dd8935012c4a72681e5df632af903a1dca8c5e7aa871a",
-                "sha256:c79698d4cd9318d9481d89a77e2d3fcaeff5486be641e60a4b49f3d2ecca4e28",
-                "sha256:cb6259196a589123d755380b65127ddc60f4c64b21fc3bb46ce3a6ea663659b0",
-                "sha256:d5b87da55a08acb586bad5c3aa3b86505f559b84f39035b233d5bf844b0834b1",
-                "sha256:dcd7b9c7139dc8258d164b55696ecd16c04607f1cc33ba7af86613881ffe4ac8",
-                "sha256:dfe4c1fedfde4e2fbc009d5ad420647f7730d719786388b7de0999bf32c0d9fd",
-                "sha256:ea98f633d45f7e815db648fd7ff0f19e328302ac36427343e4432c84432e7ff4",
-                "sha256:ec52c351b35ca269cb1f8069d610fc45c5bd38c3e91f9ab4cbbf0aebc136d9c8",
-                "sha256:eef7592281f7c174d3d6cbfbb7ee5984a671fcd77e3fc78e973d492e9bf0eb3f",
-                "sha256:f07f1f00e22b231dd3d9b9208692042e29792d6bd4f6639415d2f23158a80013",
-                "sha256:f3fac744f9b540148fa7715a435d2283b71f68bfb6d4aae24482a890aed18b59",
-                "sha256:fa768eff5f9f958270b081bb33581b4b569faabf8774726b283edb06617101dc",
-                "sha256:fac2d65901fb0fdf20363fbd345c01958a742f2dc62a8dd4495af66e3ff502a4"
+                "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44",
+                "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"
            ],
            "index": "pypi",
-            "version": "==9.2.0"
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6'",
+            "version": "==0.4.6"
+        },
+        "numpy": {
+            "hashes": [
+                "sha256:00dc4e846108a382c5869e77c6ed514394bdeb3403461d25a829711041217d5b",
+                "sha256:0472f11f6ec23a74a906a00b48a4dcf3849209696dff7c189714511268d103ae",
+                "sha256:04822c00b5fd0323c8166d66c701dc31b7fbd252c100acd708c48f763968d6a3",
+                "sha256:052e8c42e0c49d2575621c158934920524f6c5da05a1d3b9bab5d8e259e045f0",
+                "sha256:09a1bea522b25109bf8e6f3027bd810f7c1085c64a0c7ce050c1676ad0ba010b",
+                "sha256:0cd00b7b36e35398fa2d16af7b907b65304ef8bb4817a550e06e5012929830fa",
+                "sha256:0d8163f43acde9a73c2a33605353a4f1bc4798745a8b1d73183b28e5b435ae28",
+                "sha256:1062fde1dcf469571705945b0f221b73928f34a20c904ffb45db101907c3454e",
+                "sha256:11e06aa0af8c0f05104d56450d6093ee639e15f24ecf62d417329d06e522e017",
+                "sha256:17531366a2e3a9e30762c000f2c43a9aaa05728712e25c11ce1dbe700c53ad41",
+                "sha256:1978155dd49972084bd6ef388d66ab70f0c323ddee6f693d539376498720fb7e",
+                "sha256:1ed1ec893cff7040a02c8aa1c8611b94d395590d553f6b53629a4461dc7f7b63",
+                "sha256:2dcd0808a421a482a080f89859a18beb0b3d1e905b81e617a188bd80422d62e9",
+                "sha256:2e2eb32ddb9ccb817d620ac1d8dae7c3f641c1e5f55f531a33e8ab97960a75b8",
+                "sha256:2feae0d2c91d46e59fcd62784a3a83b3fb677fead592ce51b5a6fbb4f95965ff",
+                "sha256:3095bdb8dd297e5920b010e96134ed91d852d81d490e787beca7e35ae1d89cf7",
+                "sha256:30bc11310e8153ca664b14c5f1b73e94bd0503681fcf136a163de856f3a50139",
+                "sha256:3101e5177d114a593d79dd79658650fe28b5a0d8abeb8ce6f437c0e6df5be1a4",
+                "sha256:396084a36abdb603546b119d96528c2f6263921c50df3c8fd7cb28873a237748",
+                "sha256:3997b5b3c9a771e157f9aae01dd579ee35ad7109be18db0e85dbdbe1de06e952",
+                "sha256:414802f3b97f3c1eef41e530aaba3b3c1620649871d8cb38c6eaff034c2e16bd",
+                "sha256:51c1e14eb1e154ebd80e860722f9e6ed6ec89714ad2db2d3aa33c31d7c12179b",
+                "sha256:51c55fe3451421f3a6ef9a9c1439e82101c57a2c9eab9feb196a62b1a10b58ce",
+                "sha256:5ee6609ac3604fa7780e30a03e5e241a7956f8e2fcfe547d51e3afa5247ac47f",
+                "sha256:612a95a17655e213502f60cfb9bf9408efdc9eb1d5f50535cc6eb365d11b42b5",
+                "sha256:6203fdf9f3dc5bdaed7319ad8698e685c7a3be10819f41d32a0723e611733b42",
+                "sha256:63c0e9e7eea69588479ebf4a8a270d5ac22763cc5854e9a7eae952a3908103f7",
+                "sha256:66f85ce62c70b843bab1fb14a05d5737741e74e28c7b8b5a064de10142fad248",
+                "sha256:6cf9b429b21df6b99f4dee7a1218b8b7ffbbe7df8764dc0bd60ce8a0708fed1e",
+                "sha256:70b37199913c1bd300ff6e2693316c6f869c7ee16378faf10e4f5e3275b299c3",
+                "sha256:727fd05b57df37dc0bcf1a27767a3d9a78cbbc92822445f32cc3436ba797337b",
+                "sha256:74ae7b798248fe62021dbf3c914245ad45d1a6b0cb4a29ecb4b31d0bfbc4cc3e",
+                "sha256:784db1dcdab56bf0517743e746dfb0f885fc68d948aba86eeec2cba234bdf1c0",
+                "sha256:86945f2ee6d10cdfd67bcb4069c1662dd711f7e2a4343db5cecec06b87cf31aa",
+                "sha256:86d835afea1eaa143012a2d7a3f45a3adce2d7adc8b4961f0b362214d800846a",
+                "sha256:872a5cf366aec6bb1147336480fef14c9164b154aeb6542327de4970282cd2f5",
+                "sha256:8b973c57ff8e184109db042c842423ff4f60446239bd585a5131cc47f06f789d",
+                "sha256:8cba086a43d54ca804ce711b2a940b16e452807acebe7852ff327f1ecd49b0d4",
+                "sha256:8f7f0e05112916223d3f438f293abf0727e1181b5983f413dfa2fefc4098245c",
+                "sha256:900218e456384ea676e24ea6a0417f030a3b07306d29d7ad843957b40a9d8d52",
+                "sha256:93eebbcf1aafdf7e2ddd44c2923e2672e1010bddc014138b229e49725b4d6be5",
+                "sha256:9c75442b2209b8470d6d5d8b1c25714270686f14c749028d2199c54e29f20b4d",
+                "sha256:9ee2197ef8c4f0dfe405d835f3b6a14f5fee7782b5de51ba06fb65fc9b36e9f1",
+                "sha256:a414504bef8945eae5f2d7cb7be2d4af77c5d1cb5e20b296c2c25b61dff2900c",
+                "sha256:a4b9159734b326535f4dd01d947f919c6eefd2d9827466a696c44ced82dfbc18",
+                "sha256:a80afd79f45f3c4a7d341f13acbe058d1ca8ac017c165d3fa0d3de6bc1a079d7",
+                "sha256:aa5bc7c5d59d831d9773d1170acac7893ce3a5e130540605770ade83280e7188",
+                "sha256:acfd89508504a19ed06ef963ad544ec6664518c863436306153e13e94605c218",
+                "sha256:aeffcab3d4b43712bb7a60b65f6044d444e75e563ff6180af8f98dd4b905dfd2",
+                "sha256:afaffc4393205524af9dfa400fa250143a6c3bc646c08c9f5e25a9f4b4d6a903",
+                "sha256:b0c7088a73aef3d687c4deef8452a3ac7c1be4e29ed8bf3b366c8111128ac60c",
+                "sha256:b46b4ec24f7293f23adcd2d146960559aaf8020213de8ad1909dba6c013bf89c",
+                "sha256:b501b5fa195cc9e24fe102f21ec0a44dffc231d2af79950b451e0d99cea02234",
+                "sha256:bf06bc2af43fa8d32d30fae16ad965663e966b1a3202ed407b84c989c3221e82",
+                "sha256:c804e3a5aba5460c73955c955bdbd5c08c354954e9270a2c1565f62e866bdc39",
+                "sha256:c8a9958e88b65c3b27e22ca2a076311636850b612d6bbfb76e8d156aacde2aaf",
+                "sha256:cc0a57f895b96ec78969c34f682c602bf8da1a0270b09bc65673df2e7638ec20",
+                "sha256:cc8920d2ec5fa99875b670bb86ddeb21e295cb07aa331810d9e486e0b969d946",
+                "sha256:ccc933afd4d20aad3c00bcef049cb40049f7f196e0397f1109dba6fed63267b0",
+                "sha256:ce581db493ea1a96c0556360ede6607496e8bf9b3a8efa66e06477267bc831e9",
+                "sha256:d0f23b44f57077c1ede8c5f26b30f706498b4862d3ff0a7298b8411dd2f043ff",
+                "sha256:d21644de1b609825ede2f48be98dfde4656aefc713654eeee280e37cadc4e0ad",
+                "sha256:d6889ec4ec662a1a37eb4b4fb26b6100841804dac55bd9df579e326cdc146227",
+                "sha256:de5672f4a7b200c15a4127042170a694d4df43c992948f5e1af57f0174beed10",
+                "sha256:e6a0bc88393d65807d751a614207b7129a310ca4fe76a74e5c7da5fa5671417e",
+                "sha256:ed89927b86296067b4f81f108a2271d8926467a8868e554eaf370fc27fa3ccaf",
+                "sha256:ee3888d9ff7c14604052b2ca5535a30216aa0a58e948cdd3eeb8d3415f638769",
+                "sha256:f0963b55cdd70fad460fa4c1341f12f976bb26cb66021a5580329bd498988310",
+                "sha256:f16417ec91f12f814b10bafe79ef77e70113a2f5f7018640e7425ff979253425",
+                "sha256:f28620fe26bee16243be2b7b874da327312240a7cdc38b769a697578d2100013",
+                "sha256:f4255143f5160d0de972d28c8f9665d882b5f61309d8362fdd3e103cf7bf010c",
+                "sha256:ffac52f28a7849ad7576293c0cb7b9f08304e8f7d738a8cb8a90ec4c55a998eb",
+                "sha256:ffe22d2b05504f786c867c8395de703937f934272eb67586817b46188b4ded6d",
+                "sha256:fffe29a1ef00883599d1dc2c51aa2e5d80afe49523c261a74933df395c15c520"
+            ],
+            "index": "pypi",
+            "markers": "python_version >= '3.11'",
+            "version": "==2.3.5"
+        },
+        "opencv-contrib-python": {
+            "hashes": [
+                "sha256:194841c664ceaa0692410b4ed0af557425608e33db3a181ded28b87acb66748d",
+                "sha256:4ff773dab44911da366b906621c9592d4eb96f6ad3777098933a23f064aab38e",
+                "sha256:654758a9ae8ca9a75fca7b64b19163636534f0eedffe1e14c3d7218988625c8d",
+                "sha256:c47c0ef1098461cdc6fa1cdce4c942b8ec974c87423f4b5951443d26bb9ae407",
+                "sha256:d911cedc511d98f79994580b245d59fc97f57f0f9923a99945d8b92c7ac671f6",
+                "sha256:e10a293af18aa5f842d012fa14e87345b3ee06db4c29bd592ff94b51f7ffca2b",
+                "sha256:f21034bc8b00eb286a0a0a92b99767bf596bfe426cf4bc2e79647d64ad0dd6da"
+            ],
+            "index": "pypi",
+            "markers": "python_version >= '3.6'",
+            "version": "==4.11.0.86"
+        },
+        "opencv-python": {
+            "hashes": [
+                "sha256:03d60ccae62304860d232272e4a4fda93c39d595780cb40b161b310244b736a4",
+                "sha256:085ad9b77c18853ea66283e98affefe2de8cc4c1f43eda4c100cf9b2721142ec",
+                "sha256:1b92ae2c8852208817e6776ba1ea0d6b1e0a1b5431e971a2a0ddd2a8cc398202",
+                "sha256:432f67c223f1dc2824f5e73cdfcd9db0efc8710647d4e813012195dc9122a52a",
+                "sha256:6b02611523803495003bd87362db3e1d2a0454a6a63025dc6658a9830570aa0d",
+                "sha256:810549cb2a4aedaa84ad9a1c92fbfdfc14090e2749cedf2c1589ad8359aa169b",
+                "sha256:9d05ef13d23fe97f575153558653e2d6e87103995d54e6a35db3f282fe1f9c66"
+            ],
+            "markers": "python_version >= '3.6'",
+            "version": "==4.11.0.86"
+        },
+        "pillow": {
+            "hashes": [
+                "sha256:0869154a2d0546545cde61d1789a6524319fc1897d9ee31218eae7a60ccc5643",
+                "sha256:09f2d0abef9e4e2f349305a4f8cc784a8a6c2f58a8c4892eea13b10a943bd26e",
+                "sha256:0b817e7035ea7f6b942c13aa03bb554fc44fea70838ea21f8eb31c638326584e",
+                "sha256:0fd00cac9c03256c8b2ff58f162ebcd2587ad3e1f2e397eab718c47e24d231cc",
+                "sha256:110486b79f2d112cf6add83b28b627e369219388f64ef2f960fef9ebaf54c642",
+                "sha256:1979f4566bb96c1e50a62d9831e2ea2d1211761e5662afc545fa766f996632f6",
+                "sha256:1ac11e8ea4f611c3c0147424eae514028b5e9077dd99ab91e1bd7bc33ff145e1",
+                "sha256:1b1b133e6e16105f524a8dec491e0586d072948ce15c9b914e41cdadd209052b",
+                "sha256:1ee80a59f6ce048ae13cda1abf7fbd2a34ab9ee7d401c46be3ca685d1999a399",
+                "sha256:21f241bdd5080a15bc86d3466a9f6074a9c2c2b314100dd896ac81ee6db2f1ba",
+                "sha256:266cd5f2b63ff316d5a1bba46268e603c9caf5606d44f38c2873c380950576ad",
+                "sha256:26d9f7d2b604cd23aba3e9faf795787456ac25634d82cd060556998e39c6fa47",
+                "sha256:27f95b12453d165099c84f8a8bfdfd46b9e4bda9e0e4b65f0635430027f55739",
+                "sha256:2c54c1a783d6d60595d3514f0efe9b37c8808746a66920315bfd34a938d7994b",
+                "sha256:2fa5f0b6716fc88f11380b88b31fe591a06c6315e955c096c35715788b339e3f",
+                "sha256:32ed80ea8a90ee3e6fa08c21e2e091bba6eda8eccc83dbc34c95169507a91f10",
+                "sha256:3830c769decf88f1289680a59d4f4c46c72573446352e2befec9a8512104fa52",
+                "sha256:38df9b4bfd3db902c9c2bd369bcacaf9d935b2fff73709429d95cc41554f7b3d",
+                "sha256:3adfb466bbc544b926d50fe8f4a4e6abd8c6bffd28a26177594e6e9b2b76572b",
+                "sha256:3e42edad50b6909089750e65c91aa09aaf1e0a71310d383f11321b27c224ed8a",
+                "sha256:4078242472387600b2ce8d93ade8899c12bf33fa89e55ec89fe126e9d6d5d9e9",
+                "sha256:455247ac8a4cfb7b9bc45b7e432d10421aea9fc2e74d285ba4072688a74c2e9d",
+                "sha256:4cc6b3b2efff105c6a1656cfe59da4fdde2cda9af1c5e0b58529b24525d0a098",
+                "sha256:4cf7fed4b4580601c4345ceb5d4cbf5a980d030fd5ad07c4d2ec589f95f09905",
+                "sha256:5193fde9a5f23c331ea26d0cf171fbf67e3f247585f50c08b3e205c7aeb4589b",
+                "sha256:5269cc1caeedb67e6f7269a42014f381f45e2e7cd42d834ede3c703a1d915fe3",
+                "sha256:53561a4ddc36facb432fae7a9d8afbfaf94795414f5cdc5fc52f28c1dca90371",
+                "sha256:55f818bd74fe2f11d4d7cbc65880a843c4075e0ac7226bc1a23261dbea531953",
+                "sha256:58eea5ebe51504057dd95c5b77d21700b77615ab0243d8152793dc00eb4faf01",
+                "sha256:5d5c411a8eaa2299322b647cd932586b1427367fd3184ffbb8f7a219ea2041ca",
+                "sha256:6846bd2d116ff42cba6b646edf5bf61d37e5cbd256425fa089fee4ff5c07a99e",
+                "sha256:6ace95230bfb7cd79ef66caa064bbe2f2a1e63d93471c3a2e1f1348d9f22d6b7",
+                "sha256:6e51b71417049ad6ab14c49608b4a24d8fb3fe605e5dfabfe523b58064dc3d27",
+                "sha256:71db6b4c1653045dacc1585c1b0d184004f0d7e694c7b34ac165ca70c0838082",
+                "sha256:7438839e9e053ef79f7112c881cef684013855016f928b168b81ed5835f3e75e",
+                "sha256:759de84a33be3b178a64c8ba28ad5c135900359e85fb662bc6e403ad4407791d",
+                "sha256:792a2c0be4dcc18af9d4a2dfd8a11a17d5e25274a1062b0ec1c2d79c76f3e7f8",
+                "sha256:7d87ef5795da03d742bf49439f9ca4d027cde49c82c5371ba52464aee266699a",
+                "sha256:7dfb439562f234f7d57b1ac6bc8fe7f838a4bd49c79230e0f6a1da93e82f1fad",
+                "sha256:7fa22993bac7b77b78cae22bad1e2a987ddf0d9015c63358032f84a53f23cdc3",
+                "sha256:805ebf596939e48dbb2e4922a1d3852cfc25c38160751ce02da93058b48d252a",
+                "sha256:82240051c6ca513c616f7f9da06e871f61bfd7805f566275841af15015b8f98d",
+                "sha256:87d4f8125c9988bfbed67af47dd7a953e2fc7b0cc1e7800ec6d2080d490bb353",
+                "sha256:8d8ca2b210ada074d57fcee40c30446c9562e542fc46aedc19baf758a93532ee",
+                "sha256:8dc232e39d409036af549c86f24aed8273a40ffa459981146829a324e0848b4b",
+                "sha256:90387104ee8400a7b4598253b4c406f8958f59fcf983a6cea2b50d59f7d63d0b",
+                "sha256:905b0365b210c73afb0ebe9101a32572152dfd1c144c7e28968a331b9217b94a",
+                "sha256:99353a06902c2e43b43e8ff74ee65a7d90307d82370604746738a1e0661ccca7",
+                "sha256:99a7f72fb6249302aa62245680754862a44179b545ded638cf1fef59befb57ef",
+                "sha256:9f0b04c6b8584c2c193babcccc908b38ed29524b29dd464bc8801bf10d746a3a",
+                "sha256:9fe611163f6303d1619bbcb653540a4d60f9e55e622d60a3108be0d5b441017a",
+                "sha256:a3475b96f5908b3b16c47533daaa87380c491357d197564e0ba34ae75c0f3257",
+                "sha256:a6597ff2b61d121172f5844b53f21467f7082f5fb385a9a29c01414463f93b07",
+                "sha256:a7921c5a6d31b3d756ec980f2f47c0cfdbce0fc48c22a39347a895f41f4a6ea4",
+                "sha256:aa5129de4e174daccbc59d0a3b6d20eaf24417d59851c07ebb37aeb02947987c",
+                "sha256:aeaefa96c768fc66818730b952a862235d68825c178f1b3ffd4efd7ad2edcb7c",
+                "sha256:afbefa430092f71a9593a99ab6a4e7538bc9eabbf7bf94f91510d3503943edc4",
+                "sha256:aff9e4d82d082ff9513bdd6acd4f5bd359f5b2c870907d2b0a9c5e10d40c88fe",
+                "sha256:b22bd8c974942477156be55a768f7aa37c46904c175be4e158b6a86e3a6b7ca8",
+                "sha256:b290fd8aa38422444d4b50d579de197557f182ef1068b75f5aa8558638b8d0a5",
+                "sha256:b2e4b27a6e15b04832fe9bf292b94b5ca156016bbc1ea9c2c20098a0320d6cf6",
+                "sha256:b583dc9070312190192631373c6c8ed277254aa6e6084b74bdd0a6d3b221608e",
+                "sha256:b87843e225e74576437fd5b6a4c2205d422754f84a06942cfaf1dc32243e45a8",
+                "sha256:bc91a56697869546d1b8f0a3ff35224557ae7f881050e99f615e0119bf934b4e",
+                "sha256:bd87e140e45399c818fac4247880b9ce719e4783d767e030a883a970be632275",
+                "sha256:bde737cff1a975b70652b62d626f7785e0480918dece11e8fef3c0cf057351c3",
+                "sha256:bdee52571a343d721fb2eb3b090a82d959ff37fc631e3f70422e0c2e029f3e76",
+                "sha256:bee2a6db3a7242ea309aa7ee8e2780726fed67ff4e5b40169f2c940e7eb09227",
+                "sha256:beeae3f27f62308f1ddbcfb0690bf44b10732f2ef43758f169d5e9303165d3f9",
+                "sha256:c50f36a62a22d350c96e49ad02d0da41dbd17ddc2e29750dbdba4323f85eb4a5",
+                "sha256:c607c90ba67533e1b2355b821fef6764d1dd2cbe26b8c1005ae84f7aea25ff79",
+                "sha256:c7b2a63fd6d5246349f3d3f37b14430d73ee7e8173154461785e43036ffa96ca",
+                "sha256:c828a1ae702fc712978bda0320ba1b9893d99be0badf2647f693cc01cf0f04fa",
+                "sha256:c85de1136429c524e55cfa4e033b4a7940ac5c8ee4d9401cc2d1bf48154bbc7b",
+                "sha256:c98fa880d695de164b4135a52fd2e9cd7b7c90a9d8ac5e9e443a24a95ef9248e",
+                "sha256:cae81479f77420d217def5f54b5b9d279804d17e982e0f2fa19b1d1e14ab5197",
+                "sha256:d034140032870024e6b9892c692fe2968493790dd57208b2c37e3fb35f6df3ab",
+                "sha256:d120c38a42c234dc9a8c5de7ceaaf899cf33561956acb4941653f8bdc657aa79",
+                "sha256:d4827615da15cd59784ce39d3388275ec093ae3ee8d7f0c089b76fa87af756c2",
+                "sha256:d49e2314c373f4c2b39446fb1a45ed333c850e09d0c59ac79b72eb3b95397363",
+                "sha256:d52610d51e265a51518692045e372a4c363056130d922a7351429ac9f27e70b0",
+                "sha256:d64317d2587c70324b79861babb9c09f71fbb780bad212018874b2c013d8600e",
+                "sha256:d77153e14b709fd8b8af6f66a3afbb9ed6e9fc5ccf0b6b7e1ced7b036a228782",
+                "sha256:d7e091d464ac59d2c7ad8e7e08105eaf9dafbc3883fd7265ffccc2baad6ac925",
+                "sha256:dd333073e0cacdc3089525c7df7d39b211bcdf31fc2824e49d01c6b6187b07d0",
+                "sha256:e5d8efac84c9afcb40914ab49ba063d94f5dbdf5066db4482c66a992f47a3a3b",
+                "sha256:f135c702ac42262573fe9714dfe99c944b4ba307af5eb507abef1667e2cbbced",
+                "sha256:f13711b1a5ba512d647a0e4ba79280d3a9a045aaf7e0cc6fbe96b91d4cdf6b0c",
+                "sha256:f4f1231b7dec408e8670264ce63e9c71409d9583dd21d32c163e25213ee2a344",
+                "sha256:fa3ed2a29a9e9d2d488b4da81dcb54720ac3104a20bf0bd273f1e4648aff5af9",
+                "sha256:fb3096c30df99fd01c7bf8e544f392103d0795b9f98ba71a8054bcbf56b255f1"
+            ],
+            "index": "pypi",
+            "markers": "python_version >= '3.10'",
+            "version": "==12.0.0"
        },
        "protobuf": {
            "hashes": [
-                "sha256:011c0f267e85f5d73750b6c25f0155d5db1e9443cd3590ab669a6221dd8fcdb0",
-                "sha256:3ec6f5b37935406bb9df9b277e79f8ed81d697146e07ef2ba8a5a272fb24b2c9",
-                "sha256:5310cbe761e87f0c1decce019d23f2101521d4dfff46034f8a12a53546036ec7",
-                "sha256:5e0b272217aad8971763960238c1a1e6a65d50ef7824e23300da97569a251c55",
-                "sha256:5e0ce02418ef03d7657a420ae8fd6fec4995ac713a3cb09164e95f694dbcf085",
-                "sha256:5eb0724615e90075f1d763983e708e1cef08e66b1891d8b8b6c33bc3b2f1a02b",
-                "sha256:7b6f22463e2d1053d03058b7b4ceca6e4ed4c14f8c286c32824df751137bf8e7",
-                "sha256:a7faa62b183d6a928e3daffd06af843b4287d16ef6e40f331575ecd236a7974d",
-                "sha256:b04484d6f42f48c57dd2737a72692f4c6987529cdd148fb5b8e5f616862a2e37",
-                "sha256:b52e7a522911a40445a5f588bd5b5e584291bfc5545e09b7060685e4b2ff814f",
-                "sha256:bf711b451212dc5b0fa45ae7dada07d8e71a4b0ff0bc8e4783ee145f47ac4f82",
-                "sha256:e5c5a2886ae48d22a9d32fbb9b6636a089af3cd26b706750258ce1ca96cc0116",
-                "sha256:eb1106e87e095628e96884a877a51cdb90087106ee693925ec0a300468a9be3a",
-                "sha256:ee04f5823ed98bb9a8c3b1dc503c49515e0172650875c3f76e225b223793a1f2"
+                "sha256:1f8017c48c07ec5859106533b682260ba3d7c5567b1ca1f24297ce03384d1b4f",
+                "sha256:2981c58f582f44b6b13173e12bb8656711189c2a70250845f264b877f00b1913",
+                "sha256:56dc370c91fbb8ac85bc13582c9e373569668a290aa2e66a590c2a0d35ddb9e4",
+                "sha256:7109dcc38a680d033ffb8bf896727423528db9163be1b6a02d6a49606dcadbfe",
+                "sha256:7636aad9bb01768870266de5dc009de2d1b936771b38a793f73cbbf279c91c5c",
+                "sha256:87eb388bd2d0f78febd8f4c8779c79247b26a5befad525008e49a6955787ff3d",
+                "sha256:8cd7640aee0b7828b6d03ae518b5b4806fdfc1afe8de82f79c3454f8aef29872",
+                "sha256:b5d3b5625192214066d99b2b605f5783483575656784de223f00a8d00754fc0e",
+                "sha256:d9b19771ca75935b3a4422957bc518b0cecb978b31d1dd12037b088f6bcc0e43",
+                "sha256:fc2a0e8b05b180e5fc0dd1559fe8ebdae21a27e81ac77728fb6c42b12c7419b4"
            ],
            "index": "pypi",
-            "version": "==4.21.5"
+            "markers": "python_version >= '3.9'",
+            "version": "==6.33.2"
+        },
+        "pyzbar": {
+            "hashes": [
+                "sha256:13e3ee5a2f3a545204a285f41814d5c0db571967e8d4af8699a03afc55182a9c",
+                "sha256:4559628b8192feb25766d954b36a3753baaf5c97c03135aec7e4a026036b475d",
+                "sha256:8f4c5264c9c7c6b9f20d01efc52a4eba1ded47d9ba857a94130afe33703eb518"
+            ],
+            "index": "pypi",
+            "version": "==0.1.9"
        },
        "qrcode": {
            "hashes": [
-                "sha256:375a6ff240ca9bd41adc070428b5dfc1dcfbb0f2507f1ac848f6cded38956578"
+                "sha256:16e64e0716c14960108e85d853062c9e8bba5ca8252c0b4d0231b9df4060ff4f",
+                "sha256:35c3f2a4172b33136ab9f6b3ef1c00260dd2f66f858f24d88418a015f446506c"
            ],
            "index": "pypi",
-            "version": "==7.3.1"
+            "markers": "python_version >= '3.9' and python_version < '4.0'",
+            "version": "==8.2"
+        },
+        "qreader": {
+            "hashes": [
+                "sha256:f96d2879c9f47f9641da55dc3e1df765cd4d6f1cfbc8b7fa811b70c1e27d4fba"
+            ],
+            "index": "pypi",
+            "version": "==1.3.2"
        }
    },
    "develop": {
-        "attrs": {
+        "astroid": {
            "hashes": [
-                "sha256:29adc2665447e5191d0e7c568fde78b21f9672d344281d0c6e1ab085429b22b6",
-                "sha256:86efa402f67bf2df34f51a335487cf46b1ec130d02b8d39fd248abfd30da551c"
+                "sha256:ac8fb7ca1c08eb9afec91ccc23edbd8ac73bb22cbdd7da1d488d9fb8d6579070",
+                "sha256:d7546c00a12efc32650b19a2bb66a153883185d3179ab0d4868086f807338b9b"
            ],
-            "markers": "python_version >= '3.5'",
-            "version": "==22.1.0"
+            "markers": "python_full_version >= '3.10.0'",
+            "version": "==4.0.2"
+        },
+        "build": {
+            "hashes": [
+                "sha256:698edd0ea270bde950f53aed21f3a0135672206f3911e0176261a31e0e07b397",
+                "sha256:7145f0b5061ba90a1500d60bd1b13ca0a8a4cebdd0cc16ed8adf1c0e739f43b4"
+            ],
+            "index": "pypi",
+            "markers": "python_version >= '3.9'",
+            "version": "==1.3.0"
+        },
+        "colorama": {
+            "hashes": [
+                "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44",
+                "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6'",
+            "version": "==0.4.6"
+        },
+        "coverage": {
+            "extras": [
+                "toml"
+            ],
+            "hashes": [
+                "sha256:004cdcea3457c0ea3233622cd3464c1e32ebba9b41578421097402bee6461b63",
+                "sha256:0542ddf6107adbd2592f29da9f59f5d9cff7947b5bb4f734805085c327dcffaa",
+                "sha256:05fd3fb6edff0c98874d752013588836f458261e5eba587afe4c547bba544afd",
+                "sha256:074e6a5cd38e06671580b4d872c1a67955d4e69639e4b04e87fc03b494c1f060",
+                "sha256:07bc7745c945a6d95676953e86ba7cebb9f11de7773951c387f4c07dc76d03f5",
+                "sha256:08c0bcf932e47795c49f0406054824b9d45671362dfc4269e0bc6e4bff010704",
+                "sha256:097acc18bedf2c6e3144eaf09b5f6034926c3c9bb9e10574ffd0942717232507",
+                "sha256:0c986537abca9b064510f3fd104ba33e98d3036608c7f2f5537f869bc10e1ee5",
+                "sha256:0dba4da36730e384669e05b765a2c49f39514dd3012fcc0398dd66fba8d746d5",
+                "sha256:0e920567f8c3a3ce68ae5a42cf7c2dc4bb6cc389f18bff2235dd8c03fa405de5",
+                "sha256:0f59387f5e6edbbffec2281affb71cdc85e0776c1745150a3ab9b6c1d016106b",
+                "sha256:12d821de7408292530b0d241468b698bce18dd12ecaf45316149f53877885f8c",
+                "sha256:13b2066303a1c1833c654d2af0455bb009b6e1727b3883c9964bc5c2f643c1d0",
+                "sha256:1410bac9e98afd9623f53876fae7d8a5db9f5a0ac1c9e7c5188463cb4b3212e2",
+                "sha256:1451464fd855d9bd000c19b71bb7dafea9ab815741fb0bd9e813d9b671462d6f",
+                "sha256:149eccc85d48c8f06547534068c41d69a1a35322deaa4d69ba1561e2e9127e75",
+                "sha256:1e33d0bebf895c7a0905fcfaff2b07ab900885fc78bba2a12291a2cfbab014cc",
+                "sha256:200bb89fd2a8a07780eafcdff6463104dec459f3c838d980455cfa84f5e5e6e1",
+                "sha256:2376e8a9c889016f25472c452389e98bc6e54a19570b107e27cde9d47f387b64",
+                "sha256:28c5251b3ab1d23e66f1130ca0c419747edfbcb4690de19467cd616861507af7",
+                "sha256:2ec27a7a991d229213c8070d31e3ecf44d005d96a9edc30c78eaeafaa421c001",
+                "sha256:305716afb19133762e8cf62745c46c4853ad6f9eeba54a593e373289e24ea237",
+                "sha256:31663572f20bf3406d7ac00d6981c7bbbcec302539d26b5ac596ca499664de31",
+                "sha256:3224c7baf34e923ffc78cb45e793925539d640d42c96646db62dbd61bbcfa131",
+                "sha256:351511ae28e2509c8d8cae5311577ea7dd511ab8e746ffc8814a0896c3d33fbe",
+                "sha256:385977d94fc155f8731c895accdfcc3dd0d9dd9ef90d102969df95d3c637ab80",
+                "sha256:39764c6167c82d68a2d8c97c33dba45ec0ad9172570860e12191416f4f8e6e1b",
+                "sha256:3e33a968672be1394eded257ec10d4acbb9af2ae263ba05a99ff901bb863557e",
+                "sha256:4234914b8c67238a3c4af2bba648dc716aa029ca44d01f3d51536d44ac16854f",
+                "sha256:426559f105f644b69290ea414e154a0d320c3ad8a2bb75e62884731f69cf8e2c",
+                "sha256:465695268414e149bab754c54b0c45c8ceda73dd4a5c3ba255500da13984b16d",
+                "sha256:4bec8c7160688bd5a34e65c82984b25409563134d63285d8943d0599efbc448e",
+                "sha256:4c5627429f7fbff4f4131cfdd6abd530734ef7761116811a707b88b7e205afd7",
+                "sha256:4ca5f876bf41b24378ee67c41d688155f0e54cdc720de8ef9ad6544005899240",
+                "sha256:4d4ca49f5ba432b0755ebb0fc3a56be944a19a16bb33802264bbc7311622c0d1",
+                "sha256:4ebcddfcdfb4c614233cff6e9a3967a09484114a8b2e4f2c7a62dc83676ba13f",
+                "sha256:4f2bb4ee8dd40f9b2a80bb4adb2aecece9480ba1fa60d9382e8c8e0bd558e2eb",
+                "sha256:56f909a40d68947ef726ce6a34eb38f0ed241ffbe55c5007c64e616663bcbafc",
+                "sha256:5b771b59ac0dfb7f139f70c85b42717ef400a6790abb6475ebac1ecee8de782f",
+                "sha256:603c4414125fc9ae9000f17912dcfd3d3eb677d4e360b85206539240c96ea76e",
+                "sha256:60ca149a446da255d56c2a7a813b51a80d9497a62250532598d249b3cdb1a926",
+                "sha256:68c4eb92997dbaaf839ea13527be463178ac0ddd37a7ac636b8bc11a51af2428",
+                "sha256:6bb599052a974bb6cedfa114f9778fedfad66854107cf81397ec87cb9b8fbcf2",
+                "sha256:6f033dec603eea88204589175782290a038b436105a8f3637a81c4359df27832",
+                "sha256:72c8b494bd20ae1c58528b97c4a67d5cfeafcb3845c73542875ecd43924296de",
+                "sha256:77ffb3b7704eb7b9b3298a01fe4509cef70117a52d50bcba29cffc5f53dd326a",
+                "sha256:84b892e968164b7a0498ddc5746cdf4e985700b902128421bb5cec1080a6ee36",
+                "sha256:86d27d2dd7c7c5a44710565933c7dc9cd70e65ef97142e260d16d555667deef7",
+                "sha256:876a3ee7fd2613eb79602e4cdb39deb6b28c186e76124c3f29e580099ec21a87",
+                "sha256:8bba7e4743e37484ae17d5c3b8eb1ce78b564cb91b7ace2e2182b25f0f764cb5",
+                "sha256:8d16bbe566e16a71d123cd66382c1315fcd520c7573652a8074a8fe281b38c6a",
+                "sha256:8d264402fc179776d43e557e1ca4a7d953020d3ee95f7ec19cc2c9d769277f06",
+                "sha256:8f067ada2c333609b52835ca4d4868645d3b63ac04fb2b9a658c55bba7f667d3",
+                "sha256:8f4cbfff5cf01fa07464439a8510affc9df281535f41a1f5312fbd2b59b4ab5c",
+                "sha256:900580bc99c145e2561ea91a2d207e639171870d8a18756eb57db944a017d4bb",
+                "sha256:9061a3e3c92b27fd8036dafa26f25d95695b6aa2e4514ab16a254f297e664f83",
+                "sha256:90a96fcd824564eae6137ec2563bd061d49a32944858d4bdbae5c00fb10e76ac",
+                "sha256:9245bd392572b9f799261c4c9e7216bafc9405537d0f4ce3ad93afe081a12dc9",
+                "sha256:9799bd6a910961cb666196b8583ed0ee125fa225c6fdee2cbf00232b861f29d2",
+                "sha256:9a1d577c20b4334e5e814c3d5fe07fa4a8c3ae42a601945e8d7940bab811d0bd",
+                "sha256:a6b17c2b5e0b9bb7702449200f93e2d04cb04b1414c41424c08aa1e5d352da76",
+                "sha256:a730cd0824e8083989f304e97b3f884189efb48e2151e07f57e9e138ab104200",
+                "sha256:a8258f10059b5ac837232c589a350a2df4a96406d6d5f2a09ec587cbdd539655",
+                "sha256:ab6212e62ea0e1006531a2234e209607f360d98d18d532c2fa8e403c1afbdd71",
+                "sha256:abb903ffe46bd319d99979cdba350ae7016759bb69f47882242f7b93f3356055",
+                "sha256:abcea3b5f0dc44e1d01c27090bc32ce6ffb7aa665f884f1890710454113ea902",
+                "sha256:ac5d5329c9c942bbe6295f4251b135d860ed9f86acd912d418dce186de7c19ac",
+                "sha256:adb9b7b42c802bd8cb3927de8c1c26368ce50c8fdaa83a9d8551384d77537044",
+                "sha256:ae12fe90b00b71a71b69f513773310782ce01d5f58d2ceb2b7c595ab9d222094",
+                "sha256:b5cd111d3ab7390be0c07ad839235d5ad54d2ca497b5f5db86896098a77180a4",
+                "sha256:bb9d7efdb063903b3fdf77caec7b77c3066885068bdc0d44bc1b0c171033f944",
+                "sha256:c0a3b6e32457535df0d41d2d895da46434706dd85dbaf53fbc0d3bd7d914b362",
+                "sha256:c381a252317f63ca0179d2c7918e83b99a4ff3101e1b24849b999a00f9cd4f86",
+                "sha256:c713c1c528284d636cd37723b0b4c35c11190da6f932794e145fc40f8210a14a",
+                "sha256:c8be5bfcdc7832011b2652db29ed7672ce9d353dd19bce5272ca33dbcf60aaa8",
+                "sha256:c8f563b245b4ddb591e99f28e3cd140b85f114b38b7f95b2e42542f0603eb7d7",
+                "sha256:ca90ef33a152205fb6f2f0c1f3e55c50df4ef049bb0940ebba666edd4cdebc55",
+                "sha256:d60bf4d7f886989ddf80e121a7f4d140d9eac91f1d2385ce8eb6bda93d563297",
+                "sha256:d8750dd20362a1b80e3cf84f58013d4672f89663aee457ea59336df50fab6739",
+                "sha256:dd9ca2d44ed8018c90efb72f237a2a140325a4c3339971364d758e78b175f58e",
+                "sha256:e22539b676fafba17f0a90ac725f029a309eb6e483f364c86dcadee060429d46",
+                "sha256:e2a96fdc7643c9517a317553aca13b5cae9bad9a5f32f4654ce247ae4d321405",
+                "sha256:e5f4bfac975a2138215a38bda599ef00162e4143541cf7dd186da10a7f8e69f1",
+                "sha256:e8feeb5e8705835f0622af0fe7ff8d5cb388948454647086494d6c41ec142c2e",
+                "sha256:eb5069074db19a534de3859c43eec78e962d6d119f637c41c8e028c5ab3f59dd",
+                "sha256:f0b4101e2b3c6c352ff1f70b3a6fcc7c17c1ab1a91ccb7a33013cb0782af9820",
+                "sha256:f761dbcf45e9416ec4698e1a7649248005f0064ce3523a47402d1bff4af2779e",
+                "sha256:f9c96a29c6d65bd36a91f5634fef800212dff69dacdb44345c4c9783943ab0df",
+                "sha256:fb58da65e3339b3dbe266b607bb936efb983d86b00b03eb04c4ad5b442c58428",
+                "sha256:fbffc22d80d86fbe456af9abb17f7a7766e7b2101f7edaacc3535501691563f7",
+                "sha256:fdc5255eb4815babcdf236fa1a806ccb546724c8a9b129fd1ea4a5448a0bf07c",
+                "sha256:fe3425dc6021f906c6325d3c415e048e7cdb955505a94f1eb774dafc779ba203"
+            ],
+            "markers": "python_version >= '3.10'",
+            "version": "==7.11.3"
+        },
+        "dill": {
+            "hashes": [
+                "sha256:0633f1d2df477324f53a895b02c901fb961bdbf65a17122586ea7019292cbcf0",
+                "sha256:44f54bf6412c2c8464c14e8243eb163690a9800dbe2c367330883b19c7561049"
+            ],
+            "markers": "python_version >= '3.8'",
+            "version": "==0.4.0"
+        },
+        "flake8": {
+            "hashes": [
+                "sha256:b9696257b9ce8beb888cdbe31cf885c90d31928fe202be0889a7cdafad32f01e",
+                "sha256:fe044858146b9fc69b551a4b490d69cf960fcb78ad1edcb84e7fbb1b4a8e3872"
+            ],
+            "index": "pypi",
+            "markers": "python_version >= '3.9'",
+            "version": "==7.3.0"
+        },
+        "gfm-toc": {
+            "hashes": [
+                "sha256:247af7267a6cbbdd4213f8383157997bcb07e39e819db737bd2dbfbdb94ee7ae",
+                "sha256:c53ed0e2cd400e89051377017ca98c11c9cef628b2effddf787db4fc19ff343d"
+            ],
+            "index": "pypi",
+            "version": "==0.0.7"
        },
        "iniconfig": {
            "hashes": [
-                "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3",
-                "sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32"
+                "sha256:c76315c77db068650d49c5b56314774a7804df16fee4402c1f19d6d15d8c4730",
+                "sha256:f631c04d2c48c52b84d0d0549c99ff3859c98df65b3101406327ecc7d53fbf12"
            ],
-            "version": "==1.1.1"
+            "markers": "python_version >= '3.10'",
+            "version": "==2.3.0"
+        },
+        "isort": {
+            "hashes": [
+                "sha256:1bcabac8bc3c36c7fb7b98a76c8abb18e0f841a3ba81decac7691008592499c1",
+                "sha256:5513527951aadb3ac4292a41a16cbc50dd1642432f5e8c20057d414bdafb4187"
+            ],
+            "markers": "python_full_version >= '3.10.0'",
+            "version": "==7.0.0"
+        },
+        "librt": {
+            "hashes": [
+                "sha256:04f8ce401d4f6380cfc42af0f4e67342bf34c820dae01343f58f472dbac75dcf",
+                "sha256:05f385a414de3f950886ea0aad8f109650d4b712cf9cc14cc17f5f62a9ab240b",
+                "sha256:0765b0fe0927d189ee14b087cd595ae636bef04992e03fe6dfdaa383866c8a46",
+                "sha256:078cd77064d1640cb7b0650871a772956066174d92c8aeda188a489b58495179",
+                "sha256:09262cb2445b6f15d09141af20b95bb7030c6f13b00e876ad8fdd1a9045d6aa5",
+                "sha256:0c74c26736008481c9f6d0adf1aedb5a52aff7361fea98276d1f965c0256ee70",
+                "sha256:0e0f2b79993fec23a685b3e8107ba5f8675eeae286675a216da0b09574fa1e47",
+                "sha256:10a95ad074e2a98c9e4abc7f5b7d40e5ecbfa84c04c6ab8a70fabf59bd429b88",
+                "sha256:14b345eb7afb61b9fdcdfda6738946bd11b8e0f6be258666b0646af3b9bb5916",
+                "sha256:17000df14f552e86877d67e4ab7966912224efc9368e998c96a6974a8d609bf9",
+                "sha256:1b51ba7d9d5d9001494769eca8c0988adce25d0a970c3ba3f2eb9df9d08036fc",
+                "sha256:1ef42ff4edd369e84433ce9b188a64df0837f4f69e3d34d3b34d4955c599d03f",
+                "sha256:25b1b60cb059471c0c0c803e07d0dfdc79e41a0a122f288b819219ed162672a3",
+                "sha256:26b8026393920320bb9a811b691d73c5981385d537ffc5b6e22e53f7b65d4122",
+                "sha256:324462fe7e3896d592b967196512491ec60ca6e49c446fe59f40743d08c97917",
+                "sha256:349b6873ebccfc24c9efd244e49da9f8a5c10f60f07575e248921aae2123fc42",
+                "sha256:36a8e337461150b05ca2c7bdedb9e591dfc262c5230422cea398e89d0c746cdc",
+                "sha256:36b2ec8c15030002c7f688b4863e7be42820d7c62d9c6eece3db54a2400f0530",
+                "sha256:38320386a48a15033da295df276aea93a92dfa94a862e06893f75ea1d8bbe89d",
+                "sha256:3ac2a7835434b31def8ed5355dd9b895bbf41642d61967522646d1d8b9681106",
+                "sha256:3caa0634c02d5ff0b2ae4a28052e0d8c5f20d497623dc13f629bd4a9e2a6efad",
+                "sha256:3e84a4121a7ae360ca4da436548a9c1ca8ca134a5ced76c893cc5944426164bd",
+                "sha256:3f0e4bd9bcb0ee34fa3dbedb05570da50b285f49e52c07a241da967840432513",
+                "sha256:4018904c83eab49c814e2494b4e22501a93cdb6c9f9425533fe693c3117126f9",
+                "sha256:408a36ddc75e91918cb15b03460bdc8a015885025d67e68c6f78f08c3a88f522",
+                "sha256:45660d26569cc22ed30adf583389d8a0d1b468f8b5e518fcf9bfe2cd298f9dd1",
+                "sha256:4aa4a93a353ccff20df6e34fa855ae8fd788832c88f40a9070e3ddd3356a9f0e",
+                "sha256:4bca9e4c260233fba37b15c4ec2f78aa99c1a79fbf902d19dd4a763c5c3fb751",
+                "sha256:514f3f363d1ebc423357d36222c37e5c8e6674b6eae8d7195ac9a64903722057",
+                "sha256:54f3b2177fb892d47f8016f1087d21654b44f7fc4cf6571c1c6b3ea531ab0fcf",
+                "sha256:57705e8eec76c5b77130d729c0f70190a9773366c555c5457c51eace80afd873",
+                "sha256:5cc22f7f5c0cc50ed69f4b15b9c51d602aabc4500b433aaa2ddd29e578f452f7",
+                "sha256:61348cc488b18d1b1ff9f3e5fcd5ac43ed22d3e13e862489d2267c2337285c08",
+                "sha256:64645b757d617ad5f98c08e07620bc488d4bced9ced91c6279cec418f16056fa",
+                "sha256:669ff2495728009a96339c5ad2612569c6d8be4474e68f3f3ac85d7c3261f5f5",
+                "sha256:6bac97e51f66da2ca012adddbe9fd656b17f7368d439de30898f24b39512f40f",
+                "sha256:6d46aa46aa29b067f0b8b84f448fd9719aaf5f4c621cc279164d76a9dc9ab3e8",
+                "sha256:71f0a5918aebbea1e7db2179a8fe87e8a8732340d9e8b8107401fb407eda446e",
+                "sha256:74418f718083009108dc9a42c21bf2e4802d49638a1249e13677585fcc9ca176",
+                "sha256:760c25ed6ac968e24803eb5f7deb17ce026902d39865e83036bacbf5cf242aa8",
+                "sha256:822ca79e28720a76a935c228d37da6579edef048a17cd98d406a2484d10eda78",
+                "sha256:86605d5bac340beb030cbc35859325982a79047ebdfba1e553719c7126a2389d",
+                "sha256:87597e3d57ec0120a3e1d857a708f80c02c42ea6b00227c728efbc860f067c45",
+                "sha256:8983c5c06ac9c990eac5eb97a9f03fe41dc7e9d7993df74d9e8682a1056f596c",
+                "sha256:8c659f9fb8a2f16dc4131b803fa0144c1dadcb3ab24bb7914d01a6da58ae2457",
+                "sha256:8e695f25d1a425ad7a272902af8ab8c8d66c1998b177e4b5f5e7b4e215d0c88a",
+                "sha256:8f8ed5053ef9fb08d34f1fd80ff093ccbd1f67f147633a84cf4a7d9b09c0f089",
+                "sha256:92267f865c7bbd12327a0d394666948b9bf4b51308b52947c0cc453bfa812f5d",
+                "sha256:98e4bbecbef8d2a60ecf731d735602feee5ac0b32117dbbc765e28b054bac912",
+                "sha256:9e716f9012148a81f02f46a04fc4c663420c6fbfeacfac0b5e128cf43b4413d3",
+                "sha256:9f2a6623057989ebc469cd9cc8fe436c40117a0147627568d03f84aef7854c55",
+                "sha256:a218f85081fc3f70cddaed694323a1ad7db5ca028c379c214e3a7c11c0850523",
+                "sha256:aa346e202e6e1ebc01fe1c69509cffe486425884b96cb9ce155c99da1ecbe0e9",
+                "sha256:ad8ba80cdcea04bea7b78fcd4925bfbf408961e9d8397d2ee5d3ec121e20c08c",
+                "sha256:afb39550205cc5e5c935762c6bf6a2bb34f7d21a68eadb25e2db7bf3593fecc0",
+                "sha256:b2922a0e8fa97395553c304edc3bd36168d8eeec26b92478e292e5d4445c1ef0",
+                "sha256:b47395091e7e0ece1e6ebac9b98bf0c9084d1e3d3b2739aa566be7e56e3f7bf2",
+                "sha256:c0ecf4786ad0404b072196b5df774b1bb23c8aacdcacb6c10b4128bc7b00bd01",
+                "sha256:c5b31bed2c2f2fa1fcb4815b75f931121ae210dc89a3d607fb1725f5907f1437",
+                "sha256:c724a884e642aa2bbad52bb0203ea40406ad742368a5f90da1b220e970384aae",
+                "sha256:cb92741c2b4ea63c09609b064b26f7f5d9032b61ae222558c55832ec3ad0bcaf",
+                "sha256:ced0925a18fddcff289ef54386b2fc230c5af3c83b11558571124bfc485b8c07",
+                "sha256:cf1115207a5049d1f4b7b4b72de0e52f228d6c696803d94843907111cbf80610",
+                "sha256:d3c9a07eafdc70556f8c220da4a538e715668c0c63cabcc436a026e4e89950bf",
+                "sha256:d7769c579663a6f8dbf34878969ac71befa42067ce6bf78e6370bf0d1194997c",
+                "sha256:d8f89c8d20dfa648a3f0a56861946eb00e5b00d6b00eea14bc5532b2fcfa8ef1",
+                "sha256:d998b432ed9ffccc49b820e913c8f327a82026349e9c34fa3690116f6b70770f",
+                "sha256:dcbe48f6a03979384f27086484dc2a14959be1613cb173458bd58f714f2c48f3",
+                "sha256:e17b5b42c8045867ca9d1f54af00cc2275198d38de18545edaa7833d7e9e4ac8",
+                "sha256:e18875e17ef69ba7dfa9623f2f95f3eda6f70b536079ee6d5763ecdfe6cc9040",
+                "sha256:e61ab234624c9ffca0248a707feffe6fac2343758a36725d8eb8a6efef0f8c30",
+                "sha256:ecc2c526547eacd20cb9fbba19a5268611dbc70c346499656d6cf30fae328977",
+                "sha256:f33462b19503ba68d80dac8a1354402675849259fb3ebf53b67de86421735a3a",
+                "sha256:fbedeb9b48614d662822ee514567d2d49a8012037fc7b4cd63f282642c2f4b7d",
+                "sha256:fd98cacf4e0fabcd4005c452cb8a31750258a85cab9a59fb3559e8078da408d7",
+                "sha256:fdcd095b1b812d756fa5452aca93b962cf620694c0cadb192cec2bb77dcca9a2"
+            ],
+            "markers": "python_version >= '3.9'",
+            "version": "==0.6.3"
+        },
+        "mccabe": {
+            "hashes": [
+                "sha256:348e0240c33b60bbdf4e523192ef919f28cb2c3d7d5c7794f74009290f236325",
+                "sha256:6c2d30ab6be0e4a46919781807b4f0d834ebdd6c6e3dca0bda5a15f863427b6e"
+            ],
+            "markers": "python_version >= '3.6'",
+            "version": "==0.7.0"
+        },
+        "mypy": {
+            "hashes": [
+                "sha256:0c01c99d626380752e527d5ce8e69ffbba2046eb8a060db0329690849cf9b6f9",
+                "sha256:0dde5cb375cb94deff0d4b548b993bec52859d1651e073d63a1386d392a95495",
+                "sha256:0e3c3d1e1d62e678c339e7ade72746a9e0325de42cd2cccc51616c7b2ed1a018",
+                "sha256:0ea4fd21bb48f0da49e6d3b37ef6bd7e8228b9fe41bbf4d80d9364d11adbd43c",
+                "sha256:0fb3115cb8fa7c5f887c8a8d81ccdcb94cff334684980d847e5a62e926910e1d",
+                "sha256:11f7254c15ab3f8ed68f8e8f5cbe88757848df793e31c36aaa4d4f9783fd08ab",
+                "sha256:120cffe120cca5c23c03c77f84abc0c14c5d2e03736f6c312480020082f1994b",
+                "sha256:16f76ff3f3fd8137aadf593cb4607d82634fca675e8211ad75c43d86033ee6c6",
+                "sha256:1cf9c59398db1c68a134b0b5354a09a1e124523f00bacd68e553b8bd16ff3299",
+                "sha256:318ba74f75899b0e78b847d8c50821e4c9637c79d9a59680fc1259f29338cb3e",
+                "sha256:3210d87b30e6af9c8faed61be2642fcbe60ef77cec64fa1ef810a630a4cf671c",
+                "sha256:34ec1ac66d31644f194b7c163d7f8b8434f1b49719d403a5d26c87fff7e913f7",
+                "sha256:37af5166f9475872034b56c5efdcf65ee25394e9e1d172907b84577120714364",
+                "sha256:3ad925b14a0bb99821ff6f734553294aa6a3440a8cb082fe1f5b84dfb662afb1",
+                "sha256:510c014b722308c9bd377993bcbf9a07d7e0692e5fa8fc70e639c1eb19fc6bee",
+                "sha256:6016c52ab209919b46169651b362068f632efcd5eb8ef9d1735f6f86da7853b2",
+                "sha256:6148ede033982a8c5ca1143de34c71836a09f105068aaa8b7d5edab2b053e6c8",
+                "sha256:63ea6a00e4bd6822adbfc75b02ab3653a17c02c4347f5bb0cf1d5b9df3a05835",
+                "sha256:7686ed65dbabd24d20066f3115018d2dce030d8fa9db01aa9f0a59b6813e9f9e",
+                "sha256:7a500ab5c444268a70565e374fc803972bfd1f09545b13418a5174e29883dab7",
+                "sha256:8f44f2ae3c58421ee05fe609160343c25f70e3967f6e32792b5a78006a9d850f",
+                "sha256:a18d8abdda14035c5718acb748faec09571432811af129bf0d9e7b2d6699bf18",
+                "sha256:a31e4c28e8ddb042c84c5e977e28a21195d086aaffaf08b016b78e19c9ef8106",
+                "sha256:a9ac09e52bb0f7fb912f5d2a783345c72441a08ef56ce3e17c1752af36340a39",
+                "sha256:b9d491295825182fba01b6ffe2c6fe4e5a49dbf4e2bb4d1217b6ced3b4797bc6",
+                "sha256:c14a98bc63fd867530e8ec82f217dae29d0550c86e70debc9667fff1ec83284e",
+                "sha256:c3385246593ac2b97f155a0e9639be906e73534630f663747c71908dfbf26134",
+                "sha256:cabbee74f29aa9cd3b444ec2f1e4fa5a9d0d746ce7567a6a609e224429781f53",
+                "sha256:cb64b0ba5980466a0f3f9990d1c582bcab8db12e29815ecb57f1408d99b4bff7",
+                "sha256:cf7d84f497f78b682edd407f14a7b6e1a2212b433eedb054e2081380b7395aa3",
+                "sha256:e2c1101ab41d01303103ab6ef82cbbfedb81c1a060c868fa7cc013d573d37ab5",
+                "sha256:f188dcf16483b3e59f9278c4ed939ec0254aa8a60e8fc100648d9ab5ee95a431",
+                "sha256:f2e36bed3c6d9b5f35d28b63ca4b727cb0228e480826ffc8953d1892ddc8999d",
+                "sha256:f3e19e3b897562276bb331074d64c076dbdd3e79213f36eed4e592272dabd760",
+                "sha256:f6b874ca77f733222641e5c46e4711648c4037ea13646fd0cdc814c2eaec2528",
+                "sha256:f75e60aca3723a23511948539b0d7ed514dda194bc3755eae0bfc7a6b4887aa7",
+                "sha256:fc51a5b864f73a3a182584b1ac75c404396a17eced54341629d8bdcb644a5bba",
+                "sha256:fd4a985b2e32f23bead72e2fb4bbe5d6aceee176be471243bd831d5b2644672d"
+            ],
+            "index": "pypi",
+            "markers": "python_version >= '3.9'",
+            "version": "==1.19.0"
+        },
+        "mypy-extensions": {
+            "hashes": [
+                "sha256:1be4cccdb0f2482337c4743e60421de3a356cd97508abadd57d47403e94f5505",
+                "sha256:52e68efc3284861e772bbcd66823fde5ae21fd2fdb51c62a211403730b916558"
+            ],
+            "markers": "python_version >= '3.8'",
+            "version": "==1.1.0"
+        },
+        "mypy-protobuf": {
+            "hashes": [
+                "sha256:85256e9d4da935722ce8fbaa8d19397e1a2989aa8075c96577987de9fe7cea4d",
+                "sha256:912fb281f7c7b3e3a7c9b8695712618a716fddbab70f6ad63eaf68eda80c5efe"
+            ],
+            "index": "pypi",
+            "markers": "python_version >= '3.8'",
+            "version": "==3.7.0"
+        },
+        "nuitka": {
+            "hashes": [
+                "sha256:b178cd437f2110c46943b368db51d20d57d586a13f8f6323ab1be4e51e2fabf8"
+            ],
+            "index": "pypi",
+            "version": "==2.8.9"
+        },
+        "ordered-set": {
+            "hashes": [
+                "sha256:046e1132c71fcf3330438a539928932caf51ddbc582496833e23de611de14562",
+                "sha256:694a8e44c87657c59292ede72891eb91d34131f6531463aab3009191c77364a8"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==4.1.0"
        },
        "packaging": {
            "hashes": [
-                "sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb",
-                "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522"
+                "sha256:29572ef2b1f17581046b3a2227d5c611fb25ec70ca1ba8554b24b0e69331a484",
+                "sha256:d443872c98d677bf60f6a1f2f8c1cb748e8fe762d2bf9d3148b5599295b0fc4f"
            ],
-            "markers": "python_version >= '3.6'",
-            "version": "==21.3"
+            "markers": "python_version >= '3.8'",
+            "version": "==25.0"
+        },
+        "pathspec": {
+            "hashes": [
+                "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08",
+                "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712"
+            ],
+            "markers": "python_version >= '3.8'",
+            "version": "==0.12.1"
+        },
+        "platformdirs": {
+            "hashes": [
+                "sha256:70ddccdd7c99fc5942e9fc25636a8b34d04c24b335100223152c2803e4063312",
+                "sha256:e578a81bb873cbb89a41fcc904c7ef523cc18284b7e3b3ccf06aca1403b7ebd3"
+            ],
+            "markers": "python_version >= '3.10'",
+            "version": "==4.5.0"
        },
        "pluggy": {
            "hashes": [
-                "sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159",
-                "sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3"
+                "sha256:7dcc130b76258d33b90f61b658791dede3486c3e6bfb003ee5c9bfb396dd22f3",
+                "sha256:e920276dd6813095e9377c0bc5566d94c932c33b27a3e3945d8389c374dd4746"
            ],
-            "markers": "python_version >= '3.6'",
-            "version": "==1.0.0"
+            "markers": "python_version >= '3.9'",
+            "version": "==1.6.0"
        },
-        "py": {
+        "protobuf": {
            "hashes": [
-                "sha256:51c75c4126074b472f746a24399ad32f6053d1b34b68d2fa41e558e6f4a98719",
-                "sha256:607c53218732647dff4acdfcd50cb62615cedf612e72d1724fb1a0cc6405b378"
+                "sha256:023af8449482fa884d88b4563d85e83accab54138ae098924a985bcbb734a213",
+                "sha256:0f4cf01222c0d959c2b399142deb526de420be8236f22c71356e2a544e153c53",
+                "sha256:8fd7d5e0eb08cd5b87fd3df49bc193f5cfd778701f47e11d127d0afc6c39f1d1",
+                "sha256:923aa6d27a92bf44394f6abf7ea0500f38769d4b07f4be41cb52bd8b1123b9ed",
+                "sha256:97f65757e8d09870de6fd973aeddb92f85435607235d20b2dfed93405d00c85b",
+                "sha256:d595a9fd694fdeb061a62fbe10eb039cc1e444df81ec9bb70c7fc59ebcb1eafa",
+                "sha256:df051de4fd7e5e4371334e234c62ba43763f15ab605579e04c7008c05735cd82",
+                "sha256:f8adba2e44cde2d7618996b3fc02341f03f5bc3f2748be72dc7b063319276178",
+                "sha256:f8d3fdbc966aaab1d05046d0240dd94d40f2a8c62856d41eaa141ff64a79de6b",
+                "sha256:fe34575f2bdde76ac429ec7b570235bf0c788883e70aee90068e9981806f2490"
            ],
-            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
-            "version": "==1.11.0"
+            "markers": "python_version >= '3.9'",
+            "version": "==6.33.1"
        },
-        "pyparsing": {
+        "pycodestyle": {
            "hashes": [
-                "sha256:2b020ecf7d21b687f219b71ecad3631f644a47f01403fa1d1036b0c6416d70fb",
-                "sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc"
+                "sha256:c4b5b517d278089ff9d0abdec919cd97262a3367449ea1c8b49b91529167b783",
+                "sha256:dd6bf7cb4ee77f8e016f9c8e74a35ddd9f67e1d5fd4184d86c3b98e07099f42d"
            ],
-            "markers": "python_full_version >= '3.6.8'",
-            "version": "==3.0.9"
+            "markers": "python_version >= '3.9'",
+            "version": "==2.14.0"
+        },
+        "pyflakes": {
+            "hashes": [
+                "sha256:b24f96fafb7d2ab0ec5075b7350b3d2d2218eab42003821c06344973d3ea2f58",
+                "sha256:f742a7dbd0d9cb9ea41e9a24a918996e8170c799fa528688d40dd582c8265f4f"
+            ],
+            "markers": "python_version >= '3.9'",
+            "version": "==3.4.0"
+        },
+        "pygments": {
+            "hashes": [
+                "sha256:636cb2477cec7f8952536970bc533bc43743542f70392ae026374600add5b887",
+                "sha256:86540386c03d588bb81d44bc3928634ff26449851e99741617ecb9037ee5ec0b"
+            ],
+            "markers": "python_version >= '3.8'",
+            "version": "==2.19.2"
+        },
+        "pylint": {
+            "hashes": [
+                "sha256:63e06a37d5922555ee2c20963eb42559918c20bd2b21244e4ef426e7c43b92e0",
+                "sha256:d9b71674e19b1c36d79265b5887bf8e55278cbe236c9e95d22dc82cf044fdbd2"
+            ],
+            "index": "pypi",
+            "markers": "python_full_version >= '3.10.0'",
+            "version": "==4.0.4"
+        },
+        "pyproject-hooks": {
+            "hashes": [
+                "sha256:1e859bd5c40fae9448642dd871adf459e5e2084186e8d2c2a79a824c970da1f8",
+                "sha256:9e5c6bfa8dcc30091c74b0cf803c81fdd29d94f01992a7707bc97babb1141913"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==1.2.0"
        },
        "pytest": {
            "hashes": [
-                "sha256:1377bda3466d70b55e3f5cecfa55bb7cfcf219c7964629b967c37cf0bda818b7",
-                "sha256:4f365fec2dff9c1162f834d9f18af1ba13062db0c708bf7b946f8a5c76180c39"
+                "sha256:3e9c069ea73583e255c3b21cf46b8d3c56f6e3a1a8f6da94ccb0fcf57b9d73c8",
+                "sha256:67be0030d194df2dfa7b556f2e56fb3c3315bd5c8822c6951162b92b32ce7dad"
            ],
            "index": "pypi",
-            "version": "==7.1.3"
+            "markers": "python_version >= '3.10'",
+            "version": "==9.0.1"
        },
-        "tomli": {
+        "pytest-cov": {
            "hashes": [
-                "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc",
-                "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f"
+                "sha256:33c97eda2e049a0c5298e91f519302a1334c26ac65c1a483d6206fd458361af1",
+                "sha256:3b8e9558b16cc1479da72058bdecf8073661c7f57f7d3c5f22a1c23507f2d861"
            ],
-            "markers": "python_version >= '3.7'",
-            "version": "==2.0.1"
+            "index": "pypi",
+            "markers": "python_version >= '3.9'",
+            "version": "==7.0.0"
+        },
+        "pytest-mock": {
+            "hashes": [
+                "sha256:0a25e2eb88fe5168d535041d09a4529a188176ae608a6d249ee65abc0949630d",
+                "sha256:1849a238f6f396da19762269de72cb1814ab44416fa73a8686deac10b0d87a0f"
+            ],
+            "index": "pypi",
+            "markers": "python_version >= '3.9'",
+            "version": "==3.15.1"
+        },
+        "tomlkit": {
+            "hashes": [
+                "sha256:430cf247ee57df2b94ee3fbe588e71d362a941ebb545dec29b53961d61add2a1",
+                "sha256:c89c649d79ee40629a9fda55f8ace8c6a1b42deb912b2a8fd8d942ddadb606b0"
+            ],
+            "markers": "python_version >= '3.8'",
+            "version": "==0.13.3"
+        },
+        "types-protobuf": {
+            "hashes": [
+                "sha256:641002611ff87dd9fedc38a39a29cacb9907ae5ce61489b53e99ca2074bef764",
+                "sha256:a15109d38f7cfefd2539ef86d3f93a6a41c7cad53924f8aa1a51eaddbb72a660"
+            ],
+            "index": "pypi",
+            "markers": "python_version >= '3.9'",
+            "version": "==6.32.1.20251105"
+        },
+        "typing-extensions": {
+            "hashes": [
+                "sha256:0cea48d173cc12fa28ecabc3b837ea3cf6f38c6d1136f85cbaaf598984861466",
+                "sha256:f0fa19c6845758ab08074a0cfa8b7aecb71c999ca73d62883bc25cc018c4e548"
+            ],
+            "markers": "python_version >= '3.9'",
+            "version": "==4.15.0"
+        },
+        "zstandard": {
+            "hashes": [
+                "sha256:011d388c76b11a0c165374ce660ce2c8efa8e5d87f34996aa80f9c0816698b64",
+                "sha256:01582723b3ccd6939ab7b3a78622c573799d5d8737b534b86d0e06ac18dbde4a",
+                "sha256:05353cef599a7b0b98baca9b068dd36810c3ef0f42bf282583f438caf6ddcee3",
+                "sha256:05df5136bc5a011f33cd25bc9f506e7426c0c9b3f9954f056831ce68f3b6689f",
+                "sha256:06acb75eebeedb77b69048031282737717a63e71e4ae3f77cc0c3b9508320df6",
+                "sha256:07b527a69c1e1c8b5ab1ab14e2afe0675614a09182213f21a0717b62027b5936",
+                "sha256:0bbc9a0c65ce0eea3c34a691e3c4b6889f5f3909ba4822ab385fab9057099431",
+                "sha256:0be7622c37c183406f3dbf0cba104118eb16a4ea7359eeb5752f0794882fc250",
+                "sha256:106281ae350e494f4ac8a80470e66d1fe27e497052c8d9c3b95dc4cf1ade81aa",
+                "sha256:10ef2a79ab8e2974e2075fb984e5b9806c64134810fac21576f0668e7ea19f8f",
+                "sha256:1673b7199bbe763365b81a4f3252b8e80f44c9e323fc42940dc8843bfeaf9851",
+                "sha256:172de1f06947577d3a3005416977cce6168f2261284c02080e7ad0185faeced3",
+                "sha256:181eb40e0b6a29b3cd2849f825e0fa34397f649170673d385f3598ae17cca2e9",
+                "sha256:1869da9571d5e94a85a5e8d57e4e8807b175c9e4a6294e3b66fa4efb074d90f6",
+                "sha256:19796b39075201d51d5f5f790bf849221e58b48a39a5fc74837675d8bafc7362",
+                "sha256:1cd5da4d8e8ee0e88be976c294db744773459d51bb32f707a0f166e5ad5c8649",
+                "sha256:1f3689581a72eaba9131b1d9bdbfe520ccd169999219b41000ede2fca5c1bfdb",
+                "sha256:1f830a0dac88719af0ae43b8b2d6aef487d437036468ef3c2ea59c51f9d55fd5",
+                "sha256:223415140608d0f0da010499eaa8ccdb9af210a543fac54bce15babbcfc78439",
+                "sha256:22a06c5df3751bb7dc67406f5374734ccee8ed37fc5981bf1ad7041831fa1137",
+                "sha256:22a086cff1b6ceca18a8dd6096ec631e430e93a8e70a9ca5efa7561a00f826fa",
+                "sha256:23ebc8f17a03133b4426bcc04aabd68f8236eb78c3760f12783385171b0fd8bd",
+                "sha256:25f8f3cd45087d089aef5ba3848cd9efe3ad41163d3400862fb42f81a3a46701",
+                "sha256:2b6bd67528ee8b5c5f10255735abc21aa106931f0dbaf297c7be0c886353c3d0",
+                "sha256:2e54296a283f3ab5a26fc9b8b5d4978ea0532f37b231644f367aa588930aa043",
+                "sha256:3756b3e9da9b83da1796f8809dd57cb024f838b9eeafde28f3cb472012797ac1",
+                "sha256:37daddd452c0ffb65da00620afb8e17abd4adaae6ce6310702841760c2c26860",
+                "sha256:3a39c94ad7866160a4a46d772e43311a743c316942037671beb264e395bdd611",
+                "sha256:3b870ce5a02d4b22286cf4944c628e0f0881b11b3f14667c1d62185a99e04f53",
+                "sha256:3c83b0188c852a47cd13ef3bf9209fb0a77fa5374958b8c53aaa699398c6bd7b",
+                "sha256:4203ce3b31aec23012d3a4cf4a2ed64d12fea5269c49aed5e4c3611b938e4088",
+                "sha256:457ed498fc58cdc12fc48f7950e02740d4f7ae9493dd4ab2168a47c93c31298e",
+                "sha256:474d2596a2dbc241a556e965fb76002c1ce655445e4e3bf38e5477d413165ffa",
+                "sha256:4b14abacf83dfb5c25eb4e4a79520de9e7e205f72c9ee7702f91233ae57d33a2",
+                "sha256:4b6d83057e713ff235a12e73916b6d356e3084fd3d14ced499d84240f3eecee0",
+                "sha256:4d441506e9b372386a5271c64125f72d5df6d2a8e8a2a45a0ae09b03cb781ef7",
+                "sha256:4f187a0bb61b35119d1926aee039524d1f93aaf38a9916b8c4b78ac8514a0aaf",
+                "sha256:51526324f1b23229001eb3735bc8c94f9c578b1bd9e867a0a646a3b17109f388",
+                "sha256:53e08b2445a6bc241261fea89d065536f00a581f02535f8122eba42db9375530",
+                "sha256:53f94448fe5b10ee75d246497168e5825135d54325458c4bfffbaafabcc0a577",
+                "sha256:5a56ba0db2d244117ed744dfa8f6f5b366e14148e00de44723413b2f3938a902",
+                "sha256:5f1ad7bf88535edcf30038f6919abe087f606f62c00a87d7e33e7fc57cb69fcc",
+                "sha256:5f5e4c2a23ca271c218ac025bd7d635597048b366d6f31f420aaeb715239fc98",
+                "sha256:6a573a35693e03cf1d67799fd01b50ff578515a8aeadd4595d2a7fa9f3ec002a",
+                "sha256:6c0e5a65158a7946e7a7affa6418878ef97ab66636f13353b8502d7ea03c8097",
+                "sha256:6dffecc361d079bb48d7caef5d673c88c8988d3d33fb74ab95b7ee6da42652ea",
+                "sha256:7030defa83eef3e51ff26f0b7bfb229f0204b66fe18e04359ce3474ac33cbc09",
+                "sha256:7149623bba7fdf7e7f24312953bcf73cae103db8cae49f8154dd1eadc8a29ecb",
+                "sha256:72d35d7aa0bba323965da807a462b0966c91608ef3a48ba761678cb20ce5d8b7",
+                "sha256:75ffc32a569fb049499e63ce68c743155477610532da1eb38e7f24bf7cd29e74",
+                "sha256:7713e1179d162cf5c7906da876ec2ccb9c3a9dcbdffef0cc7f70c3667a205f0b",
+                "sha256:78228d8a6a1c177a96b94f7e2e8d012c55f9c760761980da16ae7546a15a8e9b",
+                "sha256:7b3c3a3ab9daa3eed242d6ecceead93aebbb8f5f84318d82cee643e019c4b73b",
+                "sha256:809c5bcb2c67cd0ed81e9229d227d4ca28f82d0f778fc5fea624a9def3963f91",
+                "sha256:81dad8d145d8fd981b2962b686b2241d3a1ea07733e76a2f15435dfb7fb60150",
+                "sha256:85304a43f4d513f5464ceb938aa02c1e78c2943b29f44a750b48b25ac999a049",
+                "sha256:89c4b48479a43f820b749df49cd7ba2dbc2b1b78560ecb5ab52985574fd40b27",
+                "sha256:8e735494da3db08694d26480f1493ad2cf86e99bdd53e8e9771b2752a5c0246a",
+                "sha256:913cbd31a400febff93b564a23e17c3ed2d56c064006f54efec210d586171c00",
+                "sha256:9174f4ed06f790a6869b41cba05b43eeb9a35f8993c4422ab853b705e8112bbd",
+                "sha256:9300d02ea7c6506f00e627e287e0492a5eb0371ec1670ae852fefffa6164b072",
+                "sha256:933b65d7680ea337180733cf9e87293cc5500cc0eb3fc8769f4d3c88d724ec5c",
+                "sha256:9654dbc012d8b06fc3d19cc825af3f7bf8ae242226df5f83936cb39f5fdc846c",
+                "sha256:98750a309eb2f020da61e727de7d7ba3c57c97cf6213f6f6277bb7fb42a8e065",
+                "sha256:99c0c846e6e61718715a3c9437ccc625de26593fea60189567f0118dc9db7512",
+                "sha256:a1a4ae2dec3993a32247995bdfe367fc3266da832d82f8438c8570f989753de1",
+                "sha256:a3f79487c687b1fc69f19e487cd949bf3aae653d181dfb5fde3bf6d18894706f",
+                "sha256:a4089a10e598eae6393756b036e0f419e8c1d60f44a831520f9af41c14216cf2",
+                "sha256:a51ff14f8017338e2f2e5dab738ce1ec3b5a851f23b18c1ae1359b1eecbee6df",
+                "sha256:a5a419712cf88862a45a23def0ae063686db3d324cec7edbe40509d1a79a0aab",
+                "sha256:a9ec8c642d1ec73287ae3e726792dd86c96f5681eb8df274a757bf62b750eae7",
+                "sha256:aaf21ba8fb76d102b696781bddaa0954b782536446083ae3fdaa6f16b25a1c4b",
+                "sha256:ab85470ab54c2cb96e176f40342d9ed41e58ca5733be6a893b730e7af9c40550",
+                "sha256:b9af1fe743828123e12b41dd8091eca1074d0c1569cc42e6e1eee98027f2bbd0",
+                "sha256:bfc4e20784722098822e3eee42b8e576b379ed72cca4a7cb856ae733e62192ea",
+                "sha256:bfd06b1c5584b657a2892a6014c2f4c20e0db0208c159148fa78c65f7e0b0277",
+                "sha256:c19bcdd826e95671065f8692b5a4aa95c52dc7a02a4c5a0cac46deb879a017a2",
+                "sha256:c2ba942c94e0691467ab901fc51b6f2085ff48f2eea77b1a48240f011e8247c7",
+                "sha256:c8e167d5adf59476fa3e37bee730890e389410c354771a62e3c076c86f9f7778",
+                "sha256:ca54090275939dc8ec5dea2d2afb400e0f83444b2fc24e07df7fdef677110859",
+                "sha256:d7541afd73985c630bafcd6338d2518ae96060075f9463d7dc14cfb33514383d",
+                "sha256:d8c56bb4e6c795fc77d74d8e8b80846e1fb8292fc0b5060cd8131d522974b751",
+                "sha256:da469dc041701583e34de852d8634703550348d5822e66a0c827d39b05365b12",
+                "sha256:daab68faadb847063d0c56f361a289c4f268706b598afbf9ad113cbe5c38b6b2",
+                "sha256:e05ab82ea7753354bb054b92e2f288afb750e6b439ff6ca78af52939ebbc476d",
+                "sha256:e09bb6252b6476d8d56100e8147b803befa9a12cea144bbe629dd508800d1ad0",
+                "sha256:e29f0cf06974c899b2c188ef7f783607dbef36da4c242eb6c82dcd8b512855e3",
+                "sha256:e59fdc271772f6686e01e1b3b74537259800f57e24280be3f29c8a0deb1904dd",
+                "sha256:e7360eae90809efd19b886e59a09dad07da4ca9ba096752e61a2e03c8aca188e",
+                "sha256:e96594a5537722fdfb79951672a2a63aec5ebfb823e7560586f7484819f2a08f",
+                "sha256:ea9d54cc3d8064260114a0bbf3479fc4a98b21dffc89b3459edd506b69262f6e",
+                "sha256:ec996f12524f88e151c339688c3897194821d7f03081ab35d31d1e12ec975e94",
+                "sha256:f27662e4f7dbf9f9c12391cb37b4c4c3cb90ffbd3b1fb9284dadbbb8935fa708",
+                "sha256:f373da2c1757bb7f1acaf09369cdc1d51d84131e50d5fa9863982fd626466313",
+                "sha256:f5aeea11ded7320a84dcdd62a3d95b5186834224a9e55b92ccae35d21a8b63d4",
+                "sha256:f604efd28f239cc21b3adb53eb061e2a205dc164be408e553b41ba2ffe0ca15c",
+                "sha256:f67e8f1a324a900e75b5e28ffb152bcac9fbed1cc7b43f99cd90f395c4375344",
+                "sha256:fd7a5004eb1980d3cefe26b2685bcb0b17989901a70a1040d1ac86f1d898c551",
+                "sha256:ffef5a74088f1e09947aecf91011136665152e0b4b359c42be3373897fb39b01"
+            ],
+            "markers": "python_version >= '3.9'",
+            "version": "==0.25.0"
        }
    }
 }
--- a/README.md
+++ b/README.md
@@ -1,82 +1,512 @@
-# Extract TOTP/HOTP secret keys from Google Authenticator
+# Extract TOTP/HOTP secrets from QR codes exported by two-factor authentication apps

-[![CI Status](https://github.com/scito/extract_otp_secret_keys/actions/workflows/ci.yml/badge.svg)](https://github.com/scito/extract_otp_secret_keys/actions/workflows/ci.yml)
-![PyPI - Python Version](https://img.shields.io/pypi/pyversions/protobuf)
-[![GitHub Pipenv locked Python version](https://img.shields.io/github/pipenv/locked/python-version/scito/extract_otp_secret_keys)](https://github.com/scito/extract_otp_secret_keys/blob/master/Pipfile.lock)
-![protobuf version](https://img.shields.io/badge/protobuf-4.21.5-informational)
-[![License](https://img.shields.io/github/license/scito/extract_otp_secret_keys)](https://github.com/scito/extract_otp_secret_keys/blob/master/LICENSE)
-[![GitHub tag (latest SemVer)](https://img.shields.io/github/v/tag/scito/extract_otp_secret_keys?sort=semver&label=version)](https://github.com/scito/extract_otp_secret_keys/tags)
+[![CI tests](https://github.com/scito/extract_otp_secrets/actions/workflows/ci.yml/badge.svg)](https://github.com/scito/extract_otp_secrets/actions/workflows/ci.yml)
+[![CI docker](https://github.com/scito/extract_otp_secrets/actions/workflows/ci_docker.yml/badge.svg)](https://github.com/scito/extract_otp_secrets/actions/workflows/ci_docker.yml)
+![coverage](https://img.shields.io/badge/coverage-95%25-brightgreen)
+[![License](https://img.shields.io/github/license/scito/extract_otp_secrets)](https://github.com/scito/extract_otp_secrets/blob/master/LICENSE)
+[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/scito/extract_otp_secrets?sort=semver)](https://github.com/scito/extract_otp_secrets/releases/latest)  
+![python versions](https://img.shields.io/badge/python-3.9%20%7C%203.10%20%7C%203.11%20%7C%203.12%20%7C%203.13%20%7C%203.14-blue)
+[![Docker image](https://img.shields.io/badge/docker-image-blue)](https://hub.docker.com/repository/docker/scit0/extract_otp_secrets/general)
+[![Linux](https://img.shields.io/badge/os-linux-yellow)](https://github.com/scito/extract_otp_secrets/releases/latest)
+[![Windows](https://img.shields.io/badge/os-windows-yellow)](https://github.com/scito/extract_otp_secrets/releases/latest)
+[![MacOS](https://img.shields.io/badge/os-macos-yellow)](https://github.com/scito/extract_otp_secrets/releases/latest)
+[![Download executable](https://img.shields.io/badge/download-exe-blue)](https://github.com/scito/extract_otp_secrets/releases/latest)  
+[![Stand With Ukraine](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/badges/StandWithUkraine.svg)](https://stand-with-ukraine.pp.ua)
+<!-- ![PyPI - Python Version](https://img.shields.io/pypi/pyversions/protobuf)
+[![GitHub Pipenv locked Python version](https://img.shields.io/github/pipenv/locked/python-version/scito/extract_otp_secrets)](https://github.com/scito/extract_otp_secrets/blob/master/Pipfile.lock)
+![protobuf version](https://img.shields.io/badge/protobuf-6.33.1-informational)-->
+
+<!-- [![Github all releases](https://img.shields.io/github/downloads/scito/extract_otp_secrets/total.svg)](https://GitHub.com/scito/extract_otp_secrets/releases/) -->

 ---

-Extract two-factor authentication (2FA, TFA) secret keys from export QR codes of "Google Authenticator" app.
-The secret and otp values can be printed and exported to json or csv. The QR codes can be printed or saved as PNG images.
+The Python script `extract_otp_secrets.py` extracts one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator".
+The exported QR codes from authentication apps can be read in three ways:
+
+1. Capture the QR codes with the system camera using a GUI, 🆕
+2. Read image files containing the QR codes, and 🆕
+3. Read text files containing the QR code data generated by third-party QR readers.
+
+The secrets can be exported to JSON or CSV, or printed as QR codes to console or saved as PNG.
+
+⚡ **This project/script was renamed from `extract_otp_secret_keys` to `extract_otp_secrets`.** ⚡
+
+<details>
+<summary>Table of contents</summary>
+
+## Table of contents
+
+- [Table of contents](#table-of-contents)
+- [Download and run binary executable (🆕 since v2.1)](#download-and-run-binary-executable--since-v21)
+  - [MacOS](#macos)
+- [Usage](#usage)
+  - [Capture QR codes from camera (🆕 since version 2.0)](#capture-qr-codes-from-camera--since-version-20)
+  - [With builtin QR decoder from image files (🆕 since version 2.0)](#with-builtin-qr-decoder-from-image-files--since-version-20)
+  - [With external QR decoder app from text files](#with-external-qr-decoder-app-from-text-files)
+- [Installation of Python script (recommended for developers or advanced users)](#installation-of-python-script-recommended-for-developers-or-advanced-users)
+  - [Installation of optional shared system libraries (recommended)](#installation-of-optional-shared-system-libraries-recommended)
+- [Program help: arguments and options](#program-help-arguments-and-options)
+- [Examples](#examples)
+  - [Printing otp secrets from text file](#printing-otp-secrets-from-text-file)
+  - [Printing otp secrets from image file](#printing-otp-secrets-from-image-file)
+  - [Writing otp secrets to csv file](#writing-otp-secrets-to-csv-file)
+  - [Writing otp secrets to json file](#writing-otp-secrets-to-json-file)
+  - [Printing otp secrets multiple files](#printing-otp-secrets-multiple-files)
+  - [Printing otp secrets from stdin (text)](#printing-otp-secrets-from-stdin-text)
+  - [Printing otp secrets from stdin (image)](#printing-otp-secrets-from-stdin-image)
+  - [Printing otp secrets csv to stdout](#printing-otp-secrets-csv-to-stdout)
+  - [Printing otp secrets csv to stdout without header line](#printing-otp-secrets-csv-to-stdout-without-header-line)
+  - [Reading from stdin and printing to stdout](#reading-from-stdin-and-printing-to-stdout)
+- [Features](#features)
+- [KeePass](#keepass)
+- [How to export otp secrets from Google Authenticator app](#how-to-export-otp-secrets-from-google-authenticator-app)
+- [Glossary](#glossary)
+- [Alternative installation methods](#alternative-installation-methods)
+  - [pip using github](#pip-using-github)
+  - [local pip](#local-pip)
+  - [pipenv](#pipenv)
+  - [Visual Studio Code Remote - Containers / VSCode devcontainer](#visual-studio-code-remote---containers--vscode-devcontainer)
+  - [venv](#venv)
+  - [devbox 1](#devbox-1)
+  - [devbox 2](#devbox-2)
+  - [docker](#docker)
+  - [More docker examples](#more-docker-examples)
+- [Tests](#tests)
+  - [PyTest](#pytest)
+  - [unittest](#unittest)
+  - [VSCode Setup](#vscode-setup)
+- [Development](#development)
+  - [Build](#build)
+  - [Upgrade pip Packages](#upgrade-pip-packages)
+  - [Build docker images](#build-docker-images)
+  - [Create executables with pyinstaller](#create-executables-with-pyinstaller)
+  - [Full local build (bash)](#full-local-build-bash)
+- [Technical background](#technical-background)
+- [References](#references)
+- [Issues](#issues)
+- [Problems and Troubleshooting](#problems-and-troubleshooting)
+  - [Windows error message](#windows-error-message)
+- [Related projects](#related-projects)
+- [Third party documentation](#third-party-documentation)
+</details>
+
+## Download and run binary executable (🆕 since v2.1)
+
+1. Download executable for your platform from [latest release](https://github.com/scito/extract_otp_secrets/releases/latest), see assets
+2. Linux and macOS: Set executable bit for the downloaded file, e.g in terminal with `chmod +x extract_otp_secrets_X.Y.Z_OS_ARCH`
+3. Start executable by clicking or from command line (macOS: startable only from command line, see [below](#macos))
+
+:heavy_check_mark: Everything is just packed in one executable.  
+:heavy_check_mark: No installation needed, neither Python nor any dependencies have to be installed.  
+:heavy_check_mark: Easy and convenient  
+
+:information_source: There is a delay after starting the executable since the files have internally to be unpacked.
+
+:information_source: If you are a developer, you might prefer to run the Python script directly, see [Installation](#installation-of-python-script-recommended-for-developers-or-advanced-users)
+
+> :warning: Some antivirus tools may show a virus or trojan alert for the executable.
+> This alert is a false positive.
+> This is a known problem for executables generated by PyInstaller.
+> If you have any doubt, please use directly the [Python script](#installation-of-python-script-recommended-for-developers-or-advanced-users).
+
+:information_source: The executables are not signed. Thus, the operating system may show a warning about download from unknown source.
+
+### MacOS
+
+> Beginning in macOS 10.15, all software built after June 1, 2019, and distributed with Developer ID must be notarized. However, you aren’t required to notarize software that you distribute through the Mac App Store because the App Store submission process already includes equivalent security checks. <small>[developer.apple.com](https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution)</small>
+
+:x: Unfortunately, I cannot provide a signed and notarized installable application for macOS as .dmg or .pkg. Apple is not Open Source friendly and requires a yearly Developer ID subscription. I am not willing to pay [USD 99 per year](https://developer.apple.com/support/compare-memberships/) to Apple for this little open source tool.
+
+However, the bare executable can be executed from the command line:
+
+1. Download executable for macOS platform from [latest release](https://github.com/scito/extract_otp_secrets/releases/latest), see assets
+2. Open `Terminal` application
+3. Change to Downloads folder in Terminal: `cd $HOME/Downloads`
+4. Remove quarantine bit for the downloaded file: `xattr -r -d com.apple.quarantine extract_otp_secrets_X.Y.Z_macos_x86_64`
+5. Set executable bit for the downloaded file: `chmod +x extract_otp_secrets_X.Y.Z_macos_x86_64`
+6. Start executable from command line for the first time: `./extract_otp_secrets_X.Y.Z_macos_x86_64`
+7. Wait approximately 30 seconds to 1 minute on the first run. Terminal will display the following error:
+    ```
+    OpenCV: not authorized to capture video (status 0), requesting...
+    OpenCV: camera failed to properly initialize!
+    ```
+8. macOS will then prompt to request camera access.
+9. After allowing camera access, rerun the program.
+10. On the second run, the GUI prompt shows correctly and is fully operable: `./extract_otp_secrets_X.Y.Z_macos_x86_64`
+
+:information_source: Replace `X.Y.Z` in above commands with the version number of your downloaded file, e.g. `extract_otp_secrets_2.4.0_macos_x86_64`
+
+:information_source: If Rosetta2 emulation is installed, these steps work also for M1 and M2 Apple Silicon processors and the program can be executed directly.
+
+Tested with extract_otp_secrets_2.8.1_macos_x86_64 on macOS Sequoia 15.1 beta. Source: [#283](https://github.com/scito/extract_otp_secrets/issues/283)

 ## Usage

-1. Export the QR codes from "Google Authenticator" app
-2. Read QR codes with QR code reader
-3. Save the captured QR codes in a text file. Save each QR code on a new line. (The captured QR codes look like `otpauth-migration://offline?data=...`)
-4. Call this script with the file as input:
+### Capture QR codes from camera (🆕 since version 2.0)

-        python extract_otp_secret_keys.py -p example_export.txt
+1. Open "Google Authenticator" app on the mobile phone
+2. Export the QR codes from "Google Authenticator" app (see [how to export](#how-to-export-otp-secrets-from-google-authenticator-app))
+3. Point the exported QR codes to the camera of your computer
+4. Run the program without infile parameters:
+```
+extract_otp_secrets
+```

-## Dependencies
+![CV2 Capture from camera screenshot](docs/cv2_capture_screenshot.png)

-    pip install -r requirements.txt
+Detected QR codes are surrounded with a frame. The color of the frame indicates the extracting result:

-Known to work with
+* Green: The QR code is detected, decoded and the OTP secret was successfully extracted.
+* Red: The QR code is detected and decoded, but could not be successfully extracted. This is the case if a QR code not containing OTP data is captured.
+* Magenta: The QR code is detected, but could not be decoded. The QR code should be presented better to the camera or another QR reader could be used.

-* Python 3.10.6, protobuf 4.21.5, qrcode 7.3.1, and pillow 9.2
+Key commands:

-For protobuf versions 3.14.0 or similar or Python 3.6, use the extract_otp_secret_keys version 1.4.0.
+* Space: change QR code reader
+* C: save as csv file (🆕 since v2.2)
+* J: save as json file (🆕 since v2.2)
+* K: save as KeePass csv file (🆕 since v2.2)
+* ESC, ENTER, Q: quit the program

-### Optional
+The secrets are printed by default to the console. [Set program parameters](#program-help-arguments-and-options) for other types of output, e.g. `--csv exported_secrets.csv`.

-For printing QR codes, the qrcode module is required, otherwise it can be omitted.
+### With builtin QR decoder from image files (🆕 since version 2.0)

-    pip install qrcode[pil]
+1. Open "Google Authenticator" app on the mobile phone
+2. Export the QR codes from "Google Authenticator" app (see [how to export](#how-to-export-otp-secrets-from-google-authenticator-app))
+3. Save the QR code as image file, e.g. example_export.png
+4. Transfer the images files to the computer where his script is installed.
+5. Call this script with the file as input:
+```
+extract_otp_secrets example_export.png
+```
+6. Remove unencrypted files with secrets from your computer and mobile.

-## Technical background
+### With external QR decoder app from text files

-The export QR code of "Google Authenticator" contains the URL `otpauth-migration://offline?data=...`.
-The data parameter is a base64 encoded proto3 message (Google Protocol Buffers).
+1. Open "Google Authenticator" app on the mobile phone
+2. Export the QR codes from "Google Authenticator" app (see [how to export](#how-to-export-otp-secrets-from-google-authenticator-app))
+3. Read QR codes with a third-party QR code reader (e.g. from another phone)
+4. Save the captured QR codes from the QR code reader to a text file, e.g. example_export.txt. Save each QR code on a new line. (The captured QR codes look like `otpauth-migration://offline?data=…`)
+5. Transfer the file to the computer where his script is installed.
+6. Call this script with the file as input:
+```
+extract_otp_secrets example_export.txt
+```
+7. Remove unencrypted files with secrets from your computer and mobile.

-Command for regeneration of Python code from proto3 message definition file (only necessary in case of changes of the proto3 message definition or new protobuf versions):
+## Installation of Python script (recommended for developers or advanced users)

-    protoc --python_out=protobuf_generated_python google_auth.proto
+```bash
+git clone https://github.com/scito/extract_otp_secrets.git
+cd extract_otp_secrets
+pip install -U -r requirements.txt

-The generated protobuf Python code was generated by protoc 21.5 (https://github.com/protocolbuffers/protobuf/releases/tag/v21.5).
+python src/extract_otp_secrets.py example_export.txt
+```

-## References
+In case this script is not starting properly, the debug mode can be activated by adding parameter `-d` in the command line.

-* Proto3 documentation: https://developers.google.com/protocol-buffers/docs/pythontutorial
-* Template code: https://github.com/beemdevelopment/Aegis/pull/406
+### Installation of optional shared system libraries (recommended)
+
+For reading QR codes with `ZBAR` QR reader, the zbar library must be installed.
+If you do not use the `ZBAR` QR reader, you do not need to install the zbar shared library. Note: The `ZBAR` QR reader is the showed for me the best results and is thus default QR Reader.
+
+For a detailed installation documentation of [pyzbar](https://github.com/NaturalHistoryMuseum/pyzbar#installation).
+
+#### Linux (Debian, Ubuntu, …)
+
+    sudo apt-get install libgl1 libzbar0
+
+#### Linux (OpenSUSE)
+
+    sudo zypper install libzbar0
+
+#### Linux (Fedora)
+
+    sudo dnf install mesa-libGL zbar
+
+#### Linux (Arch Linux)
+
+    pacman -S zbar
+
+#### Mac OS X
+
+    brew install zbar
+
+#### Windows
+
+##### zbar
+
+The zbar DLLs are included with the Windows Python wheels. However, you might need additionally to install [Visual C++ Redistributable Packages for Visual Studio 2013](https://www.microsoft.com/en-US/download/details.aspx?id=40784). Install `vcredist_x64.exe` if using 64-bit Python, `vcredist_x86.exe` if using 32-bit Python. For more information see [pyzbar](https://github.com/NaturalHistoryMuseum/pyzbar)
+
+##### OpenCV (CV2)
+
+OpenCV requires [Visual C++ redistributable 2015](https://www.microsoft.com/en-us/download/details.aspx?id=48145). For more information see [opencv-python](https://pypi.org/project/opencv-python/)
+
+## Program help: arguments and options
+
+<pre>usage: extract_otp_secrets.py [-h] [--csv FILE] [--keepass FILE] [--json FILE] [--txt FILE] [--urls FILE] [--printqr] [--saveqr DIR] [--camera NUMBER] [--qr {ZBAR,QREADER,QREADER_DEEP,CV2,CV2_WECHAT}] [-i] [--no-color] [--version] [-d | -v | -q] [infile ...]
+
+Extracts one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps
+If no infiles are provided, a GUI window starts and QR codes are captured from the camera.
+
+positional arguments:
+  infile                        a) file or - for stdin with 'otpauth-migration://...' URLs separated by newlines, lines starting with # are ignored;
+                                b) image file containing a QR code or = for stdin for an image containing a QR code
+
+options:
+  -h, --help                    show this help message and exit
+  --csv FILE, -c FILE           export csv file, or - for stdout
+  --keepass FILE, -k FILE       export totp/hotp csv file(s) for KeePass, - for stdout
+  --json FILE, -j FILE          export json file or - for stdout
+  --txt FILE, -t FILE           export txt file or - for stdout
+  --urls FILE, -u FILE          export file with list of otpauth urls, or - for stdout
+  --printqr, -p                 print QR code(s) as text to the terminal
+  --saveqr DIR, -s DIR          save QR code(s) as images to directory
+  --camera NUMBER, -C NUMBER    camera number of system (default camera: 0)
+  --qr {ZBAR,QREADER,QREADER_DEEP,CV2,CV2_WECHAT}, -Q {ZBAR,QREADER,QREADER_DEEP,CV2,CV2_WECHAT}
+                                QR reader (default: ZBAR)
+  -i, --ignore                  ignore duplicate otps
+  --no-color, -n                do not use ANSI colors in console output
+  --version, -V                 print version and quit
+  -d, --debug                   enter debug mode, do checks and quit
+  -v, --verbose                 verbose output
+  -q, --quiet                   no stdout output, except output set by -
+
+examples:
+python extract_otp_secrets.py
+python extract_otp_secrets.py example_*.txt
+python extract_otp_secrets.py - < example_export.txt
+python extract_otp_secrets.py --csv - example_*.png | tail -n+2
+python extract_otp_secrets.py = < example_export.png</pre>
+
+## Examples
+
+### Printing otp secrets from text file
+
+    python src/extract_otp_secrets.py example_export.txt
+
+### Printing otp secrets from image file
+
+    python src/extract_otp_secrets.py example_export.png
+
+### Writing otp secrets to csv file
+
+    python src/extract_otp_secrets.py -q --csv extracted_secrets.csv example_export.txt
+
+### Writing otp secrets to json file
+
+    python src/extract_otp_secrets.py -q --json extracted_secrets.json example_export.txt
+
+### Printing otp secrets multiple files
+
+    python src/extract_otp_secrets.py example_*.txt
+    python src/extract_otp_secrets.py example_*.png
+    python src/extract_otp_secrets.py example_export.*
+    python src/extract_otp_secrets.py example_*.txt example_*.png
+
+### Printing otp secrets from stdin (text)
+
+    python src/extract_otp_secrets.py - < example_export.txt
+
+### Printing otp secrets from stdin (image)
+
+    python src/extract_otp_secrets.py = < example_export.png
+
+### Printing otp secrets csv to stdout
+
+    python src/extract_otp_secrets.py --csv - example_export.txt
+
+### Printing otp secrets csv to stdout without header line
+
+    python src/extract_otp_secrets.py --csv - example_*.png | tail -n+2
+
+### Reading from stdin and printing to stdout
+
+    cat example_*.txt | python src/extract_otp_secrets.py --csv - - | tail -n+2
+
+## Features
+
+* Free and open source
+* Supports Google Authenticator exports (and compatible apps like Aegis Authenticator)
+* Captures the the QR codes directly from the camera using different QR code libraries (based on OpenCV) (🆕 since v2.0)
+    * ZBAR: [pyzbar](https://github.com/NaturalHistoryMuseum/pyzbar) - fast and reliable, good for images and video capture (default and recommended) [if [libzbar](#installation-of-optional-shared-system-libraries-recommended) is installed]
+    * QREADER: [QReader](https://github.com/Eric-Canas/QReader) [if [libzbar](#installation-of-optional-shared-system-libraries-recommended) is installed]
+    * QREADER_DEEP: [QReader](https://github.com/Eric-Canas/QReader) - very slow in GUI [if [libzbar](#installation-of-optional-shared-system-libraries-recommended) is installed]
+    * CV2: [QRCodeDetector](https://docs.opencv.org/4.x/de/dc3/classcv_1_1QRCodeDetector.html)
+    * CV2_WECHAT: [WeChatQRCode](https://docs.opencv.org/4.x/dd/d63/group__wechat__qrcode.html)
+* Program usable as pure GUI application without any command line switches (🆕 since v2.2)
+    * Save otp secrets as csv file (🆕 since v2.2)
+    * Save otp secrets as json file (🆕 since v2.2)
+    * Save otp secrets as KeePass csv file(s) (🆕 since v2.2)
+* Supports [TOTP](https://www.ietf.org/rfc/rfc6238.txt) and [HOTP](https://www.ietf.org/rfc/rfc4226.txt) standards
+* Generates QR codes
+* Exports to various formats:
+    * CSV
+    * JSON
+    * Dedicated CSV for KeePass
+    * QR code images
+* Supports reading from stdin and writing to stdout, thus pipes can be used
+* Handles multiple input files (🆕 since v2.0)
+* Reads QR codes images: (See [OpenCV docu](https://docs.opencv.org/4.x/d4/da8/group__imgcodecs.html#ga288b8b3da0892bd651fce07b3bbd3a56)) (🆕 since v2.0)
+    * Portable Network Graphics - *.png
+    * WebP - *.webp
+    * JPEG files - *.jpeg, *.jpg, *.jpe
+    * TIFF files - *.tiff, *.tif
+    * Windows bitmaps - *.bmp, *.dib
+    * JPEG 2000 files - *.jp2
+    * Portable image format - *.pbm, *.pgm, *.ppm *.pxm, *.pnm
+* Prints errors and warnings to stderr (🆕 since v2.0)
+* Prints colored output (🆕 since v2.0)
+* Startable as executable (script, Python, and all dependencies packed in one executable) (🆕 since v2.1)
+    * extract_otp_secrets_linux_x86_64 (requires glibc >= 2.31)
+    * extract_otp_secrets_linux_arm64 (requires glibc >= 2.31)
+    * extract_otp_secrets_win_x86_64.exe
+    * extract_otp_secrets_macos_x86_64 (optional [libzbar](#installation-of-optional-shared-system-libraries-recommended) needs to be installed manually if needed)
+        * extract_otp_secrets_macos_x86_64.dmg N/A, see [why](#macos)
+        * extract_otp_secrets_macos_x86_64.pkg N/A, see [why](#macos)
+* Prebuilt Docker images provided for amd64 and arm64 on [Docker Hub](https://hub.docker.com/repository/docker/scit0/extract_otp_secrets) and [GitHub Packages](https://github.com/users/scito/packages/container/package/extract_otp_secrets) (🆕 since v2.0)
+* Many ways to run the script:
+    * Native Python
+    * pipenv
+    * pip
+    * venv
+    * Docker
+    * VSCode devcontainer
+    * devbox
+* Compatible with major platforms:
+    * Linux
+    * macOS
+    * Windows
+* Uses UTF-8 on all platforms
+* Supports Python >= 3.9
+* Installation of shared system libraries is optional (🆕 since v2.3)
+* Provides a debug mode (-d) for analyzing import problems
+* Written in modern Python using type hints and following best practices
+* All these features are backed by tests ran nightly
+* All functionality in one Python script: src/extract_otp_secrets.py (except protobuf generated code in protobuf_generated_python)
+
+## KeePass
+
+[KeePass 2.51](https://keepass.info/news/n220506_2.51.html) (released in May 2022) and newer [support the generation of OTPs (TOTP and HOTP)](https://keepass.info/help/base/placeholders.html#otp).
+
+KeePass can generate the second factor password (2FA) if the OTP secret is stored in `TimeOtp-Secret-Base32` string field for TOTP or `HmacOtp-Secret-Base32` string field for HOTP. You view or edit them in entry dialog on the 'Advanced' tab page.
+
+KeePass provides menu commands in the main window for generating one-time passwords ('Copy HMAC-Based OTP', 'Show HMAC-Based OTP', 'Copy Time-Based OTP', 'Show Time-Based OTP'). Furthermore, one-time passwords can be generated during auto-type using the {HMACOTP} and {TIMEOTP} placeholders.
+
+In order to simplify the usage of the second factor password generation in KeePass a specific KeePass CSV export is available with option `-keepass` or `-k`. This KeePass CSV file can be imported by the ["Generic CSV Importer" of KeePass](https://keepass.info/help/kb/imp_csv.html).
+
+If TOTP and HOTP entries have to be exported, then two files with an intermediate suffix .totp or .hotp will be added to the KeePass export filename.
+
+Example:
+- Only TOTP entries to export and parameter --keepass example_keepass_output.csv<br>
+    → example_keepass_output.csv with TOTP entries will be exported
+- Only HOTP entries to export and parameter --keepass example_keepass_output.csv<br>
+    → example_keepass_output.csv with HOTP entries will be exported
+- If both TOTP and HOTP entries to export and parameter --keepass example_keepass_output.csv<br>
+    → example_keepass_output.totp.csv with TOTP entries will be exported<br>
+    → example_keepass_output.hotp.csv with HOTP entries will be exported
+
+Import CSV with TOTP entries in KeePass as
+
+- Title
+- User Name
+- String (TimeOtp-Secret-Base32)
+- Group (/)
+
+Import CSV with HOTP entries in KeePass as
+
+- Title
+- User Name
+- String (HmacOtp-Secret-Base32)
+- String (HmacOtp-Counter)
+- Group (/)
+
+KeePass can be used as a backup for one time passwords (second factor) from the mobile phone.
+
+## How to export otp secrets from Google Authenticator app
+
+1. Open "Google Authenticator" app
+2. Select "Transfer accounts" in the three dot menu of the app.  
+![Transfer accounts option in the Google Authenticator.](docs/Transfer-accounts-option-in-the-Google-Authenticator_300px.webp)
+3. Select "Export accounts"  
+![Export account option in the Google Authenticator.](docs/Export-account-option-in-the-Google-Authenticator_300px.webp)
+4. Pass the verification by password or fingerprint.
+5. Select your accounts
+6. Press "Next" button
+7. The exported QR code(s) ready for extraction are shown.  
+![Exported Google Authenticator QR codes](docs/Exported-QR-codes_300px.webp)
+
+## Glossary
+
+* OTP = One-time password
+* TOTP = Time-based one-time password
+* HOTP = HMAC-based one-time password (using a counter)
+* 2FA = Second factor authentication
+* TFA = Two factor authentication
+* QR code = Quick response code

 ## Alternative installation methods

-### pipenv
-
-You can you use [Pipenv](https://github.com/pypa/pipenv) for running extract_otp_secret_keys.
+### pip using github

 ```
+pip install -U git+https://github.com/scito/extract_otp_secrets
+extract_otp_secrets
+```
+
+or run it
+
+```
+python -m extract_otp_secrets
+```
+
+or from a specific tag
+
+```
+pip install -U git+https://github.com/scito/extract_otp_secrets.git@v2.0.0
+extract_otp_secrets
+curl -s https://raw.githubusercontent.com/scito/extract_otp_secrets/master/example_export.txt | python -m extract_otp_secrets -
+```
+
+### local pip
+
+```
+git clone https://github.com/scito/extract_otp_secrets.git
+pip install -U -e extract_otp_secrets
+extract_otp_secrets extract_otp_secrets/example_export.txt
+```
+
+or run it
+
+```
+python -m extract_otp_secrets extract_otp_secrets/example_export.txt
+```
+
+### pipenv
+
+You can you use [Pipenv](https://github.com/pypa/pipenv) for running extract_otp_secrets.
+
+```
+pipenv --rm
 pipenv install
 pipenv shell
-python extract_otp_secret_keys.py example_export.txt
+python src/extract_otp_secrets.py example_export.txt
 ```

 ### Visual Studio Code Remote - Containers / VSCode devcontainer

-You can you use [VSCode devcontainer](https://code.visualstudio.com/docs/remote/containers-tutorial) for running extract_otp_secret_keys.
+You can you use [VSCode devcontainer](https://code.visualstudio.com/docs/remote/containers-tutorial) for running extract_otp_secrets.

 Requirement: Docker

 1. Start VSCode
-2. Open extract_otp_secret_keys.code-workspace
+2. Open extract_otp_secrets.code-workspace
 3. Open VSCode command palette (Ctrl-Shift-P)
 4. Type command "Remote-Containers: Reopen in Container"
 5. Open integrated bash terminal in VSCode
-6. Execute: python extract_otp_secret_keys.py example_export.txt
+6. Execute: python src/extract_otp_secrets.py example_export.txt

 ### venv

@@ -84,13 +514,13 @@ Alternatively, you can use a python virtual env for the dependencies:

    python -m venv venv
    . venv/bin/activate
-    pip install -r requirements-dev.txt
-    pip install -r requirements.txt
+    pip install -U -r requirements-dev.txt
+    pip install -U -r requirements.txt

 The requirements\*.txt files contain all the dependencies (also the optional ones).
 To leave the python virtual env just call `deactivate`.

-### devbox
+### devbox 1

 Install [devbox](https://github.com/jetpack-io/devbox), which is a wrapper for nix. Then enter the environment with Python and the packages installed with:

@@ -98,11 +528,58 @@ Install [devbox](https://github.com/jetpack-io/devbox), which is a wrapper for n
 devbox shell
 ```

+### devbox 2
+
+Install [devbox](https://devenv.sh), which is a wrapper for nix. Then enter the environment with Python and the packages installed with:
+
+```
+devenv shell
+```
+
+### docker
+
+Install [Docker](https://docs.docker.com/get-docker/).
+
+Prebuilt docker images are available for amd64 and arm64 architectures on [Docker Hub](https://hub.docker.com/repository/docker/scit0/extract_otp_secrets) and on [GitHub Packages](https://github.com/users/scito/packages/container/package/extract_otp_secrets).
+
+Extracting from an QR image file:
+
+```
+curl -s https://raw.githubusercontent.com/scito/extract_otp_secrets/master/example_export.png | docker run --network none --pull always -i --rm -v "$(pwd)":/files:ro docker.io/scit0/extract_otp_secrets =
+```
+
+Capturing from camera in GUI window (X Window system required on host):
+
+```
+docker run --network none --pull always --rm -v "$(pwd)":/files:ro -i --device="/dev/video0:/dev/video0" --env="DISPLAY" -v /tmp/.X11-unix:/tmp/.X11-unix:ro docker.io/scit0/extract_otp_secrets
+```
+
+If only text processing is required, there is a small Image based on Alpine Linux:
+
+```
+curl -s https://raw.githubusercontent.com/scito/extract_otp_secrets/master/example_export.txt | docker run --network none --pull always -i --rm -v "$(pwd)":/files:ro docker.io/scit0/extract_otp_secrets:latest-only-txt -
+```
+
+Docker image from GitHub:
+
+```
+docker login ghcr.io -u USERNAME
+curl -s https://raw.githubusercontent.com/scito/extract_otp_secrets/master/example_export.png | docker run --network none --pull always -i --rm -v "$(pwd)":/files:ro ghcr.io/scito/extract_otp_secrets =
+```
+
+### More docker examples
+
+    docker run --network none --pull always --rm -v "$(pwd)":/files:ro docker.io/scit0/extract_otp_secrets example_export.png
+
+    docker run --network none --pull always --rm -i -v "$(pwd)":/files:ro docker.io/scit0/extract_otp_secrets:latest-only-txt - < example_export.txt
+
+    cat example_export.txt | docker run --network none --pull always --rm -i -v "$(pwd)":/files:ro docker.io/scit0/extract_otp_secrets:latest-only-txt - -c - > example_out.csv
+
 ## Tests

 ### PyTest

-There are basic [pytest](https://pytest.org)s, see `test_extract_otp_secret_keys_pytest.py`.
+The script is covered by [pytest](https://pytest.org)s, see `extract_otp_secrets_test.py`.

 Run tests:

@@ -114,9 +591,19 @@ or
 python -m pytest
 ```

+#### Hints
+
+Your tests can run against an installed version after executing pip install .
+
+Your tests can run against the local copy with an editable install after executing pip install --editable .
+
+If you don’t use an editable install and are relying on the fact that Python by default puts the current directory in sys.path to import your package, you can execute python -m pytest to execute the tests against the local copy directly, without using pip.
+
+https://docs.pytest.org/en/7.1.x/explanation/pythonpath.html#pytest-vs-python-m-pytest
+
 ### unittest

-There are basic [unittest](https://docs.python.org/3.10/library/unittest.html)s, see `test_extract_otp_secret_keys_unittest.py`.
+There are some [unittest](https://docs.python.org/3.10/library/unittest.html)s, see `extract_otp_secrets_txt_unit_test.py`.

 Run tests:

@@ -124,6 +611,8 @@ Run tests:
 python -m unittest
 ```

+Note the `pytest`s are preferred and complete. For each unittest there is also a test in `pytest`.
+
 ### VSCode Setup

 Setup for running the tests in VSCode.
@@ -132,3 +621,195 @@ Setup for running the tests in VSCode.
 2. Type command "Python: Configure Tests"
 3. Choose unittest or pytest. (pytest is recommended, both are supported)
 4. Set ". Root" directory
+
+## Development
+
+### Build
+
+```
+cd extract_otp_secrets/
+pip install -U -e .
+python src/extract_otp_secrets.py
+
+pip wheel .
+```
+
+Note: `python -m build --wheel` = `pip wheel --no-deps .`
+
+### Upgrade pip Packages
+
+```
+pip install -U -r requirements.txt
+```
+
+### Build docker images
+
+#### Debian (full functionality)
+
+Build and run the app within the container:
+
+```bash
+docker build . -t extract_otp_secrets --pull -f docker/Dockerfile --build-arg RUN_TESTS=false
+```
+
+Run tests in docker container:
+
+```bash
+docker run --entrypoint /extract/run_pytest.sh --rm -v "$(pwd)":/files:ro extract_otp_secrets
+```
+
+#### Alpine (only text file processing)
+
+```bash
+docker build . -t extract_otp_secrets:only_txt --pull -f docker/Dockerfile_only_txt --build-arg RUN_TESTS=false
+```
+
+Run tests in docker container:
+
+```bash
+docker run --entrypoint /extract/run_pytest.sh --rm -v "$(pwd)":/files:ro extract_otp_secrets_only_txt extract_otp_secrets_test.py -k "not qreader" --relaxed
+```
+
+### Create executables with pyinstaller
+
+#### Linux
+
+```bash
+pyinstaller -y --add-data $pythonLocation/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile src/extract_otp_secrets.py
+```
+
+Output is executable `dist/extract_otp_secrets`
+
+#### Windows
+
+```
+pyinstaller -y --add-data "%pythonLocation%\__yolo_v3_qr_detector;__yolo_v3_qr_detector" --add-binary "%pythonLocation%\pyzbar\libiconv.dll;pyzbar" --add-binary "%pythonLocation%\pyzbar\libzbar-64.dll;pyzbar" --add-binary "%windir%\system32\msvcr120.dll;pyzbar" --add-binary "%windir%\system32\msvcp120.dll;pyzbar" --add-binary "%windir%\system32\vcamp120.dll;pyzbar" --add-binary "%windir%\system32\vcomp120.dll;pyzbar" --add-binary "%windir%\system32\vccorlib120.dll;pyzbar" --add-binary "%windir%\system32\mfc120.dll;pyzbar" --add-binary "%windir%\system32\mfc120u.dll;pyzbar" --add-binary "%windir%\system32\mfc120chs.dll;pyzbar" --add-binary "%windir%\system32\mfc120cht.dll;pyzbar" --add-binary "%windir%\system32\mfc120deu.dll;pyzbar" --add-binary "%windir%\system32\mfc120enu.dll;pyzbar" --add-binary "%windir%\system32\mfc120esn.dll;pyzbar" --add-binary "%windir%\system32\mfc120fra.dll;pyzbar" --add-binary "%windir%\system32\mfc120ita.dll;pyzbar" --add-binary "%windir%\system32\mfc120jpn.dll;pyzbar" --add-binary "%windir%\system32\mfc120kor.dll;pyzbar" --add-binary "%windir%\system32\mfc120rus.dll;pyzbar" --onefile --version-file build\file_version_info.txt src\extract_otp_secrets.py
+```
+
+Output is `dist\extract_otp_secrets.exe`
+
+### Full local build (bash)
+
+There is a Bash script for a full local build including linting and type checking.
+
+```bash
+./build.sh
+```
+or 
+```bash
+PYTHON=python3.11 PIP=pip3.11 DOCKER="sudo podman" ./build.sh -d
+```
+Linux or WSL2 Linux:
+```bash
+DOCKER="sudo podman" ./build.sh -d
+```
+Git for Windows:
+```bash
+MSYS_NO_PATHCONV=1 NOINHERIT=1 DOCKER="podman" ./build.sh -d
+```
+
+The options of the build script:
+
+```
+Build extract_otp_secrets project
+
+./build.sh [options]
+
+Options:
+-i                      Interactive mode, all steps must be confirmed
+-C                      Ignore version check of protobuf/protoc
+-e                      Build exe
+-n                      Build nuitka exe
+-L                      Do not build local (exes)
+-d                      Build docker
+-a                      Build arm
+-X                      Do not build x86_64
+-B                      Do not build base
+-V                      Do not run pipenv
+-g                      Start extract_otp_secrets.py in GUI mode
+-c                      Clean everything
+-r                      Generate result files
+-h, --help              Show help and quit
+```
+
+#### Additional requirements
+
+* envsubst
+* git
+* perl
+* pip
+
+##### Fedora
+
+sudo dnf install python3-pip perl envsubst
+
+## Technical background
+
+The export QR code of "Google Authenticator" contains the URL `otpauth-migration://offline?data=…`.
+The data parameter is a base64 encoded proto3 message (Google Protocol Buffers).
+
+Command for regeneration of Python code from proto3 message definition file (only necessary in case of changes of the proto3 message definition or new protobuf versions):
+
+    protoc --plugin=protoc-gen-mypy=path/to/protoc-gen-mypy --python_out=src/protobuf_generated_python --mypy_out=src/protobuf_generated_python src/google_auth.proto
+
+The generated protobuf Python code was generated by protoc 33.1 (https://github.com/protocolbuffers/protobuf/releases/tag/v33.1).
+
+For Python type hint generation the [mypy-protobuf](https://github.com/nipunn1313/mypy-protobuf) package is used.
+
+## References
+
+* Proto3 documentation: https://developers.google.com/protocol-buffers/docs/pythontutorial
+* Template code: https://github.com/beemdevelopment/Aegis/pull/406
+
+## Issues
+
+* Segmentation fault on macOS with CV2 4.7.0: https://github.com/opencv/opencv/issues/23072 (fixed)
+* CV2 window does not show icons: https://github.com/opencv/opencv-python/issues/585
+
+## Problems and Troubleshooting
+
+### Windows error message
+
+If you see an ugly ImportError on Windows you will most likely need the [Visual C++ Redistributable Packages for Visual Studio 2013](https://www.microsoft.com/en-US/download/details.aspx?id=40784). Install vcredist_x64.exe if using 64-bit Python, vcredist_x86.exe if using 32-bit Python.
+
+This library shared library is required by [pyzbar](https://pypi.org/project/pyzbar/).
+
+```
+Traceback (most recent call last):
+  File "C:\Users\Admin\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\pyzbar\zbar_library.py", line 58, in load
+    dependencies, libzbar = load_objects(Path(''))
+                            ^^^^^^^^^^^^^^^^^^^^^^
+  File "C:\Users\Admin\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\pyzbar\zbar_library.py", line 50, in load_objects
+    deps = [
+           ^
+  File "C:\Users\Admin\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\pyzbar\zbar_library.py", line 51, in <listcomp>
+    cdll.LoadLibrary(str(directory.joinpath(dep)))
+  File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.11_3.11.496.0_x64__qbz5n2kfra8p0\Lib\ctypes\__init__.py", line 454, in LoadLibrary
+    return self._dlltype(name)
+           ^^^^^^^^^^^^^^^^^^^
+  File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.11_3.11.496.0_x64__qbz5n2kfra8p0\Lib\ctypes\__init__.py", line 376, in __init__
+    self._handle = _dlopen(self._name, mode)
+                   ^^^^^^^^^^^^^^^^^^^^^^^^^
+FileNotFoundError: Could not find module 'libiconv.dll' (or one of its dependencies). Try using the full path with constructor syntax.
+```
+
+## Related projects
+
+* [ZBar](https://github.com/mchehab/zbar) is an open source software suite for reading bar codes from various sources, including webcams.
+* [Aegis Authenticator](https://github.com/beemdevelopment/Aegis) is a free, secure and open source 2FA app for Android. This app can scan Google export QR codes and export the secrets, e.g. as JSON. However, a second device is required.
+* [pyzbar](https://github.com/NaturalHistoryMuseum/pyzbar) is a good QR code reader Python module
+* [OpenCV](https://docs.opencv.org/4.x/) (CV2) Open Source Computer Vision library with [opencv-python](https://github.com/opencv/opencv-python)
+* [Python QReader](https://github.com/Eric-Canas/QReader) Python QR code readers
+* [Android OTP Extractor](https://github.com/puddly/android-otp-extractor) can extract your tokens from popular Android OTP apps and export them in a standard format or just display them as QR codes for easy importing. [Requires a _rooted_ Android phone.]
+* [Google Authenticator secret extractor](https://github.com/krissrex/google-authenticator-exporter) is similar project written in JavaScript. It also extracts otp secrets from Google Authenticator.
+
+## Third party documentation
+
+* [TOTP Secret Extraction from QR codes (medium.com)](https://cavalloj.medium.com/totp-secret-extraction-from-qr-codes-ee097b4c687f)
+* [Google Authenticator: OTP-Secrets auslesen (stadt-bremerhaven.de)](https://stadt-bremerhaven.de/google-authenticator-otp-secrets-auslesen/)
+
+***
+
+# #StandWithUkraine 🇺🇦
+
+#RussiaInvadedUkraine on 24 of February 2022, at 05:00 the armed forces of the Russian Federation attacked Ukraine. Please, stand with Ukraine, stay tuned for updates on Ukraine's official sources and channels in English and support Ukraine in its fight for freedom and democracy in Europe.
--- a/build.sh
+++ b/build.sh
@@ -0,0 +1,727 @@
+#!/bin/bash
+
+# Upgrades Protoc from https://github.com/protocolbuffers/protobuf/releases
+
+black='\e[0;30m'
+blackBold='\e[1;30m'
+blackBackground='\e[1;40m'
+red='\e[0;31m'
+redBold='\e[1;31m'
+redBackground='\e[0;41m'
+green='\e[0;32m'
+greenBold='\e[1;32m'
+greenBackground='\e[0;42m'
+yellow='\e[0;33m'
+yellowBold='\e[1;33m'
+yellowBackground='\e[0;43m'
+blue='\e[0;34m'
+blueBold='\e[1;34m'
+blueBackground='\e[0;44m'
+magenta='\e[0;35m'
+magentaBold='\e[1;35m'
+magentaBackground='\e[0;45m'
+cyan='\e[0;36m'
+cyanBold='\e[1;36m'
+cyanBackground='\e[0;46m'
+white='\e[0;37m'
+whiteBold='\e[1;37m'
+whiteBackground='\e[0;47m'
+reset='\e[0m'
+
+abort() {
+    echo '
+***************
+*** ABORTED ***
+***************
+    ' >&2
+    echo "An error occurred on line $1. Exiting..." >&2
+    date -Iseconds >&2
+    exit 1
+}
+
+trap 'abort $LINENO' ERR
+set -e -o pipefail
+
+quit() {
+    trap : 0
+    exit 0
+}
+
+# Asks if [Yn] if script shoud continue, otherwise exit 1
+# $1: msg or nothing
+# Example call 1: askContinueYn
+# Example call 1: askContinueYn "Backup DB?"
+askContinueYn() {
+    if [[ $1 ]]; then
+        msg="$1 "
+    else
+        msg=""
+    fi
+
+    # http://stackoverflow.com/questions/3231804/in-bash-how-to-add-are-you-sure-y-n-to-any-command-or-alias
+    read -e -p "${msg}Continue? [Y/n] " response
+    response=${response,,}    # tolower
+    if [[ $response =~ ^(yes|y|)$ ]] ; then
+        # echo ""
+        # OK
+        :
+    else
+        echo "Aborted"
+        exit 1
+    fi
+}
+
+# Reference: https://gist.github.com/steinwaywhw/a4cd19cda655b8249d908261a62687f8
+
+if [[ "$MSYSTEM" == "MINGW64" || "$MSYSTEM" == "MINGW32" || "$MSYSTEM" == "UCRT64" ]]; then
+    LINUX=false
+elif [[ "$(uname -s)" == MINGW* ]]; then
+    LINUX=false
+else
+    LINUX=true
+fi
+
+interactive=false
+ignore_version_check=true
+clean=false
+clean_flag=""
+build_base=true
+build_arm=false
+build_x86_64=true
+build_docker=false
+build_local=true
+build_exe=false
+build_nuitka_exe=false
+run_pipenv=true
+run_gui=false
+generate_result_files=false
+PYTHONHASHSEED=31
+
+while test $# -gt 0; do
+    case $1 in
+        -h|--help)
+            echo "Build extract_otp_secrets project"
+            echo
+            echo "$0 [options]"
+            echo
+            echo "Options:"
+            echo "-i                      Interactive mode, all steps must be confirmed"
+            echo "-C                      Ignore version check of protobuf/protoc"
+            echo "-e                      Build exe"
+            echo "-n                      Build nuitka exe"
+            echo "-L                      Do not run protoc and base build locally incl. exes"
+            echo "-d                      Build docker"
+            echo "-a                      Build arm"
+            echo "-X                      Do not build x86_64"
+            echo "-B                      Do not build base"
+            echo "-V                      Do not run pipenv"
+            echo "-g                      Start extract_otp_secrets.py in GUI mode"
+            echo "-c                      Clean everything"
+            echo "-r                      Generate result files"
+            echo "-h, --help              Show help and quit"
+            quit
+            ;;
+        -i)
+            interactive=true
+            shift
+            ;;
+        -C)
+            ignore_version_check=false
+            shift
+            ;;
+        -B)
+            build_base=false
+            shift
+            ;;
+        -L)
+            build_local=false
+            build_base=false
+            shift
+            ;;
+        -a)
+            build_arm=true
+            shift
+            ;;
+        -X)
+            build_x86_64=false
+            shift
+            ;;
+        -e)
+            build_exe=true
+            shift
+            ;;
+        -n)
+            build_nuitka_exe=true
+            shift
+            ;;
+        -d)
+            build_docker=true
+            shift
+            ;;
+        -V)
+            run_pipenv=false
+            shift
+            ;;
+        -g)
+            run_gui=true
+            shift
+            ;;
+        -r)
+            generate_result_files=true
+            shift
+            ;;
+        -c)
+            clean=true
+            clean_flag="--clean"
+            shift
+            ;;
+    esac
+done
+
+BIN="$HOME/bin"
+DOWNLOADS="$HOME/downloads"
+
+# Set python und pip if not already set in environment
+PYTHON="${PYTHON:=python}"
+PIP="${PIP:=pip}"
+PIPENV="$PYTHON -m pipenv"
+FLAKE8="$PYTHON -m flake8"
+MYPY="$PYTHON -m mypy"
+DOCKER="${DOCKER:=docker}"
+
+if $LINUX; then
+    PWD=pwd
+else
+    PWD="pwd -W"
+fi
+
+# sudo ln -s /usr/bin/python3.11 /usr/bin/python
+
+# Upgrade protoc
+
+DEST="protoc"
+
+if $clean; then
+    cmd="$DOCKER image prune -f || echo 'No docker image pruned'"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    cmd="$PIP uninstall -y extract-otp-secrets || echo nothing done"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    cmd="$PIP freeze | grep -v -E '^-e|^#' | xargs sudo $PIP uninstall -y || echo nothing done"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    cmd="$PIP freeze --user | grep -v -E '^-e|^#' | xargs $PIP uninstall -y || echo nothing done"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    cmd="$PIP freeze | cut -d \"@\" -f1 | xargs pip uninstall -y || echo Nothing to do"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    cmd="sudo rm -rf dist/ build/ dist_*/ *.whl extracted_*.csv extracted_*.json pytest.xml pytest-coverage.txt .coverage tests/reports || true; find . -name '*.pyc' -type f -delete; find . -name '__pycache__' -type d -exec rm -r {} \; || true; find . -name '*.egg-info' -type d -exec rm -r {} \; || true; find . -name '*_cache' -type d -exec rm -r {} \; || true; mkdir -p tests/reports;"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    cmd="pipenv --rm || true"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    cmd="sudo pipenv --rm || true"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    cmd="mkdir -p dist"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+fi
+
+if $build_local; then
+    cmd="$PIP install -U -r requirements-dev.txt"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    echo -e "\n\nChecking Protoc version..."
+    VERSION=$(curl -sL https://github.com/protocolbuffers/protobuf/releases/latest | grep -E "<title>" | perl -pe's%.*Protocol Buffers v(\d+\.\d+(\.\d+)?).*%\1%')
+    BASEVERSION=4
+    echo
+
+    OLDVERSION=$(cat $BIN/$DEST/.VERSION.txt || echo "")
+    echo -e "\nProtoc remote version $VERSION\n"
+    echo -e "Protoc local version: $OLDVERSION\n"
+
+    if [ "$OLDVERSION" != "$VERSION" ] && ! $ignore_version_check; then
+        echo "Upgrade protoc from $OLDVERSION to $VERSION"
+
+        NAME="protoc-$VERSION"
+        ARCHIVE="$NAME.zip"
+
+        mkdir -p $DOWNLOADS
+        # https://github.com/protocolbuffers/protobuf/releases/download/v21.6/protoc-21.6-linux-x86_64.zip
+        cmd="wget --trust-server-names https://github.com/protocolbuffers/protobuf/releases/download/v$VERSION/protoc-$VERSION-linux-x86_64.zip -O $DOWNLOADS/$ARCHIVE"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="echo -e '\nSize [Byte]'; stat --printf='%s\n' $DOWNLOADS/$ARCHIVE; echo -e '\nMD5'; md5sum $DOWNLOADS/$ARCHIVE; echo -e '\nSHA256'; sha256sum $DOWNLOADS/$ARCHIVE;"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="mkdir -p $BIN/$NAME; unzip $DOWNLOADS/$ARCHIVE -d $BIN/$NAME"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="echo $VERSION > $BIN/$NAME/.VERSION.txt; echo $VERSION > $BIN/$NAME/.VERSION_$VERSION.txt"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="[ -d $BIN/$DEST.old ] && rm -rf $BIN/$DEST.old || echo 'No old dir to delete'"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="[ -d $BIN/$DEST ] && mv -iT $BIN/$DEST $BIN/$DEST.old || echo 'No previous dir to keep'"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="mv -iT $BIN/$NAME $BIN/$DEST"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="rm $DOWNLOADS/$ARCHIVE"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$BIN/$DEST/bin/protoc --plugin=protoc-gen-mypy=$HOME/.local/bin/protoc-gen-mypy --python_out=src/protobuf_generated_python --mypy_out=src/protobuf_generated_python --proto_path=src google_auth.proto"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        # Update README.md
+
+        cmd="perl -i -pe 's%proto(buf|c)([- ])(\d\.)?$OLDVERSION%proto\$1\$2\${3}$VERSION%g' README.md && perl -i -pe 's%(protobuf/releases/tag/v)$OLDVERSION%\${1}$VERSION%g' README.md"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+    else
+        echo -e "\nVersion has not changed. Quit"
+    fi
+
+    # Upgrade pip requirements
+
+    cmd="pip install -U pip"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    $PIP --version
+
+    cmd="$PIP install -U -r requirements.txt"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    if $build_base; then
+        # Lint
+
+        LINT_OUT_FILE="tests/reports/flake8_results.txt"
+        cmd="$FLAKE8 . --count --select=E9,F63,F7,F82 --show-source --statistics | tee $LINT_OUT_FILE"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$FLAKE8 . --count --exit-zero --max-complexity=10 --max-line-length=200 --statistics --exclude=.git,__pycache__,docs/source/conf.py,old,build,dist,protobuf_generated_python | tee -a $LINT_OUT_FILE"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        # Type checking
+
+        TYPE_CHECK_OUT_FILE="tests/reports/mypy_results.txt"
+        cmd="$MYPY --install-types --non-interactive src/*.py tests/*.py"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        # change to src as python -m mypy adds the current dir Python sys.path
+        # execute in a subshell in order not to loose the exit code and not to change the dir in the currrent shell
+        cmd="$MYPY --strict src/*.py tests/*.py | tee $TYPE_CHECK_OUT_FILE"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+
+        # Generate results files
+
+        if $generate_result_files; then
+            cmd="for color in '' '-n'; do for level in '' '-v' '-vv' '-vvv'; do $PYTHON src/extract_otp_secrets.py example_export.txt \$color \$level > tests/data/print_verbose_output\$color\$level.txt; done; done"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+        fi
+
+        # pip -e install
+
+        cmd="$PIP install -U -e ."
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="extract_otp_secrets example_export.txt"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="extract_otp_secrets - < example_export.txt"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        # Test (needs module)
+
+        cmd="$PYTHON src/extract_otp_secrets.py example_export.txt"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$PYTHON src/extract_otp_secrets.py - < example_export.txt"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        COVERAGE_OUT_FILE="tests/reports/pytest-coverage.txt"
+        cmd="pytest --cov=extract_otp_secrets_test --junitxml=tests/reports/pytest.xml --cov-report html:tests/reports/html --cov-report=term-missing tests/ | tee $COVERAGE_OUT_FILE"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        # Update Code Coverage in README.md
+
+        # https://github.com/marketplace/actions/pytest-coverage-comment
+        # Coverage-95%25-yellowgreen
+        echo -e "Update code coverage in README.md"
+        TOTAL_COVERAGE=$(cat $COVERAGE_OUT_FILE | grep 'TOTAL' | perl -ne 'print "$&" if /\b(\d{1,3})%/') && perl -i -pe "s/coverage-(\d{1,3}%)25-/coverage-${TOTAL_COVERAGE}25-/" README.md
+
+        # Pipenv
+
+        if $run_pipenv; then
+            cmd="$PIP install -U pipenv"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            $PIPENV --version
+
+            cmd="rm Pipfile.lock || echo 'No Pipfile.lock to remove'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="# $PIPENV --rm || echo 'No virtualenv to remove'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="$PIPENV install --dev"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="$PIPENV update --dev"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            $PIPENV run python --version
+
+            # pip -e install
+
+            cmd="$PIPENV run pip install -U -e ."
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="$PIPENV run pytest --cov=extract_otp_secrets_test tests/"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+
+            cmd="$PIPENV run extract_otp_secrets example_export.txt"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="$PIPENV run extract_otp_secrets - < example_export.txt"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            # Test (needs module)
+
+            cmd="$PIPENV run python src/extract_otp_secrets.py example_export.txt"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="$PIPENV run python src/extract_otp_secrets.py - < example_export.txt"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+        fi
+
+        # Build wheel
+
+        cmd="$PIP wheel ."
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+    fi
+
+    # Build executable
+    if $build_exe; then
+        cmd="LOCAL_GLIBC_VERSION=$(ldd --version | sed '1!d' | sed -E 's/.* ([[:digit:]]+\.[[:digit:]]+)$/\1/')"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+        echo "local glibc: $LOCAL_GLIBC_VERSION"
+
+        cmd="time pyinstaller -y --specpath installer --add-data $HOME/.local/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile $clean_flag src/extract_otp_secrets.py"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="dist/extract_otp_secrets -h"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="dist/extract_otp_secrets --qr ZBAR example_export.png"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+    fi
+
+    # Build compiled executable
+
+    if $build_nuitka_exe; then
+        cmd="LOCAL_GLIBC_VERSION=$(ldd --version | sed '1!d' | sed -E 's/.* ([[:digit:]]+\.[[:digit:]]+)$/\1/')"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+        echo "local glibc: $LOCAL_GLIBC_VERSION"
+
+        cmd="$PIP install -U pyqt5"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="time $PYTHON -m nuitka --enable-plugin=tk-inter --enable-plugin=pyqt5 --noinclude-default-mode=nofollow --clang --include-data-dir=$HOME/.local/__yolo_v3_qr_detector/=__yolo_v3_qr_detector/ --onefile --output-dir=build/nuitka --output-filename=extract_otp_secrets_compiled src/extract_otp_secrets.py"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="cp build/nuitka/extract_otp_secrets_compiled dist/"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="dist/extract_otp_secrets_compiled -h"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="dist/extract_otp_secrets_compiled --qr ZBAR example_export.png"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+    fi
+
+    # Generate README.md TOC
+    cmd="env -u MSYS_NO_PATHCONV gfm-toc -s 2 -e 3 -t -o README.md > docs/README_TOC.md"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    # create Windows win_file_version_info.txt
+    cmd="VERSION_STR=$(setuptools-git-versioning) VERSION_MAJOR=$(cut -d '.' -f 1 <<< "$(setuptools-git-versioning)") VERSION_MINOR=$(cut -d '.' -f 2 <<< "$(setuptools-git-versioning)") VERSION_PATCH=$(cut -d '.' -f 3 <<< "$(setuptools-git-versioning)") VERSION_BUILD=$(($(git rev-list --count $(git tag | sort -V -r | sed '1!d')..HEAD))) COPYRIGHT_YEARS='2020-2023' envsubst < installer/win_file_version_info_template.txt > build/win_file_version_info.txt"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+
+    # create macOS extract_otp_secrets_macos.spec from extract_otp_secrets_macos_template.spec
+    cmd="VERSION_STR=$(setuptools-git-versioning) COPYRIGHT_YEARS='2020-$(date +%Y)' envsubst < installer/extract_otp_secrets_macos_template.spec > build/extract_otp_secrets_macos.spec"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+fi
+
+if $build_docker; then
+    # Build docker
+
+    if $build_x86_64; then
+        # Build Dockerfile_only_txt (Alpine)
+        cmd="$DOCKER build . --network=host -t extract_otp_secrets_only_txt -t extract_otp_secrets:only-txt -t extract_otp_secrets:alpine -f docker/Dockerfile_only_txt --pull --build-arg RUN_TESTS=false"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$DOCKER run --network none --rm -v \"$($PWD):/files:ro\" extract_otp_secrets_only_txt example_export.txt"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$DOCKER run --network none --rm -i -v \"$($PWD):/files:ro\" extract_otp_secrets_only_txt - < example_export.txt"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$DOCKER run --network=host --entrypoint '/extract/run_pytest.sh' --rm -v \"$($PWD):/files:ro\" extract_otp_secrets_only_txt extract_otp_secrets_test.py -k 'not qreader' -vvv --relaxed"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        # Build extract_otp_secrets (Debian Bookworm)
+        cmd="$DOCKER build . --network=host -t extract_otp_secrets -t extract_otp_secrets:bookworm --pull -f docker/Dockerfile --build-arg RUN_TESTS=false"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$DOCKER run --network none --rm -v \"$($PWD):/files:ro\" extract_otp_secrets example_export.txt"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="cat example_export.txt | $DOCKER run --network none --rm -i -v \"$($PWD):/files:ro\" extract_otp_secrets - -c - > example_output.csv"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$DOCKER run --network none --rm -i -v \"$($PWD):/files:ro\" extract_otp_secrets = < example_export.png"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$DOCKER run --network=host --entrypoint /extract/run_pytest.sh --rm -v \"$($PWD):/files:ro\" extract_otp_secrets"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        # Build extract_otp_secrets (Debian Bullseye)
+        cmd="$DOCKER build . --network=host -t extract_otp_secrets:bullseye -t extract_otp_secrets:bullseye-x86_64 --pull -f docker/Dockerfile --build-arg RUN_TESTS=false --build-arg BASE_IMAGE=python:3.13-slim-bullseye"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$DOCKER run --network none --rm -v \"$($PWD):/files:ro\" extract_otp_secrets:bullseye example_export.txt"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="cat example_export.txt | $DOCKER run --network none --rm -i -v \"$($PWD):/files:ro\" extract_otp_secrets:bullseye - -c - > example_output.csv"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$DOCKER run --network none --rm -i -v \"$($PWD):/files:ro\" extract_otp_secrets:bullseye = < example_export.png"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        cmd="$DOCKER run --network=host --entrypoint /extract/run_pytest.sh --rm -v \"$($PWD):/files:ro\" extract_otp_secrets:bullseye"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        # Build executable from Docker latest
+        # sed "1!d" is workaround for head -n 1 since it head procduces exit code != 0
+        BOOKWORM_GLIBC_VERSION=$($DOCKER run --network none --entrypoint /bin/bash --rm extract_otp_secrets -c 'ldd --version | sed "1!d" | sed -E "s/.* ([[:digit:]]+\.[[:digit:]]+)$/\1/"')
+        echo "Bookworm glibc: $BOOKWORM_GLIBC_VERSION"
+    fi
+
+    if $build_arm; then
+        # build linux/arm64
+        cmd="$DOCKER run --network none --pull always --rm --privileged multiarch/qemu-user-static --reset -p yes"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+
+        # Build extract_otp_secrets (Debian Bullseye)
+        cmd="$DOCKER buildx build --platform=linux/arm64 . -t extract_otp_secrets:bullseye-arm64 --pull -f docker/Dockerfile --build-arg RUN_TESTS=false --build-arg BASE_IMAGE=python:3.13-slim-bullseye"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+    fi
+
+    if $build_exe; then
+        if $build_x86_64; then
+            cmd="$DOCKER run --platform linux/amd64 --network=host --entrypoint /bin/bash --rm -v \"$($PWD):/files\" -w /files extract_otp_secrets -c 'apt-get update && apt-get -y install binutils && pip install -U pip && pip install -U -r /files/requirements.txt && pip install pyinstaller && PYTHONHASHSEED=31 && pyinstaller -y --specpath installer --add-data /usr/local/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name extract_otp_secrets_linux_x86_64_bookworm --distpath /files/dist/ /files/src/extract_otp_secrets.py'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="dist/extract_otp_secrets_linux_x86_64_bookworm -h || echo 'Could not run exe; see error message above'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="dist/extract_otp_secrets_linux_x86_64_bookworm --qr ZBAR example_export.png || echo 'Could not run exe; see error message above'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            # Build executable from Docker bullseye
+            BULLSEYE_GLIBC_VERSION=$($DOCKER run --network none --entrypoint /bin/bash --rm extract_otp_secrets:bullseye -c 'ldd --version | sed "1!d" | sed -E "s/.* ([[:digit:]]+\.[[:digit:]]+)$/\1/"')
+            echo "Bullseye glibc: $BULLSEYE_GLIBC_VERSION"
+
+            cmd="$DOCKER run --platform linux/amd64 --network=host --entrypoint /bin/bash --rm -v \"$($PWD):/files\" -w /files extract_otp_secrets:bullseye -c 'apt-get update && apt-get -y install binutils && pip install -U pip && pip install -U -r /files/requirements.txt && pip install pyinstaller && PYTHONHASHSEED=31 && pyinstaller -y --specpath installer --add-data /usr/local/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name extract_otp_secrets_linux_x86_64 --distpath /files/dist/ /files/src/extract_otp_secrets.py'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="dist/extract_otp_secrets_linux_x86_64 -h"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="dist/extract_otp_secrets_linux_x86_64 --qr ZBAR example_export.png"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+        fi
+
+        if $build_arm; then
+            # build linux/arm64
+            cmd="$DOCKER run --platform linux/arm64 --network=host --entrypoint /bin/bash --rm -v \"$($PWD):/files\" -w /files extract_otp_secrets:bullseye-arm64 -c 'apt-get update && apt-get -y install binutils && pip install -U pip && pip install -U -r /files/requirements.txt && pip install pyinstaller && PYTHONHASHSEED=31 && pyinstaller --specpath installer -y --add-data /usr/local/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name extract_otp_secrets_linux_arm64 --distpath /files/dist/ /files/src/extract_otp_secrets.py'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="PLATFORM='linux/arm64' && EXE='dist/extract_otp_secrets_linux_arm64' && $DOCKER run --platform \"\$PLATFORM\" --entrypoint /bin/bash --rm -v \"$($PWD):/files\" -w /files extract_otp_secrets:bullseye-arm64 -c \"\$EXE -V && \$EXE -h && \$EXE example_export.png && \$EXE - < example_export.txt && \$EXE --qr ZBAR example_export.png && \$EXE --qr QREADER example_export.png && \$EXE --qr QREADER_DEEP example_export.png && \$EXE --qr CV2 example_export.png && \$EXE --qr CV2_WECHAT example_export.png\""
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+        fi
+    fi
+
+    if $build_nuitka_exe; then
+        if $build_x86_64; then
+            cmd="$DOCKER run --platform linux/amd64 --network=host --entrypoint /bin/bash --rm -v \"$($PWD):/files\" -w /files extract_otp_secrets -c 'apt-get update && apt-get -y install binutils build-essential patchelf && pip install -U pip && pip install -U -r /files/requirements.txt && pip install nuitka pyqt5 && PYTHONHASHSEED=31 && python -m nuitka --enable-plugin=tk-inter --enable-plugin=pyqt5 --include-data-dir=/usr/local/__yolo_v3_qr_detector/=__yolo_v3_qr_detector/ --onefile --output-dir=/files/build/docker/nuitka --output-filename=extract_otp_secrets_linux_x86_64_bookworm_compiled /files/src/extract_otp_secrets.py'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="build/docker/nuitka/extract_otp_secrets_linux_x86_64_bookworm_compiled -h"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="build/docker/nuitka/extract_otp_secrets_linux_x86_64_bookworm_compiled --qr ZBAR example_export.png"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="cp build/docker/nuitka/extract_otp_secrets_linux_x86_64_bookworm_compiled dist/"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            # Build executable from Docker bullseye
+            BULLSEYE_GLIBC_VERSION=$($DOCKER run --network none --entrypoint /bin/bash --rm extract_otp_secrets:bullseye -c 'ldd --version | sed "1!d" | sed -E "s/.* ([[:digit:]]+\.[[:digit:]]+)$/\1/"')
+            echo "Bookworm glibc: $BULLSEYE_GLIBC_VERSION"
+
+            cmd="$DOCKER run --platform linux/amd64 --network=host --entrypoint /bin/bash --rm -v \"$($PWD):/files\" -w /files extract_otp_secrets:bullseye -c 'apt-get update && apt-get -y install binutils build-essential patchelf && pip install -U pip && pip install -U -r /files/requirements.txt && pip install nuitka pyqt5 && PYTHONHASHSEED=31 && python -m nuitka --enable-plugin=tk-inter --enable-plugin=pyqt5 --include-data-dir=/usr/local/__yolo_v3_qr_detector/=__yolo_v3_qr_detector/ --onefile --output-dir=/files/build/docker/nuitka --output-filename=extract_otp_secrets_linux_x86_64_bullseye_compiled /files/src/extract_otp_secrets.py'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="build/docker/nuitka/extract_otp_secrets_linux_x86_64_bullseye_compiled -h"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="build/docker/nuitka/extract_otp_secrets_linux_x86_64_bullseye_compiled --qr ZBAR example_export.png"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="cp build/docker/nuitka/extract_otp_secrets_linux_x86_64_bullseye_compiled dist/"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+        fi
+
+        if $build_arm; then
+            # build linux/arm64
+            cmd="$DOCKER run --platform linux/arm64 --network=host --entrypoint /bin/bash --rm -v \"$($PWD):/files\" -w /files extract_otp_secrets:bullseye-arm64 -c 'apt-get update && apt-get -y install binutils build-essential patchelf qt5-default && pip install -U pip && pip install -U -r /files/requirements.txt && pip install nuitka pyqt5 && PYTHONHASHSEED=31 && python -m nuitka --enable-plugin=tk-inter --enable-plugin=pyqt5 --include-data-dir=/usr/local/__yolo_v3_qr_detector/=__yolo_v3_qr_detector/ --onefile --output-dir=/files/build/docker/nuitka --output-filename=extract_otp_secrets_linux_arm64_compiled /files/src/extract_otp_secrets.py'"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="PLATFORM='linux/arm64' && EXE='build/docker/nuitka/extract_otp_secrets_linux_arm64_compiled' && $DOCKER run --platform \"\$PLATFORM\" --entrypoint /bin/bash --rm -v \"$($PWD):/files\" -w /files extract_otp_secrets:bullseye-arm64 -c \"\$EXE -V && \$EXE -h && \$EXE example_export.png && \$EXE - < example_export.txt && \$EXE --qr ZBAR example_export.png && \$EXE --qr QREADER example_export.png && \$EXE --qr QREADER_DEEP example_export.png && \$EXE --qr CV2 example_export.png && \$EXE --qr CV2_WECHAT example_export.png\""
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+
+            cmd="cp build/docker/nuitka/extract_otp_secrets_linux_arm64_compiled dist/"
+            if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+            eval "$cmd"
+        fi
+    fi
+
+    # Run GUI from Docker
+    if $build_x86_64 && $run_gui; then
+        cmd="$DOCKER run --network none --rm -v "$($PWD):/files:ro" --device=\"/dev/video0:/dev/video0\" --env=\"DISPLAY\" -v /tmp/.X11-unix:/tmp/.X11-unix:ro extract_otp_secrets &"
+        if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+        eval "$cmd"
+    fi
+fi
+
+if $run_gui; then
+    cmd="$PYTHON src/extract_otp_secrets.py &"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+fi
+
+if $build_base; then
+    line=$(printf '#%.0s' $(eval echo {1..$(( ($COLUMNS - 10) / 2))}))
+    echo -e "\n${blueBold}$line RESULTS $line${reset}"
+
+    cmd="cat $TYPE_CHECK_OUT_FILE $LINT_OUT_FILE $COVERAGE_OUT_FILE"
+    if $interactive ; then askContinueYn "$cmd"; else echo -e "${cyan}$cmd${reset}";fi
+    eval "$cmd"
+fi
+
+line=$(printf '#%.0s' $(eval echo {1..$(( ($COLUMNS - 10) / 2))}))
+echo -e "\n${greenBold}$line SUCCESS $line${reset}"
+
+git status
+
+quit
--- a/devenv.lock
+++ b/devenv.lock
@@ -0,0 +1,122 @@
+{
+  "nodes": {
+    "devenv": {
+      "locked": {
+        "dir": "src/modules",
+        "lastModified": 1726050924,
+        "owner": "cachix",
+        "repo": "devenv",
+        "rev": "cf471f691c3765ed431199f61b8bd70530bc4305",
+        "treeHash": "04a5d566820f8fb1955c7c49ccbd3ff95d9129d7",
+        "type": "github"
+      },
+      "original": {
+        "dir": "src/modules",
+        "owner": "cachix",
+        "repo": "devenv",
+        "type": "github"
+      }
+    },
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1696426674,
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+        "treeHash": "2addb7b71a20a25ea74feeaf5c2f6a6b30898ecb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
+    "gitignore": {
+      "inputs": {
+        "nixpkgs": [
+          "pre-commit-hooks",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1709087332,
+        "owner": "hercules-ci",
+        "repo": "gitignore.nix",
+        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
+        "treeHash": "ca14199cabdfe1a06a7b1654c76ed49100a689f9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "hercules-ci",
+        "repo": "gitignore.nix",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1716977621,
+        "owner": "cachix",
+        "repo": "devenv-nixpkgs",
+        "rev": "4267e705586473d3e5c8d50299e71503f16a6fb6",
+        "treeHash": "6d9f1f7ca0faf1bc2eeb397c78a49623260d3412",
+        "type": "github"
+      },
+      "original": {
+        "owner": "cachix",
+        "ref": "rolling",
+        "repo": "devenv-nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs-stable": {
+      "locked": {
+        "lastModified": 1725826545,
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "f4c846aee8e1e29062aa8514d5e0ab270f4ec2f9",
+        "treeHash": "8fc49deaed3f2728a7147c38163cc468a117570a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-24.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "pre-commit-hooks": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "gitignore": "gitignore",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "nixpkgs-stable": "nixpkgs-stable"
+      },
+      "locked": {
+        "lastModified": 1725513492,
+        "owner": "cachix",
+        "repo": "pre-commit-hooks.nix",
+        "rev": "7570de7b9b504cfe92025dd1be797bf546f66528",
+        "treeHash": "4b46d77870afecd8f642541cb4f4927326343b59",
+        "type": "github"
+      },
+      "original": {
+        "owner": "cachix",
+        "repo": "pre-commit-hooks.nix",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "devenv": "devenv",
+        "nixpkgs": "nixpkgs",
+        "pre-commit-hooks": "pre-commit-hooks"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/devenv.nix
+++ b/devenv.nix
@@ -0,0 +1,24 @@
+{
+  pkgs,
+  lib,
+  config,
+  inputs,
+  ...
+}:
+
+{
+  cachix.enable = false;
+
+  languages.python = {
+    enable = true;
+    venv = {
+      enable = true;
+      requirements = ./requirements.txt;
+    };
+  };
+
+  packages = [
+    pkgs.git
+    pkgs.zbar
+  ];
+}
--- a/devenv.yaml
+++ b/devenv.yaml
@@ -0,0 +1,14 @@
+inputs:
+  nixpkgs:
+    url: github:cachix/devenv-nixpkgs/rolling
+
+# If you're using non-OSS software, you can set allowUnfree to true.
+# allowUnfree: true
+
+# If you're willing to use a package that's vulnerable
+# permittedInsecurePackages:
+#  - "openssl-1.1.1w"
+
+# If you have more than one devenv you can merge them
+#imports:
+# - ./backend
--- a/docker/.alias
+++ b/docker/.alias
@@ -0,0 +1,4 @@
+alias ll='ls -lh'
+alias la='ls -lha'
+alias l='ls -alhF'
+alias ls-l='ls -lh'
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -0,0 +1,37 @@
+# --build-arg BASE_IMAGE=python:3.11-slim-buster
+ARG BASE_IMAGE=python:3.14-slim-trixie
+FROM $BASE_IMAGE
+
+# https://docs.docker.com/engine/reference/builder/
+
+# For debugging
+# docker build . -t extract_otp_secrets --pull --build-arg RUN_TESTS=false
+# docker run --rm -v "$(pwd)":/files:ro extract_otp_secrets
+# docker run --entrypoint /extract/run_pytest.sh --rm -v "$(pwd)":/files:ro extract_otp_secrets
+# docker run --entrypoint /bin/bash -it --rm -v "$(pwd)":/files:ro --device="/dev/video0:/dev/video0" --env="DISPLAY" -v /tmp/.X11-unix:/tmp/.X11-unix:ro extract_otp_secrets
+
+WORKDIR /extract
+
+COPY requirements*.txt src/ run_pytest.sh pytest.ini tests/ example_*.txt example_*.png example_*.csv example*.json docker/.alias ./
+
+ARG RUN_TESTS=true
+
+RUN uname -a \
+    && apt-get update && apt-get install -y --no-install-recommends \
+        libgl1 \
+        libglib2.0-0 \
+        libsm6 \
+        libzbar0 \
+        python3-tk \
+    && rm -rf /var/lib/apt/lists/* \
+    && pip install --no-cache-dir -U pip -r requirements.txt \
+    && if [ "$RUN_TESTS" = "true" ]; then /extract/run_pytest.sh; else echo "Not running tests..."; fi \
+    && echo 'test -s /extract/.alias && . /extract/.alias || true' >> ~/.bashrc
+
+WORKDIR /files
+
+ENTRYPOINT ["python", "/extract/extract_otp_secrets.py"]
+
+LABEL org.opencontainers.image.source=https://github.com/scito/extract_otp_secrets
+LABEL org.opencontainers.image.license=GPL-3.0+
+LABEL maintainer="Scito https://scito.ch, https://github.com/scito"
--- a/docker/Dockerfile_only_txt
+++ b/docker/Dockerfile_only_txt
@@ -0,0 +1,49 @@
+ARG BASE_IMAGE=python:3.14-alpine
+FROM $BASE_IMAGE
+
+# https://docs.docker.com/engine/reference/builder/
+
+# For debugging
+# docker run --rm -v "$(pwd)":/files:ro extract_otp_secrets_only_txt
+# docker build . -t extract_otp_secrets_only_txt -f Dockerfile_only_txt --pull --build-arg RUN_TESTS=false
+# docker run --entrypoint /bin/ash -it --rm -v "$(pwd)":/files:ro extract_otp_secrets_only_txt -l
+# docker run --entrypoint /extract/run_pytest.sh --rm -v "$(pwd)":/files:ro extract_otp_secrets_only_txt extract_otp_secrets_test.py -k "not qreader" --relaxed -vvv -s
+
+# https://github.com/pypa/manylinux/blob/main/docker/Dockerfile
+
+WORKDIR /extract
+
+COPY requirements*.txt src/ run_pytest.sh pytest.ini tests/ example_*.txt example_*.png example_*.csv example*.json docker/.alias ./
+
+ARG RUN_TESTS=true
+
+RUN uname -a \
+    && apk add --no-cache \
+        jpeg \
+        zlib \
+    && echo "Arch: $(apk --print-arch)" \
+    && if [[ "$(apk --print-arch)" == "aarch64" ]]; then apk add --no-cache --virtual .build-deps \
+        gcc \
+        jpeg-dev \
+        libc-dev \
+        py3-setuptools \
+        python3-dev \
+        zlib-dev \
+    ; fi \
+    && pip install --no-cache-dir -U \
+        pip \
+        colorama \
+        Pillow \
+        protobuf \
+        qrcode \
+    && if [[ "$(apk --print-arch)" == "aarch64" ]]; then apk del .build-deps; fi \
+    && if [[ "$RUN_TESTS" == "true" ]]; then /extract/run_pytest.sh extract_otp_secrets_test.py -k "not qreader" --relaxed; else echo "Not running tests..."; fi \
+    && echo 'test -s /extract/.alias && . /extract/.alias || true' >> ~/.profile
+
+WORKDIR /files
+
+ENTRYPOINT ["python", "/extract/extract_otp_secrets.py"]
+
+LABEL org.opencontainers.image.source=https://github.com/scito/extract_otp_secrets
+LABEL org.opencontainers.image.license=GPL-3.0+
+LABEL maintainer="Scito https://scito.ch, https://github.com/scito"
--- a/docs/Export-account-option-in-the-Google-Authenticator.webp
+++ b/docs/Export-account-option-in-the-Google-Authenticator.webp
--- a/docs/Export-account-option-in-the-Google-Authenticator_300px.webp
+++ b/docs/Export-account-option-in-the-Google-Authenticator_300px.webp
--- a/docs/Exported-QR-codes.webp
+++ b/docs/Exported-QR-codes.webp
--- a/docs/Exported-QR-codes_300px.webp
+++ b/docs/Exported-QR-codes_300px.webp
--- a/docs/README_TOC.md
+++ b/docs/README_TOC.md
@@ -0,0 +1,58 @@
+Generate from file: README.md
+
+## Table of contents
+
+- [Table of contents](#table-of-contents)
+- [Download and run binary executable (🆕 since v2.1)](#download-and-run-binary-executable--since-v21)
+  - [MacOS](#macos)
+- [Usage](#usage)
+  - [Capture QR codes from camera (🆕 since version 2.0)](#capture-qr-codes-from-camera--since-version-20)
+  - [With builtin QR decoder from image files (🆕 since version 2.0)](#with-builtin-qr-decoder-from-image-files--since-version-20)
+  - [With external QR decoder app from text files](#with-external-qr-decoder-app-from-text-files)
+- [Installation of Python script (recommended for developers or advanced users)](#installation-of-python-script-recommended-for-developers-or-advanced-users)
+  - [Installation of optional shared system libraries (recommended)](#installation-of-optional-shared-system-libraries-recommended)
+- [Program help: arguments and options](#program-help-arguments-and-options)
+- [Examples](#examples)
+  - [Printing otp secrets from text file](#printing-otp-secrets-from-text-file)
+  - [Printing otp secrets from image file](#printing-otp-secrets-from-image-file)
+  - [Writing otp secrets to csv file](#writing-otp-secrets-to-csv-file)
+  - [Writing otp secrets to json file](#writing-otp-secrets-to-json-file)
+  - [Printing otp secrets multiple files](#printing-otp-secrets-multiple-files)
+  - [Printing otp secrets from stdin (text)](#printing-otp-secrets-from-stdin-text)
+  - [Printing otp secrets from stdin (image)](#printing-otp-secrets-from-stdin-image)
+  - [Printing otp secrets csv to stdout](#printing-otp-secrets-csv-to-stdout)
+  - [Printing otp secrets csv to stdout without header line](#printing-otp-secrets-csv-to-stdout-without-header-line)
+  - [Reading from stdin and printing to stdout](#reading-from-stdin-and-printing-to-stdout)
+- [Features](#features)
+- [KeePass](#keepass)
+- [How to export otp secrets from Google Authenticator app](#how-to-export-otp-secrets-from-google-authenticator-app)
+- [Glossary](#glossary)
+- [Alternative installation methods](#alternative-installation-methods)
+  - [pip using github](#pip-using-github)
+  - [local pip](#local-pip)
+  - [pipenv](#pipenv)
+  - [Visual Studio Code Remote - Containers / VSCode devcontainer](#visual-studio-code-remote---containers--vscode-devcontainer)
+  - [venv](#venv)
+  - [devbox 1](#devbox-1)
+  - [devbox 2](#devbox-2)
+  - [docker](#docker)
+  - [More docker examples](#more-docker-examples)
+- [Tests](#tests)
+  - [PyTest](#pytest)
+  - [unittest](#unittest)
+  - [VSCode Setup](#vscode-setup)
+- [Development](#development)
+  - [Build](#build)
+  - [Upgrade pip Packages](#upgrade-pip-packages)
+  - [Build docker images](#build-docker-images)
+  - [Create executables with pyinstaller](#create-executables-with-pyinstaller)
+  - [Full local build (bash)](#full-local-build-bash)
+- [Technical background](#technical-background)
+- [References](#references)
+- [Issues](#issues)
+- [Problems and Troubleshooting](#problems-and-troubleshooting)
+  - [Windows error message](#windows-error-message)
+- [Related projects](#related-projects)
+- [Third party documentation](#third-party-documentation)
+
+Table of contents generated.
--- a/docs/Transfer-accounts-option-in-the-Google-Authenticator.webp
+++ b/docs/Transfer-accounts-option-in-the-Google-Authenticator.webp
--- a/docs/Transfer-accounts-option-in-the-Google-Authenticator_300px.webp
+++ b/docs/Transfer-accounts-option-in-the-Google-Authenticator_300px.webp
--- a/docs/cv2_capture_screenshot.png
+++ b/docs/cv2_capture_screenshot.png
--- a/docs/meta.md
+++ b/docs/meta.md
@@ -0,0 +1,3 @@
+## Star History
+
+[![Star History Chart](https://api.star-history.com/svg?repos=scito/extract_otp_secrets&type=Date)](https://star-history.com/#scito/extract_otp_secrets&Date)
--- a/example_export.png
+++ b/example_export.png
--- a/example_export.txt
+++ b/example_export.txt
@@ -1,4 +1,5 @@
 # 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/
+
 # Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY
 # otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
 otpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B
@@ -9,3 +10,10 @@ otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXB
 # otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
 # otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
 otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B
+
+# otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+otpauth-migration://offline?data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D
+
+# otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+# Name: "encoding: ¿äÄéÉ? (demo)"
+otpauth-migration://offline?data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D
--- a/example_keepass_output.hotp.csv
+++ b/example_keepass_output.hotp.csv
@@ -0,0 +1,2 @@
+Title,User Name,HmacOtp-Secret-Base32,HmacOtp-Counter,Group
+,hotp demo,7KSQL2JTUDIS5EF65KLMRQIIGY,4,OTP/HOTP
--- a/example_keepass_output.totp.csv
+++ b/example_keepass_output.totp.csv
@@ -0,0 +1,6 @@
+Title,User Name,TimeOtp-Secret-Base32,Group
+raspberrypi,pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,OTP/TOTP
+,pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,OTP/TOTP
+,pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,OTP/TOTP
+raspberrypi,pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,OTP/TOTP
+,encoding: ¿äÄéÉ? (demo),7KSQL2JTUDIS5EF65KLMRQIIGY,OTP/TOTP
--- a/example_output.csv
+++ b/example_output.csv
@@ -1,5 +1,7 @@
-name,secret,issuer,type,url
-pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,raspberrypi,OTP_TOTP,otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
-pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,,OTP_TOTP,otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
-pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,,OTP_TOTP,otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
-pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,raspberrypi,OTP_TOTP,otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+name,secret,issuer,type,counter,url
+pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,raspberrypi,totp,,otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,,totp,,otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,,totp,,otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+pi@raspberrypi,7KSQL2JTUDIS5EF65KLMRQIIGY,raspberrypi,totp,,otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+hotp demo,7KSQL2JTUDIS5EF65KLMRQIIGY,,hotp,4,otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+encoding: ¿äÄéÉ? (demo),7KSQL2JTUDIS5EF65KLMRQIIGY,,totp,,otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
--- a/example_output.json
+++ b/example_output.json
@@ -3,28 +3,48 @@
        "name": "pi@raspberrypi",
        "secret": "7KSQL2JTUDIS5EF65KLMRQIIGY",
        "issuer": "raspberrypi",
-        "type": "OTP_TOTP",
+        "type": "totp",
+        "counter": null,
        "url": "otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi"
    },
    {
        "name": "pi@raspberrypi",
        "secret": "7KSQL2JTUDIS5EF65KLMRQIIGY",
        "issuer": "",
-        "type": "OTP_TOTP",
+        "type": "totp",
+        "counter": null,
        "url": "otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY"
    },
    {
        "name": "pi@raspberrypi",
        "secret": "7KSQL2JTUDIS5EF65KLMRQIIGY",
        "issuer": "",
-        "type": "OTP_TOTP",
+        "type": "totp",
+        "counter": null,
        "url": "otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY"
    },
    {
        "name": "pi@raspberrypi",
        "secret": "7KSQL2JTUDIS5EF65KLMRQIIGY",
        "issuer": "raspberrypi",
-        "type": "OTP_TOTP",
+        "type": "totp",
+        "counter": null,
        "url": "otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi"
+    },
+    {
+        "name": "hotp demo",
+        "secret": "7KSQL2JTUDIS5EF65KLMRQIIGY",
+        "issuer": "",
+        "type": "hotp",
+        "counter": 4,
+        "url": "otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4"
+    },
+    {
+        "name": "encoding: ¿äÄéÉ? (demo)",
+        "secret": "7KSQL2JTUDIS5EF65KLMRQIIGY",
+        "issuer": "",
+        "type": "totp",
+        "counter": null,
+        "url": "otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY"
    }
-]
+]
--- a/extract_otp_secret_keys.py
+++ b/extract_otp_secret_keys.py
@@ -1,223 +0,0 @@
-# Extract two-factor authentication (2FA, TFA) secret keys from export QR codes of "Google Authenticator" app
-#
-# Usage:
-# 1. Export the QR codes from "Google Authenticator" app
-# 2. Read QR codes with QR code reader (e.g. with a second device)
-# 3. Save the captured QR codes in a text file. Save each QR code on a new line. (The captured QR codes look like "otpauth-migration://offline?data=...")
-# 4. Call this script with the file as input:
-#    python extract_otp_secret_keys.py -p example_export.txt
-#
-# Requirement:
-# The protobuf package of Google for proto3 is required for running this script.
-# pip install protobuf
-#
-# Optional:
-# For printing QR codes, the qrcode module is required
-# pip install qrcode
-#
-# Technical background:
-# The export QR code of "Google Authenticator" contains the URL "otpauth-migration://offline?data=...".
-# The data parameter is a base64 encoded proto3 message (Google Protocol Buffers).
-#
-# Command for regeneration of Python code from proto3 message definition file (only necessary in case of changes of the proto3 message definition):
-# protoc --python_out=generated_python google_auth.proto
-#
-# References:
-# Proto3 documentation: https://developers.google.com/protocol-buffers/docs/pythontutorial
-# Template code: https://github.com/beemdevelopment/Aegis/pull/406
-
-# Author: Scito (https://scito.ch)
-
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-import argparse
-import base64
-import fileinput
-import sys
-import csv
-import json
-from urllib.parse import parse_qs, urlencode, urlparse, quote
-from os import path, mkdir
-from re import compile as rcompile
-import protobuf_generated_python.google_auth_pb2
-
-
-def sys_main():
-    main(sys.argv[1:])
-
-
-def main(sys_args):
-    global verbose, quiet
-    args = parse_args(sys_args)
-    verbose = args.verbose if args.verbose else 0
-    quiet = args.quiet
-
-    otps = extract_otps(args)
-    write_csv(args, otps)
-    write_json(args, otps)
-
-
-def parse_args(sys_args):
-    arg_parser = argparse.ArgumentParser()
-    arg_parser.add_argument('--verbose', '-v', help='verbose output', action='count')
-    arg_parser.add_argument('--quiet', '-q', help='no stdout output', action='store_true')
-    arg_parser.add_argument('--saveqr', '-s', help='save QR code(s) as images to the "qr" subfolder', action='store_true')
-    arg_parser.add_argument('--printqr', '-p', help='print QR code(s) as text to the terminal', action='store_true')
-    arg_parser.add_argument('--json', '-j', help='export to json file')
-    arg_parser.add_argument('--csv', '-c', help='export to csv file')
-    arg_parser.add_argument('infile', help='file or - for stdin (default: -) with "otpauth-migration://..." URLs separated by newlines, lines starting with # are ignored')
-    args = arg_parser.parse_args(sys_args)
-    if args.verbose and args.quiet:
-        print("The arguments --verbose and --quite are mutual exclusive.")
-        sys.exit(1)
-    return args
-
-
-def extract_otps(args):
-    global verbose, quiet
-    quiet = args.quiet
-
-    otps = []
-
-    i = j = 0
-    for line in (line.strip() for line in fileinput.input(args.infile)):
-        if verbose: print(line)
-        if line.startswith('#') or line == '': continue
-        i += 1
-        payload = get_payload_from_line(line, i, args)
-
-        # pylint: disable=no-member
-        for raw_otp in payload.otp_parameters:
-            j += 1
-            if verbose: print('\n{}. Secret Key'.format(j))
-            secret = convert_secret_from_bytes_to_base32_str(raw_otp.secret)
-            otp_type = get_enum_name_by_number(raw_otp, 'type')
-            otp_url = build_otp_url(secret, raw_otp)
-            otp = {
-                "name": raw_otp.name,
-                "secret": secret,
-                "issuer": raw_otp.issuer,
-                "type": otp_type,
-                "url": otp_url
-            }
-            if not quiet:
-                print_otp(otp)
-            if args.printqr:
-                print_qr(args, otp_url)
-            if args.saveqr:
-                save_qr(otp, args, j)
-            if not quiet:
-                print()
-
-            otps.append(otp)
-    return otps
-
-
-def get_payload_from_line(line, i, args):
-    global verbose
-    if not line.startswith('otpauth-migration://'):
-        print('\nWARN: line is not a otpauth-migration:// URL\ninput file: {}\nline "{}"\nProbably a wrong file was given'.format(args.infile, line))
-    parsed_url = urlparse(line)
-    if verbose > 1: print('\nDEBUG: parsed_url={}'.format(parsed_url))
-    params = parse_qs(parsed_url.query, strict_parsing=True)
-    if verbose > 1: print('\nDEBUG: querystring params={}'.format(params))
-    if 'data' not in params:
-        print('\nERROR: no data query parameter in input URL\ninput file: {}\nline "{}"\nProbably a wrong file was given'.format(args.infile, line))
-        sys.exit(1)
-    data_base64 = params['data'][0]
-    if verbose > 1: print('\nDEBUG: data_base64={}'.format(data_base64))
-    data_base64_fixed = data_base64.replace(' ', '+')
-    if verbose > 1: print('\nDEBUG: data_base64_fixed={}'.format(data_base64))
-    data = base64.b64decode(data_base64_fixed, validate=True)
-    payload = protobuf_generated_python.google_auth_pb2.MigrationPayload()
-    payload.ParseFromString(data)
-    if verbose:
-        print('\n{}. Payload Line'.format(i), payload, sep='\n')
-
-    return payload
-
-
-# https://stackoverflow.com/questions/40226049/find-enums-listed-in-python-descriptor-for-protobuf
-def get_enum_name_by_number(parent, field_name):
-    field_value = getattr(parent, field_name)
-    return parent.DESCRIPTOR.fields_by_name[field_name].enum_type.values_by_number.get(field_value).name
-
-
-def convert_secret_from_bytes_to_base32_str(bytes):
-    return str(base64.b32encode(bytes), 'utf-8').replace('=', '')
-
-
-def build_otp_url(secret, raw_otp):
-    url_params = {'secret': secret}
-    if raw_otp.type == 1: url_params['counter'] = raw_otp.counter
-    if raw_otp.issuer: url_params['issuer'] = raw_otp.issuer
-    otp_url = 'otpauth://{}/{}?'.format('totp' if raw_otp.type == 2 else 'hotp', quote(raw_otp.name)) + urlencode(url_params)
-    return otp_url
-
-
-def print_otp(otp):
-    print('Name:   {}'.format(otp['name']))
-    print('Secret: {}'.format(otp['secret']))
-    if otp['issuer']: print('Issuer: {}'.format(otp['issuer']))
-    print('Type:   {}'.format(otp['type']))
-    if verbose:
-        print(otp['url'])
-
-
-def save_qr(otp, args, j):
-    if not (path.exists('qr')): mkdir('qr')
-    pattern = rcompile(r'[\W_]+')
-    file_otp_name = pattern.sub('', otp.name)
-    file_otp_issuer = pattern.sub('', otp.issuer)
-    save_qr_file(args, otp.url, 'qr/{}-{}{}.png'.format(j, file_otp_name, '-' + file_otp_issuer if file_otp_issuer else ''))
-    return file_otp_issuer
-
-
-def save_qr_file(args, data, name):
-    from qrcode import QRCode
-    global verbose
-    qr = QRCode()
-    qr.add_data(data)
-    img = qr.make_image(fill_color='black', back_color='white')
-    if verbose: print('Saving to {}'.format(name))
-    img.save(name)
-
-
-def print_qr(args, data):
-    from qrcode import QRCode
-    qr = QRCode()
-    qr.add_data(data)
-    qr.print_ascii()
-
-
-def write_csv(args, otps):
-    global verbose, quiet
-    if args.csv and len(otps) > 0:
-        with open(args.csv, "w") as outfile:
-            writer = csv.DictWriter(outfile, otps[0].keys())
-            writer.writeheader()
-            writer.writerows(otps)
-        if not quiet: print("Exported {} otps to csv".format(len(otps)))
-
-
-def write_json(args, otps):
-    global verbose, quiet
-    if args.json:
-        with open(args.json, "w") as outfile:
-            json.dump(otps, outfile, indent=4)
-        if not quiet: print("Exported {} otp entries to json".format(len(otps)))
-
-
-if __name__ == '__main__':
-    sys_main()
--- a/extract_otp_secret_keys.code-workspace
+++ b/extract_otp_secret_keys.code-workspace
@@ -11,10 +11,10 @@
 		"version": "0.2.0",
 		"configurations": [
            {
-                "name": "Python: extract_otp_secret_keys.py",
+                "name": "Python: extract_otp_secrets.py",
                "type": "python",
                "request": "launch",
-                "program": "extract_otp_secret_keys.py",
+                "program": "extract_otp_secrets.py",
                "args": [
                    "example_export.txt"
                ],
--- a/installer/build_dmg.sh
+++ b/installer/build_dmg.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+# Create a folder (named dmg) to prepare our DMG in (if it doesn't already exist).
+
+# https://www.pythonguis.com/tutorials/packaging-pyqt5-applications-pyinstaller-macos-dmg/
+
+mkdir -p dist/dmg
+# Empty the dmg folder.
+rm -r dist/dmg/*
+# Copy the app bundle to the dmg folder.
+cp -r "dist/extract_otp_secrets.app" dist/dmg
+# If the DMG already exists, delete it.
+test -f "dist/extract_otp_secrets.dmg" && rm "dist/extract_otp_secrets.dmg"
+create-dmg \
+  --volname "Extract OTP Secrets" \
+  --window-pos 200 120 \
+  --window-size 600 300 \
+  --icon-size 100 \
+  --hide-extension "extract_otp_secrets.app" \
+  --app-drop-link 425 120 \
+  "dist/extract_otp_secrets.dmg" \
+  "dist/dmg/"
--- a/installer/extract_otp_secrets_macos_template.spec
+++ b/installer/extract_otp_secrets_macos_template.spec
@@ -0,0 +1,111 @@
+# -*- mode: python ; coding: utf-8 -*-
+
+# https://www.pythonguis.com/tutorials/packaging-pyqt5-applications-pyinstaller-macos-dmg/
+# https://developer.apple.com/library/archive/documentation/CoreFoundation/Conceptual/CFBundles/BundleTypes/BundleTypes.html
+
+block_cipher = None
+
+a = Analysis(
+    ['src/extract_otp_secrets.py'],
+    pathex=[],
+    binaries=[],
+    datas=[('$macos_python_path/__yolo_v3_qr_detector/', '__yolo_v3_qr_detector/')],
+    hiddenimports=[],
+    hookspath=[],
+    hooksconfig={},
+    runtime_hooks=[],
+    excludes=[],
+    win_no_prefer_redirects=False,
+    win_private_assemblies=False,
+    cipher=block_cipher,
+    noarchive=False,
+)
+pyz = PYZ(a.pure, a.zipped_data, cipher=block_cipher)
+
+exe = EXE(
+    pyz,
+    a.scripts,
+    a.binaries,
+    a.zipfiles,
+    a.datas,
+    [],
+    name='extract_otp_secrets',
+    debug=False,
+    bootloader_ignore_signals=False,
+    strip=False,
+    upx=True,
+    upx_exclude=[],
+    runtime_tmpdir=None,
+    console=True,
+    disable_windowed_traceback=False,
+    argv_emulation=True,
+    target_arch=None,
+    codesign_identity=None,
+    entitlements_file=None,
+)
+app = BUNDLE(
+    exe,
+    name='extract_otp_secrets.app',
+    icon=None,
+    bundle_identifier='ch.scito.tools.extract_otp_secrets',
+    version='$VERSION_STR',
+        info_plist={
+        'NSPrincipalClass': 'NSApplication',
+        'NSAppleScriptEnabled': False,
+        'NSHumanReadableCopyright': 'Copyright © $COPYRIGHT_YEARS Scito.',
+        'CFBundleDocumentTypes': [
+            # Reference: https://chromium.googlesource.com/chromium/src/+/lkgr/chrome/app/app-Info.plist
+            # https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/understanding_utis/understand_utis_conc/understand_utis_conc.html#//apple_ref/doc/uid/TP40001319-CH202-SW6
+            # https://developer.apple.com/documentation/uniformtypeidentifiers/system-declared_uniform_type_identifiers
+            {
+                'CFBundleTypeName': 'GIF image',
+                'CFBundleTypeIconFile': 'document.icns',
+                'LSItemContentTypes': ['com.compuserve.gif'],
+                'LSHandlerRank': 'Alternate',
+                'NSExportableTypes': ['public.json','public.comma-separated-values-text','public.plain-text'],
+            },
+            {
+                'CFBundleTypeName': 'JPEG image',
+                'CFBundleTypeIconFile': 'document.icns',
+                'LSItemContentTypes': ['public.jpeg'],
+                'LSHandlerRank': 'Alternate',
+                'NSExportableTypes': ['public.json','public.comma-separated-values-text','public.plain-text'],
+            },
+            {
+                'CFBundleTypeName': 'PNG image',
+                'CFBundleTypeIconFile': 'document.icns',
+                'LSItemContentTypes': ['public.png'],
+                'LSHandlerRank': 'Alternate',
+                'NSExportableTypes': ['public.json','public.comma-separated-values-text','public.plain-text'],
+            },
+            {
+                'CFBundleTypeName': 'WebP image',
+                'CFBundleTypeIconFile': 'document.icns',
+                'LSItemContentTypes': ['org.webmproject.webp'],
+                'LSHandlerRank': 'Alternate',
+                'NSExportableTypes': ['public.json','public.comma-separated-values-text','public.plain-text'],
+            },
+            {
+                'CFBundleTypeName': 'Tiff image',
+                'CFBundleTypeIconFile': 'document.icns',
+                'LSItemContentTypes': ['public.tiff'],
+                'LSHandlerRank': 'Alternate',
+                'NSExportableTypes': ['public.json','public.comma-separated-values-text','public.plain-text'],
+            },
+            {
+                'CFBundleTypeName': 'Bmp image',
+                'CFBundleTypeIconFile': 'document.icns',
+                'LSItemContentTypes': ['com.microsoft.bmp'],
+                'LSHandlerRank': 'Alternate',
+                'NSExportableTypes': ['public.json','public.comma-separated-values-text','public.plain-text'],
+            },
+            {
+                'CFBundleTypeName': 'Plain text document',
+                'CFBundleTypeIconFile': 'document.icns',
+                'LSItemContentTypes': ['public.plain-text'],
+                'LSHandlerRank': 'Alternate',
+                'NSExportableTypes': ['public.json','public.comma-separated-values-text','public.plain-text'],
+            },
+        ],
+    },
+)
--- a/installer/win_file_version_info_template.txt
+++ b/installer/win_file_version_info_template.txt
@@ -0,0 +1,46 @@
+# UTF-8
+#
+# For more details about fixed file info 'ffi' see:
+# http://msdn.microsoft.com/en-us/library/ms646997.aspx
+VSVersionInfo(
+  ffi=FixedFileInfo(
+    # The elements of each tuple represent 16-bit values from most-significant to least-significant. For example the value (2, 0, 4, 0) resolves to 0002000000040000 in hex.
+    # filevers and prodvers should be always a tuple with four items: (1, 2, 3, 4)
+    # Set not needed items to zero 0.
+    filevers=($VERSION_MAJOR, $VERSION_MINOR, $VERSION_PATCH, $VERSION_BUILD),
+    prodvers=($VERSION_MAJOR, $VERSION_MINOR, $VERSION_PATCH, $VERSION_BUILD),
+    # Contains a bitmask that specifies the valid bits 'flags'r
+    mask=0x3f,
+    # Contains a bitmask that specifies the Boolean attributes of the file.
+    flags=0x0,
+    # The operating system for which this file was designed.
+    # 0x4 - NT and there is no need to change it.
+    OS=0x4,
+    # The general type of file.
+    # 0x1 - the file is an application.
+    fileType=0x1,
+    # The function of the file.
+    # 0x0 - the function is not defined for this fileType
+    subtype=0x0,
+    # Creation date and time stamp.
+    date=(0, 0)
+    ),
+  kids=[
+    StringFileInfo(
+      [
+      StringTable(
+        # 0x0409 (U.S. English) + 04B0 (1200 = Unicode), https://learn.microsoft.com/en-us/windows/win32/menurc/stringfileinfo-block
+        '040904B0',
+        [StringStruct('CompanyName', 'scito'),
+        StringStruct('FileDescription', 'extract_otp_secrets'),
+        StringStruct('FileVersion', '$VERSION_STR'),
+        StringStruct('InternalName', 'extract_otp_secrets'),
+        StringStruct('LegalCopyright', 'Copyright © $YEARS Scito.'),
+        StringStruct('OriginalFilename', 'extract_otp_secrets.exe'),
+        StringStruct('ProductName', 'extract_otp_secrets'),
+        StringStruct('ProductVersion', '$VERSION_STR')])
+      ]),
+    # 1033 (0x0409 = U.S. English), 1200 (Unicode)
+    VarFileInfo([VarStruct('Translation', [0, 1200])])
+  ]
+)
--- a/mypy.ini
+++ b/mypy.ini
@@ -0,0 +1 @@
+[mypy]
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -0,0 +1,77 @@
+[build-system]
+requires = [
+  "pip",
+  "nuitka",
+  # https://setuptools-git-versioning.readthedocs.io/en/latest/differences.html
+   "setuptools-git-versioning",
+  "wheel>=0.37.0",
+]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "extract_otp_secrets"
+# https://pypi.org/classifiers/
+classifiers = [
+    "Development Status :: 5 - Production/Stable",
+    "Environment :: Console",
+    "Environment :: X11 Applications :: Qt",
+    "Environment :: Win32 (MS Windows)",
+    "Topic :: System :: Archiving :: Backup",
+    "Topic :: Utilities",
+    "Topic :: Security",
+    "Topic :: Multimedia :: Graphics :: Capture :: Digital Camera",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+    "Programming Language :: Python :: 3.14",
+    "Intended Audience :: End Users/Desktop",
+    "Intended Audience :: Developers",
+    "Intended Audience :: System Administrators",
+    "Programming Language :: Python",
+    "Operating System :: POSIX :: Linux",
+    "Operating System :: Microsoft :: Windows :: Windows 10",
+    "Operating System :: Microsoft :: Windows :: Windows 11",
+    "Operating System :: MacOS",
+    "Natural Language :: English",
+    "License :: OSI Approved :: GNU General Public License v3 (GPLv3)",
+    "Typing :: Typed",
+]
+dependencies = [
+  "colorama>=0.4.6",
+  "opencv-contrib-python",
+  "numpy>=2.0,<2.1 ; python_version >= '3.9' and python_version < '3.10'",
+  "numpy>=2.2,<2.3 ; python_version >= '3.10' and python_version < '3.11'",
+  "numpy>=2.3,<3.0 ; python_version >= '3.11'",
+  "Pillow",
+  "protobuf",
+  "pyzbar",
+  "qrcode",
+  "qreader<2.0.0",
+]
+description = "Extracts one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as 'Google Authenticator'"
+dynamic = ["version"]
+keywords = ["python", "security", "json", "otp", "csv", "protobuf", "qrcode", "two-factor", "totp", "google-authenticator", "recovery", "proto3", "mfa", "two-factor-authentication", "tfa", "qr-codes", "otpauth", "2fa", "security-tools", "cv2"]
+license = {text = "GNU General Public License v3 (GPLv3)"}
+readme = "README.md"
+authors = [{name = "scito", email = "info@scito.ch"}]
+maintainers = [{name = "scito", email = "info@scito.ch"}]
+requires-python = ">=3.9, <4"
+scripts = {extract_otp_secrets = "extract_otp_secrets:sys_main"}
+urls = {Project-URL = "https://github.com/scito/extract_otp_secrets", Bug-Reports = "https://github.com/scito/extract_otp_secrets/issues", Source = "https://github.com/scito/extract_otp_secrets"}
+
+# [tool.setuptools]
+# Still in beta, once it is stable move config from setup.cfg to pyproject.toml
+# py-modules = ["extract_otp_secrets", "protobuf_generated_python.protobuf_generated_python"]
+
+# [tool.setuptools.dynamic]
+# version = {attr = "extract_otp_secrets.VERSION"}
+
+[tool.setuptools-git-versioning]
+enabled = true
+
+# https://blog.ionelmc.ro/2014/05/25/python-packaging/#the-structure%3E
+# https://docs.pytest.org/en/7.1.x/explanation/goodpractices.html#which-import-mode
+[tool.pytest.ini_options]
+addopts = [ "--import-mode=importlib", ]
--- a/pytest.ini
+++ b/pytest.ini
@@ -0,0 +1,3 @@
+[pytest]
+markers =
+    qreader: QR image reader tests
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -1,4 +1,15 @@
-wheel
-pytest
+build
 flake8
+gfm-toc
+mypy
+mypy-protobuf
+nuitka
+pyinstaller
 pylint
+pytest
+pytest-cov
+pytest-mock
+setuptools
+setuptools-git-versioning
+types-protobuf
+wheel
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,3 +1,10 @@
-protobuf
-qrcode
+colorama>=0.4.6
+opencv-contrib-python
+numpy>=2.0,<2.1 ; python_version >= "3.9" and python_version < "3.10"
+numpy>=2.2,<2.3 ; python_version >= "3.10" and python_version < "3.11"
+numpy>=2.3,<3.0 ; python_version >= "3.11"
 Pillow
+protobuf
+pyzbar
+qrcode
+qreader<2.0.0
--- a/run_pytest.sh
+++ b/run_pytest.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+cd /extract
+mkdir -p tests
+ln -sf /extract/data tests/data
+pip install -U pytest pytest-mock && pytest "$@"
--- a/setup.cfg
+++ b/setup.cfg
@@ -0,0 +1,16 @@
+[metadata]
+name = extract_otp_secrets
+
+[options]
+python_requires = >=3.9, <4
+py_modules = extract_otp_secrets, protobuf_generated_python.google_auth_pb2
+package_dir =
+    =src
+platforms =
+    Linux
+    Windows
+    MacOS
+# packages=find:
+
+# [options.packages.find]
+# where=src
--- a/setup.py
+++ b/setup.py
@@ -0,0 +1,5 @@
+#!/usr/bin/python3
+from setuptools import setup
+
+#  compatibility with legacy builds or versions of tools that don’t support certain packaging standards
+setup()
--- a/src/extract_otp_secrets.py
+++ b/src/extract_otp_secrets.py
@@ -0,0 +1,975 @@
+# Extract one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator"
+#
+# For more information, see README.md
+#
+# Source code available on https://github.com/scito/extract_otp_secrets
+#
+# Technical background:
+# The export QR code from "Google Authenticator" contains the URL "otpauth-migration://offline?data=…".
+# The data parameter is a base64 encoded proto3 message (Google Protocol Buffers).
+#
+# Command for regeneration of Python code from proto3 message definition file (only necessary in case of changes of the proto3 message definition):
+# protoc --plugin=protoc-gen-mypy=path/to/protoc-gen-mypy --python_out=src/protobuf_generated_python --mypy_out=src/protobuf_generated_python --proto_path=src google_auth.proto
+#
+# References:
+# Proto3 documentation: https://developers.google.com/protocol-buffers/docs/pythontutorial
+# Template code: https://github.com/beemdevelopment/Aegis/pull/406
+
+# Author: Scito (https://scito.ch)
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+from __future__ import annotations  # workaround for PYTHON <= 3.10
+
+import argparse
+import base64
+import csv
+import fileinput
+import glob
+import json
+import os
+import platform
+import re
+import sys
+import urllib.parse as urlparse
+from enum import Enum, IntEnum
+from importlib.metadata import PackageNotFoundError, version
+from typing import (Any, Final, List, Optional, Sequence, TextIO, Tuple,
+                    TypedDict, Union)
+
+import colorama
+from qrcode import QRCode
+
+import protobuf_generated_python.google_auth_pb2 as pb
+
+debug_mode = '-d' in sys.argv[1:] or '--debug' in sys.argv[1:]
+quiet = '-q' in sys.argv[1:] or '--quiet' in sys.argv[1:]
+headless: bool = False
+
+
+try:
+    import cv2
+    import cv2.typing
+    import numpy as np
+
+    try:
+        import tkinter
+        import tkinter.filedialog
+        import tkinter.messagebox
+    except ImportError:
+        headless = True
+
+    try:
+        import pyzbar.pyzbar as zbar  # type: ignore
+        from qreader import QReader  # type: ignore
+        zbar_available = True
+    except Exception as e:
+        if not quiet:
+            print(f"""
+WARN: Cannot import pyzbar module. This problem is probably due to the missing zbar shared library. (The zbar library is optional.)
+See in README.md for the installation of the zbar shared library.
+Exception: {e}\n""", file=sys.stderr)
+        zbar_available = False
+        if debug_mode:
+            raise e
+
+    # Types
+    # workaround for PYTHON <= 3.9: Final[tuple[int]]
+    ColorBGR = Tuple[int, int, int]  # RGB Color specified as Blue, Green, Red
+    Point = Tuple[int, int]
+
+    # CV2 camera capture constants
+    FONT: Final[int] = cv2.FONT_HERSHEY_PLAIN
+    FONT_SCALE: Final[float] = 1.3
+    FONT_THICKNESS: Final[int] = 1
+    FONT_LINE_STYLE: Final[int] = cv2.LINE_AA
+    FONT_COLOR: Final[ColorBGR] = 255, 0, 0
+    BOX_THICKNESS: Final[int] = 5
+    WINDOW_X: Final[int] = 0
+    WINDOW_Y: Final[int] = 1
+    WINDOW_WIDTH: Final[int] = 2
+    WINDOW_HEIGHT: Final[int] = 3
+    TEXT_WIDTH: Final[int] = 0
+    TEXT_HEIGHT: Final[int] = 1
+    BORDER: Final[int] = 5
+    START_Y: Final[int] = 20
+    START_POS_TEXT: Final[Point] = BORDER, START_Y
+    NORMAL_COLOR: Final[ColorBGR] = 255, 0, 255
+    SUCCESS_COLOR: Final[ColorBGR] = 0, 255, 0
+    FAILURE_COLOR: Final[ColorBGR] = 0, 0, 255
+    CHAR_DX: Final[int] = (lambda text: cv2.getTextSize(text, FONT, FONT_SCALE, FONT_THICKNESS)[0][TEXT_WIDTH] // len(text))("28 QR codes capturedMMM")
+    FONT_DY: Final[int] = cv2.getTextSize("M", FONT, FONT_SCALE, FONT_THICKNESS)[0][TEXT_HEIGHT] + 5
+    WINDOW_NAME: Final[str] = "Extract OTP Secrets: Capture QR Codes from Camera"
+
+    TextPosition = Enum('TextPosition', ['LEFT', 'RIGHT'])
+
+    cv2_available = True
+except ImportError as e:
+    cv2_available = False
+    if debug_mode:
+        raise e
+
+# Workaround for PYTHON <= 3.9: Generally Union[int, None] used instead of int | None
+
+# Types
+Args = argparse.Namespace
+OtpUrl = str
+# Workaround for PYTHON <= 3.9: Otp = TypedDict('Otp', {'name': str, 'secret': str, 'issuer': str, 'type': str, 'counter': int | None, 'url': OtpUrl})
+Otp = TypedDict('Otp', {'name': str, 'secret': str, 'issuer': str, 'type': str, 'counter': Union[int, None], 'url': OtpUrl})
+# workaround for PYTHON <= 3.9: Otps = list[Otp]
+Otps = List[Otp]
+# workaround for PYTHON <= 3.9: OtpUrls = list[OtpUrl]
+OtpUrls = List[OtpUrl]
+
+QRMode = Enum('QRMode', ['ZBAR', 'QREADER', 'QREADER_DEEP', 'CV2', 'CV2_WECHAT'], start=0)
+LogLevel = IntEnum('LogLevel', ['QUIET', 'NORMAL', 'VERBOSE', 'MORE_VERBOSE', 'DEBUG'], start=-1)
+
+
+# Constants
+CAMERA: Final[str] = 'camera'
+CV2_QRMODES: List[str] = [QRMode.CV2.name, QRMode.CV2_WECHAT.name]
+
+# Global variable declaration
+verbose: IntEnum = LogLevel.NORMAL
+colored: bool = True
+executable: bool = False
+__version__: str
+tk_root: tkinter.Tk
+
+
+def sys_main() -> None:
+    main(sys.argv[1:])
+
+
+def main(sys_args: list[str]) -> None:
+    global executable, tk_root, headless
+    # allow to use sys.stdout with with (avoid closing)
+    sys.stdout.close = lambda: None  # type: ignore
+    # set encoding to utf-8, needed for Windows
+    try:
+        sys.stdout.reconfigure(encoding='utf-8')  # type: ignore
+        sys.stderr.reconfigure(encoding='utf-8')  # type: ignore
+    except AttributeError:  # '_io.StringIO' object has no attribute 'reconfigure'
+        # StringIO in tests do not have all attributes, ignore it
+        pass
+
+    # https://pyinstaller.org/en/stable/runtime-information.html#run-time-information
+    executable = getattr(sys, 'frozen', False) and hasattr(sys, '_MEIPASS')
+
+    if cv2_available and not headless:
+        try:
+            tk_root = tkinter.Tk()
+            tk_root.withdraw()
+        except tkinter.TclError:
+            headless = True
+
+    args = parse_args(sys_args)
+
+    if colored:
+        colorama.just_fix_windows_console()
+    if verbose >= LogLevel.DEBUG:
+        print(f"Version: {get_full_version()}\n")
+    if args.debug:
+        sys.exit(0 if do_debug_checks() else 1)
+
+    otps = extract_otps(args)
+
+    write_csv(args.csv, otps)
+    write_keepass_csv(args.keepass, otps)
+    write_json(args.json, otps)
+    write_txt(args.txt, otps, True)
+    write_urls(args.urls, otps)
+
+
+# workaround for PYTHON <= 3.9 use: pb.MigrationPayload | None
+def get_payload_from_otp_url(otp_url: str, i: int, source: str) -> Optional[pb.MigrationPayload]:
+    '''Extracts the otp migration payload from an otp url. This function is the core of the this appliation.'''
+    if not is_opt_url(otp_url, source):
+        return None
+    parsed_url = urlparse.urlparse(otp_url)
+    if verbose >= LogLevel.DEBUG: log_debug(f"parsed_url={parsed_url}")
+    try:
+        params = urlparse.parse_qs(parsed_url.query, strict_parsing=True)
+    except Exception:  # workaround for PYTHON <= 3.10
+        params = {}
+    if verbose >= LogLevel.DEBUG: log_debug(f"querystring params={params}")
+    if 'data' not in params:
+        log_error(f"could not parse query parameter in input url\nsource: {source}\nurl: {otp_url}")
+        return None
+    data_base64 = params['data'][0]
+    if verbose >= LogLevel.DEBUG: log_debug(f"data_base64={data_base64}")
+    data_base64_fixed = data_base64.replace(' ', '+')
+    if verbose >= LogLevel.DEBUG: log_debug(f"data_base64_fixed={data_base64_fixed}")
+    data = base64.b64decode(data_base64_fixed, validate=True)
+    payload = pb.MigrationPayload()
+    try:
+        payload.ParseFromString(data)
+    except Exception as e:
+        abort(f"Cannot decode otpauth-migration migration payload.\n"
+              f"data={data_base64}", e)
+    if verbose >= LogLevel.DEBUG: log_debug(f"\n{i}. Payload Line", payload, sep='\n')
+
+    return payload
+
+
+def extract_otp_from_otp_url(otpauth_migration_url: str, otps: Otps, urls_count: int, infile: str, args: Args) -> int:
+    '''Converts the otp migration payload into a normal Python dictionary. This function is the core of the this appliation.'''
+    payload = get_payload_from_otp_url(otpauth_migration_url, urls_count, infile)
+
+    if not payload:
+        return 0
+
+    new_otps_count = 0
+    # pylint: disable=no-member
+    for raw_otp in payload.otp_parameters:
+        if verbose: print(f"\n{len(otps) + 1}. Secret")
+        secret = convert_secret_from_bytes_to_base32_str(raw_otp.secret)
+        if verbose >= LogLevel.DEBUG: log_debug('OTP enum type:', get_enum_name_by_number(raw_otp, 'type'))
+        otp_type = get_otp_type_str_from_code(raw_otp.type)
+        otp_url = build_otp_url(secret, raw_otp)
+        otp: Otp = {
+            "name": raw_otp.name,
+            "secret": secret,
+            "issuer": raw_otp.issuer,
+            "type": otp_type,
+            "counter": raw_otp.counter if raw_otp.type == 1 else None,
+            "url": otp_url
+        }
+        if otp not in otps or not args.ignore:
+            otps.append(otp)
+            new_otps_count += 1
+            if not quiet:
+                print_otp(otp)
+            if args.printqr:
+                print_qr(otp_url)
+            if args.saveqr:
+                save_qr_image(otp, args.saveqr, len(otps))
+            if not quiet:
+                print()
+        elif args.ignore and not quiet:
+            eprint(f"Ignored duplicate otp: {otp['name']}", f" / {otp['issuer']}\n" if otp['issuer'] else '\n', sep='')
+
+    return new_otps_count
+
+
+def parse_args(sys_args: list[str]) -> Args:
+    global verbose, quiet, colored
+
+    cmd = f"python {name}" if (name := os.path.basename(sys.argv[0])).endswith('.py') else f"{name}"
+    description_text = "Extracts one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps"
+    if cv2_available:
+        description_text += "\nIf no infiles are provided, a GUI window starts and QR codes are captured from the camera."
+    example_text = f"""examples:
+{cmd}
+{cmd} example_*.txt
+{cmd} - < example_export.txt
+{cmd} --csv - example_*.png | tail -n+2
+{cmd} = < example_export.png"""
+
+    arg_parser = argparse.ArgumentParser(formatter_class=lambda prog: argparse.RawTextHelpFormatter(prog, max_help_position=32),
+                                         description=description_text,
+                                         epilog=example_text)
+    arg_parser.add_argument('infile', help="""a) file or - for stdin with 'otpauth-migration://...' URLs separated by newlines, lines starting with # are ignored;
+b) image file containing a QR code or = for stdin for an image containing a QR code""", nargs='*' if cv2_available else '+')
+    arg_parser.add_argument('--csv', '-c', help='export csv file, or - for stdout', metavar=('FILE'))
+    arg_parser.add_argument('--keepass', '-k', help='export totp/hotp csv file(s) for KeePass, - for stdout', metavar=('FILE'))
+    arg_parser.add_argument('--json', '-j', help='export json file or - for stdout', metavar=('FILE'))
+    arg_parser.add_argument('--txt', '-t', help='export txt file or - for stdout', metavar=('FILE'))
+    arg_parser.add_argument('--urls', '-u', help='export file with list of otpauth urls, or - for stdout', metavar=('FILE'))
+    arg_parser.add_argument('--printqr', '-p', help='print QR code(s) as text to the terminal', action='store_true')
+    arg_parser.add_argument('--saveqr', '-s', help='save QR code(s) as images to directory', metavar=('DIR'))
+    if cv2_available:
+        arg_parser.add_argument('--camera', '-C', help='camera number of system (default camera: 0)', default=0, type=int, metavar=('NUMBER'))
+        if not zbar_available:
+            arg_parser.add_argument('--qr', '-Q', help=f'QR reader (default: {QRMode.CV2.name})', type=str, choices=[QRMode.CV2.name, QRMode.CV2_WECHAT.name], default=QRMode.CV2.name)
+        else:
+            arg_parser.add_argument('--qr', '-Q', help=f'QR reader (default: {QRMode.ZBAR.name})', type=str, choices=[mode.name for mode in QRMode], default=QRMode.ZBAR.name)
+    arg_parser.add_argument('-i', '--ignore', help='ignore duplicate otps', action='store_true')
+    arg_parser.add_argument('--no-color', '-n', help='do not use ANSI colors in console output', action='store_true')
+    arg_parser.add_argument('--version', '-V', help='print version and quit', action=PrintVersionAction)
+    output_group = arg_parser.add_mutually_exclusive_group()
+    output_group.add_argument('-d', '--debug', help='enter debug mode, do checks and quit', action='count')
+    output_group.add_argument('-v', '--verbose', help='verbose output', action='count')
+    output_group.add_argument('-q', '--quiet', help='no stdout output, except output set by -', action='store_true')
+    args = arg_parser.parse_args(sys_args)
+    colored = not args.no_color
+    if args.csv == '-' or args.json == '-' or args.keepass == '-' or args.txt == '-' or args.urls == '-':
+        args.quiet = args.q = True
+
+    verbose = args.verbose if args.verbose else LogLevel.NORMAL
+    if args.debug:
+        verbose = LogLevel.DEBUG
+        log_debug('Debug mode start')
+        log_debug(args)
+    quiet = True if args.quiet else False
+    if verbose: print(f"QReader installed: {cv2_available}")
+    if cv2_available:
+        if verbose >= LogLevel.VERBOSE: print(f"CV2 version: {cv2.__version__}")
+        if verbose: print(f"QR reading mode: {args.qr}\n")
+
+    return args
+
+
+def extract_otps(args: Args) -> Otps:
+    if not args.infile:
+        return extract_otps_from_camera(args)
+    else:
+        return extract_otps_from_files(args)
+
+
+def extract_otps_from_camera(args: Args) -> Otps:
+    if verbose: print("Capture QR codes from camera")
+    otp_urls: OtpUrls = []
+    otps: Otps = []
+
+    qr_mode = QRMode[args.qr]
+
+    cam = cv2.VideoCapture(args.camera)
+    cv2.namedWindow(WINDOW_NAME, cv2.WINDOW_AUTOSIZE)
+
+    if zbar_available:
+        qreader = QReader()
+    cv2_qr = cv2.QRCodeDetector()
+    cv2_qr_wechat = cv2.wechat_qrcode.WeChatQRCode()
+    while True:
+        success, img = cam.read()
+        new_otps_count = 0
+        if not success:
+            log_error("Failed to capture image from camera")
+            break
+        try:
+            if qr_mode in [QRMode.QREADER, QRMode.QREADER_DEEP]:
+                found, bbox = qreader.detect(img)
+                if qr_mode == QRMode.QREADER_DEEP:
+                    otp_url = qreader.detect_and_decode(img, True)
+                elif qr_mode == QRMode.QREADER:
+                    otp_url = qreader.decode(img, bbox) if found else None
+                if otp_url:
+                    new_otps_count = extract_otps_from_otp_url(otp_url, otp_urls, otps, args)
+                if found:
+                    cv2_draw_box(img, [(bbox[0], bbox[1]), (bbox[2], bbox[1]), (bbox[2], bbox[3]), (bbox[0], bbox[3])], get_color(new_otps_count, otp_url))
+            elif qr_mode == QRMode.ZBAR:
+                for qrcode in zbar.decode(img, symbols=[zbar.ZBarSymbol.QRCODE]):
+                    otp_url = qrcode.data.decode('utf-8')
+                    new_otps_count = extract_otps_from_otp_url(otp_url, otp_urls, otps, args)
+                    cv2_draw_box(img, [qrcode.polygon], get_color(new_otps_count, otp_url))
+            elif qr_mode in [QRMode.CV2, QRMode.CV2_WECHAT]:
+                if QRMode.CV2:
+                    otp_url, raw_pts, _ = cv2_qr.detectAndDecode(img)
+                else:
+                    otp_url, raw_pts = cv2_qr_wechat.detectAndDecode(img)
+                if raw_pts is not None:
+                    if otp_url:
+                        new_otps_count = extract_otps_from_otp_url(otp_url, otp_urls, otps, args)
+                    cv2_draw_box(img, raw_pts, get_color(new_otps_count, otp_url))
+            else:
+                abort(f"Invalid QReader mode: {qr_mode.name}")
+        except Exception as e:
+            log_error(f'An error occured during QR detection and decoding for QR reader {qr_mode}. Changed to the next QR reader.', e)
+            qr_mode = next_qr_mode(qr_mode)
+            continue
+
+        try:
+            cv2_print_text(img, f"Mode: {qr_mode.name} (Hit SPACE to change)", 0, TextPosition.LEFT, FONT_COLOR, 20)
+            cv2_print_text(img, "Press ESC to quit", 1, TextPosition.LEFT, FONT_COLOR, 17)
+            cv2_print_text(img, "Press c,j,k,t,u to save as csv/json/keepass/txt/urls file", 2, TextPosition.LEFT, FONT_COLOR, None)
+
+            cv2_print_text(img, f"{len(otp_urls)} QR code{'s'[:len(otp_urls) != 1]} captured", 0, TextPosition.RIGHT, FONT_COLOR)
+            cv2_print_text(img, f"{len(otps)} otp{'s'[:len(otps) != 1]} extracted", 1, TextPosition.RIGHT, FONT_COLOR)
+
+            cv2.imshow(WINDOW_NAME, img)
+        except cv2.error as e:
+            # Workaround due to Gtk2/3 problem, see #444
+            if e.code == cv2.Error.StsNullPtr:
+                # Window closed
+                break
+            else:
+                raise e
+
+        quit, qr_mode = cv2_handle_pressed_keys(qr_mode, otps)
+        if quit:
+            break
+
+    cam.release()
+    cv2.destroyAllWindows()
+
+    return otps
+
+
+def get_color(new_otps_count: int, otp_url: str) -> ColorBGR:
+    if new_otps_count:
+        return SUCCESS_COLOR
+    else:
+        if otp_url:
+            return FAILURE_COLOR
+        else:
+            return NORMAL_COLOR
+
+
+# TODO use proper cv2 types if available
+def cv2_draw_box(img: cv2.typing.MatLike, raw_pts: cv2.typing.MatLike | list[tuple[Any, Any]], color: ColorBGR) -> np.ndarray[Any, np.dtype[np.int32]]:
+    pts = np.array([raw_pts], np.int32)
+    pts = pts.reshape((-1, 1, 2))
+    cv2.polylines(img, [pts], True, color, BOX_THICKNESS)
+    return pts
+
+
+def cv2_print_text(img: cv2.typing.MatLike, text: str, line_number: int, position: TextPosition, color: ColorBGR, opposite_len: Optional[int] = None) -> None:
+    window_dim = cv2.getWindowImageRect(WINDOW_NAME)
+    out_text = text
+    if opposite_len:
+        text_dim, _ = cv2.getTextSize(out_text, FONT, FONT_SCALE, FONT_THICKNESS)
+        actual_width = text_dim[TEXT_WIDTH] + opposite_len * CHAR_DX + 4 * BORDER
+        if actual_width >= window_dim[WINDOW_WIDTH]:
+            out_text = out_text[:(window_dim[WINDOW_WIDTH] - actual_width) // CHAR_DX] + '.'
+    text_dim, _ = cv2.getTextSize(out_text, FONT, FONT_SCALE, FONT_THICKNESS)
+    if position == TextPosition.LEFT:
+        pos = BORDER, START_Y + line_number * FONT_DY
+    else:
+        pos = window_dim[WINDOW_WIDTH] - text_dim[TEXT_WIDTH] - BORDER, START_Y + line_number * FONT_DY
+
+    cv2.putText(img, out_text, pos, FONT, FONT_SCALE, color, FONT_THICKNESS, FONT_LINE_STYLE)
+
+
+def cv2_handle_pressed_keys(qr_mode: QRMode, otps: Otps) -> Tuple[bool, QRMode]:
+    key = cv2.waitKey(1) & 0xFF
+    quit = False
+    if key == 27 or key == ord('q') or key == ord('Q') or key == 13:
+        # ESC or Enter or q pressed
+        quit = True
+    elif (key == ord('c') or key == ord('C')) and is_not_headless():
+        if has_no_otps_show_warning(otps):
+            pass
+        else:
+            file_name = tkinter.filedialog.asksaveasfilename(
+                title="Save extracted otp secrets as CSV",
+                defaultextension='.csv',
+                filetypes=[('CSV', '*.csv'), ('All', '*.*')]
+            )
+            tk_root.update()  # noqa: F821 # workaround flake8 false positive, tk_root is defined globally
+            if len(file_name) > 0:
+                write_csv(file_name, otps)
+    elif (key == ord('j') or key == ord('J')) and is_not_headless():
+        if has_no_otps_show_warning(otps):
+            pass
+        else:
+            file_name = tkinter.filedialog.asksaveasfilename(
+                title="Save extracted otp secrets as JSON",
+                defaultextension='.json',
+                filetypes=[('JSON', '*.json'), ('All', '*.*')]
+            )
+            tk_root.update()  # noqa: F821 # workaround flake8 false positive, tk_root is defined globally
+            if len(file_name) > 0:
+                write_json(file_name, otps)
+    elif (key == ord('k') or key == ord('K')) and is_not_headless():
+        if has_no_otps_show_warning(otps):
+            pass
+        else:
+            file_name = tkinter.filedialog.asksaveasfilename(
+                title="Save extracted otp secrets as KeePass CSV file(s)",
+                defaultextension='.csv',
+                filetypes=[('CSV', '*.csv'), ('All', '*.*')]
+            )
+            tk_root.update()  # noqa: F821 # workaround flake8 false positive, tk_root is defined globally
+            if len(file_name) > 0:
+                write_keepass_csv(file_name, otps)
+    elif (key == ord('t') or key == ord('T')) and is_not_headless():
+        if has_no_otps_show_warning(otps):
+            pass
+        else:
+            file_name = tkinter.filedialog.asksaveasfilename(
+                title="Save extracted otp secrets as text",
+                defaultextension='.txt',
+                filetypes=[('Text', '*.txt'), ('All', '*.*')]
+            )
+            tk_root.update()  # noqa: F821 # workaround flake8 false positive, tk_root is defined globally
+            if len(file_name) > 0:
+                write_txt(file_name, otps, True)
+    elif (key == ord('u') or key == ord('U')) and is_not_headless():
+        if has_no_otps_show_warning(otps):
+            pass
+        else:
+            file_name = tkinter.filedialog.asksaveasfilename(
+                title="Save extracted otp secrets as list of urls",
+                defaultextension='.txt',
+                filetypes=[('Text', '*.txt'), ('All', '*.*')]
+            )
+            tk_root.update()  # noqa: F821 # workaround flake8 false positive, tk_root is defined globally
+            if len(file_name) > 0:
+                write_urls(file_name, otps)
+    elif key == 32:
+        qr_mode = next_valid_qr_mode(qr_mode, zbar_available)
+        if verbose >= LogLevel.MORE_VERBOSE: print(f"QR reading mode: {qr_mode}")
+    # Do not check for invisible window due to Gtk2/3 problem, see #444
+    return quit, qr_mode
+
+
+def extract_otps_from_otp_url(otp_url: str, otp_urls: OtpUrls, otps: Otps, args: Args) -> int:
+    '''Returns -1 if opt_url was already added.'''
+    if otp_url and verbose >= LogLevel.VERBOSE: print(otp_url)
+    if not otp_url:
+        return 0
+    if otp_url not in otp_urls:
+        new_otps_count = extract_otp_from_otp_url(otp_url, otps, len(otp_urls), CAMERA, args)
+        if new_otps_count:
+            otp_urls.append(otp_url)
+        if verbose: print(f"Extracted {new_otps_count} otp{'s'[:len(otps) != 1]}. {len(otps)} otp{'s'[:len(otps) != 1]} from {len(otp_urls)} QR code{'s'[:len(otp_urls) != 1]} extracted")
+        return new_otps_count
+    return -1
+
+
+def extract_otps_from_files(args: Args) -> Otps:
+    otps: Otps = []
+
+    files_count = urls_count = otps_count = 0
+    if verbose: print(f"Input files: {args.infile}")
+    for infile_raw in args.infile:
+        expanded_infiles = glob.glob(infile_raw)
+        if not expanded_infiles:
+            expanded_infiles = [infile_raw]
+            if verbose >= LogLevel.DEBUG: log_debug(f"Could not expand input files, fallback to infile {infile_raw}")
+        if verbose >= LogLevel.DEBUG: log_debug(f"Expanded input files: {expanded_infiles}")
+        for infile in expanded_infiles:
+            if verbose >= LogLevel.MORE_VERBOSE: log_verbose(f"Processing infile {infile}")
+            files_count += 1
+            for line in get_otp_urls_from_file(infile, args):
+                if verbose >= LogLevel.MORE_VERBOSE: log_verbose(line)
+                if line.startswith('#') or line == '': continue
+                urls_count += 1
+                otps_count += extract_otp_from_otp_url(line, otps, urls_count, infile, args)
+    if verbose: print(f"Extracted {otps_count} otp{'s'[:otps_count != 1]} from {urls_count} otp url{'s'[:urls_count != 1]} by reading {files_count} infile{'s'[:files_count != 1]}")
+    return otps
+
+
+def get_otp_urls_from_file(filename: str, args: Args) -> OtpUrls:
+    # stdin stream cannot be rewinded, thus distinguish, use - for utf-8 stdin and = for binary image stdin
+    if filename != '=':
+        check_file_exists(filename)
+        lines = read_lines_from_text_file(filename)
+        if lines or filename == '-':
+            return lines
+
+    # could not process text file, try reading as image
+    if filename != '-' and cv2_available:
+        return convert_img_to_otp_urls(filename, args)
+
+    return []
+
+
+def read_lines_from_text_file(filename: str) -> list[str]:
+    if verbose >= LogLevel.DEBUG: print(f"Reading lines of {filename}")
+    # workaround for PYTHON <= 3.9 support encoding
+    if sys.version_info >= (3, 10):
+        finput = fileinput.input(filename, encoding='utf-8')
+    else:
+        finput = fileinput.input(filename)
+    try:
+        lines = []
+        for line in (line.strip() for line in finput):
+            if verbose >= LogLevel.DEBUG: log_verbose(line)
+            if is_binary(line):
+                abort("Binary input was given in stdin, please use = instead of - as infile argument for images.")
+            # unfortunately yield line leads to random test fails
+            lines.append(line)
+        if not lines:
+            log_warn(f"{filename.replace('-', 'stdin')} is empty")
+    except UnicodeDecodeError as e:
+        if filename == '-':
+            abort("Unable to open text file form stdin. "
+                  "In case you want read an image file from stdin, you must use '=' instead of '-'.", e)
+        else:  # The file is probably an image, process below
+            return []
+    finally:
+        finput.close()
+    return lines
+
+
+def convert_img_to_otp_urls(filename: str, args: Args) -> OtpUrls:
+    if verbose: print(f"Reading image {filename}")
+    try:
+        if filename != '=':
+            img = cv2.imread(filename)
+        else:
+            try:
+                stdin = sys.stdin.buffer.read()
+            except AttributeError:
+                # Workaround for pytest, since pytest cannot monkeypatch sys.stdin.buffer
+                stdin = sys.stdin.read()
+            if not stdin:
+                log_warn("stdin is empty")
+            try:
+                img_array = np.frombuffer(stdin, dtype='uint8')
+            except TypeError as e:
+                abort("Cannot read binary stdin buffer.", e)
+            if not img_array.size:
+                return []
+            img = cv2.imdecode(img_array, cv2.IMREAD_UNCHANGED)
+
+        if img is None:
+            abort(f"Unable to open file for reading.\ninput file: {filename}")
+
+        qr_mode = QRMode[args.qr]
+        otp_urls = decode_qr_img_otp_urls(img, qr_mode)
+        if len(otp_urls) == 0:
+            abort(f"Unable to read QR Code from file.\ninput file: {filename}")
+    except Exception as e:
+        abort(f"Encountered exception\ninput file: {filename}", e)
+    return otp_urls
+
+
+def decode_qr_img_otp_urls(img: Any, qr_mode: QRMode) -> OtpUrls:
+    otp_urls: OtpUrls = []
+    if qr_mode in [QRMode.QREADER, QRMode.QREADER_DEEP]:
+        otp_url = QReader().detect_and_decode(img, qr_mode == QRMode.QREADER_DEEP)
+        otp_urls.append(otp_url)
+    elif qr_mode == QRMode.CV2:
+        otp_url, _, _ = cv2.QRCodeDetector().detectAndDecode(img)
+        otp_urls.append(otp_url)
+    elif qr_mode == QRMode.CV2_WECHAT:
+        otp_url, _ = cv2.wechat_qrcode.WeChatQRCode().detectAndDecode(img)
+        otp_urls += list(otp_url)
+    elif qr_mode == QRMode.ZBAR:
+        qrcodes = zbar.decode(img, symbols=[zbar.ZBarSymbol.QRCODE])
+        otp_urls += [qrcode.data.decode('utf-8') for qrcode in qrcodes]
+    else:
+        assert False, f"Wrong QReader mode {qr_mode.name}"
+
+    return otp_urls
+
+
+def is_opt_url(otp_url: str, source: str) -> bool:
+    if not otp_url.startswith('otpauth-migration://'):
+        msg = f"input is not a otpauth-migration:// url\nsource: {source}\ninput: {otp_url}"
+        if source == CAMERA:
+            log_warn(f"{msg}")
+            return False
+        else:
+            log_warn(f"{msg}\nMaybe a wrong file was given")
+    return True
+
+
+# https://stackoverflow.com/questions/40226049/find-enums-listed-in-python-descriptor-for-protobuf
+def get_enum_name_by_number(parent: Any, field_name: str) -> str:
+    field_value = getattr(parent, field_name)
+    return parent.DESCRIPTOR.fields_by_name[field_name].enum_type.values_by_number.get(field_value).name  # type: ignore # generic code
+
+
+def get_otp_type_str_from_code(otp_type: int) -> str:
+    return 'totp' if otp_type == 2 else 'hotp'
+
+
+def convert_secret_from_bytes_to_base32_str(bytes: bytes) -> str:
+    return str(base64.b32encode(bytes), 'utf-8').replace('=', '')
+
+
+def build_otp_url(secret: str, raw_otp: pb.MigrationPayload.OtpParameters) -> str:
+    url_params = {'secret': secret}
+    if raw_otp.type == 1: url_params['counter'] = str(raw_otp.counter)
+    if raw_otp.issuer: url_params['issuer'] = raw_otp.issuer
+    otp_url = f"otpauth://{get_otp_type_str_from_code(raw_otp.type)}/{urlparse.quote(raw_otp.name)}?" + urlparse.urlencode(url_params)
+    return otp_url
+
+
+def print_otp(otp: Otp, out: Optional[TextIO] = None) -> None:
+    print(f"Name:    {otp['name']}", file=out)
+    print(f"Secret:  {otp['secret']}", file=out)
+    if otp['issuer']: print(f"Issuer:  {otp['issuer']}", file=out)
+    print(f"Type:    {otp['type']}", file=out)
+    if otp['type'] == 'hotp':
+        print(f"Counter: {otp['counter']}", file=out)
+    if verbose:
+        print(otp['url'], file=out)
+
+
+def write_url(otp: Otp, out: Optional[TextIO] = None) -> None:
+    print(otp['url'], file=out)
+
+
+def save_qr_image(otp: Otp, dir: str, j: int) -> str:
+    if not (os.path.exists(dir)): os.makedirs(dir, exist_ok=True)
+    pattern = re.compile(r'[\W_]+')
+    file_otp_name = pattern.sub('', otp['name'])
+    file_otp_issuer = pattern.sub('', otp['issuer'])
+    save_qr_image_file(otp['url'], f"{dir}/{j}-{file_otp_name}{'-' + file_otp_issuer if file_otp_issuer else ''}.png")
+    return file_otp_name
+
+
+def save_qr_image_file(otp_url: OtpUrl, name: str) -> None:
+    qr = QRCode()
+    qr.add_data(otp_url)
+    img = qr.make_image(fill_color='black', back_color='white')
+    if verbose: print(f"Saving to {name}")
+    img.save(name)  # type: ignore
+
+
+def print_qr(otp_url: str, out: Optional[TextIO] = None) -> None:
+    qr = QRCode()
+    qr.add_data(otp_url)
+    qr.print_ascii(out)
+
+
+def write_txt(file: str, otps: Otps, write_qr: bool = False) -> None:
+    if file and len(file) > 0 and len(otps) > 0:
+        with open_file_or_stdout(file) as outfile:
+            for otp in otps:
+                print_otp(otp, outfile)
+                if write_qr:
+                    print_qr(otp['url'], outfile)
+                print(file=outfile)
+
+
+def write_urls(file: str, otps: Otps) -> None:
+    if file and len(file) > 0 and len(otps) > 0:
+        with open_file_or_stdout(file) as outfile:
+            for otp in otps:
+                write_url(otp, outfile)
+        if not quiet: print(f"Exported {len(otps)} otp{'s'[:len(otps) != 1]} to otpauth url list file {file}")
+
+
+def write_csv(file: str, otps: Otps) -> None:
+    if file and len(file) > 0 and len(otps) > 0:
+        with open_file_or_stdout_for_csv(file) as outfile:
+            writer = csv.DictWriter(outfile, otps[0].keys())
+            writer.writeheader()
+            writer.writerows(otps)
+        if not quiet: print(f"Exported {len(otps)} otp{'s'[:len(otps) != 1]} to csv {file}")
+
+
+def write_keepass_csv(file: str, otps: Otps) -> None:
+    if file and len(file) > 0 and len(otps) > 0:
+        has_totp = has_otp_type(otps, 'totp')
+        has_hotp = has_otp_type(otps, 'hotp')
+        if file != '-':
+            otp_filename_totp = file if has_totp != has_hotp else add_pre_suffix(file, "totp")
+            otp_filename_hotp = file if has_totp != has_hotp else add_pre_suffix(file, "hotp")
+        else:
+            otp_filename_totp = otp_filename_hotp = '-'
+        if has_totp:
+            count_totp_entries = write_keepass_totp_csv(otp_filename_totp, otps)
+        if has_hotp:
+            count_hotp_entries = write_keepass_htop_csv(otp_filename_hotp, otps)
+        if not quiet:
+            if has_totp and count_totp_entries: print(f"Exported {count_totp_entries} totp entrie{'s'[:count_totp_entries != 1]} to keepass csv file {otp_filename_totp}")
+            if has_hotp and count_hotp_entries: print(f"Exported {count_hotp_entries} hotp entrie{'s'[:count_hotp_entries != 1]} to keepass csv file {otp_filename_hotp}")
+
+
+def write_keepass_totp_csv(file: str, otps: Otps) -> int:
+    count_entries = 0
+    with open_file_or_stdout_for_csv(file) as outfile:
+        writer = csv.DictWriter(outfile, ["Title", "User Name", "TimeOtp-Secret-Base32", "Group"])
+        writer.writeheader()
+        for otp in otps:
+            if otp['type'] == 'totp':
+                writer.writerow({
+                    'Title': otp['issuer'],
+                    'User Name': otp['name'],
+                    'TimeOtp-Secret-Base32': otp['secret'] if otp['type'] == 'totp' else None,
+                    'Group': f"OTP/{otp['type'].upper()}"
+                })
+                count_entries += 1
+    return count_entries
+
+
+def write_keepass_htop_csv(file: str, otps: Otps) -> int:
+    count_entries = 0
+    with open_file_or_stdout_for_csv(file) as outfile:
+        writer = csv.DictWriter(outfile, ["Title", "User Name", "HmacOtp-Secret-Base32", "HmacOtp-Counter", "Group"])
+        writer.writeheader()
+        for otp in otps:
+            if otp['type'] == 'hotp':
+                writer.writerow({
+                    'Title': otp['issuer'],
+                    'User Name': otp['name'],
+                    'HmacOtp-Secret-Base32': otp['secret'] if otp['type'] == 'hotp' else None,
+                    'HmacOtp-Counter': otp['counter'] if otp['type'] == 'hotp' else None,
+                    'Group': f"OTP/{otp['type'].upper()}"
+                })
+                count_entries += 1
+    return count_entries
+
+
+def write_json(file: str, otps: Otps) -> None:
+    if file and len(file) > 0:
+        with open_file_or_stdout(file) as outfile:
+            json.dump(otps, outfile, indent=4)
+        if not quiet: print(f"Exported {len(otps)} otp{'s'[:len(otps) != 1]} to json {file}")
+
+
+def has_otp_type(otps: Otps, otp_type: str) -> bool:
+    for otp in otps:
+        if otp['type'] == otp_type:
+            return True
+    return False
+
+
+def add_pre_suffix(file: str, pre_suffix: str) -> str:
+    '''filename.ext, pre -> filename.pre.ext'''
+    name, ext = os.path.splitext(file)
+    return name + "." + pre_suffix + (ext if ext else "")
+
+
+def open_file_or_stdout(filename: str) -> TextIO:
+    '''stdout is denoted as "-".
+    Note: Set before the following line:
+    sys.stdout.close = lambda: None'''
+    return open(filename, "w", encoding='utf-8') if filename != '-' else sys.stdout
+
+
+def open_file_or_stdout_for_csv(filename: str) -> TextIO:
+    '''stdout is denoted as "-".
+    newline=''
+    Note: Set before the following line:
+    sys.stdout.close = lambda: None'''
+    return open(filename, "w", encoding='utf-8', newline='') if filename != '-' else sys.stdout
+
+
+def check_file_exists(filename: str) -> None:
+    if filename != '-' and not os.path.isfile(filename):
+        abort(f"Input file provided is non-existent or not a file."
+              f"\ninput file: {filename}")
+
+
+def has_no_otps_show_warning(otps: Otps) -> bool:
+    if len(otps) == 0:
+        tkinter.messagebox.showinfo(title="No data", message="There are no otp secrets to write")
+        tk_root.update()  # dispose dialog # noqa: F821 # workaround flake8 false positive, tk_root is defined globally
+    return len(otps) == 0
+
+
+def is_binary(line: str) -> bool:
+    try:
+        line.startswith('#')
+        return False
+    except (UnicodeDecodeError, AttributeError, TypeError):
+        return True
+
+
+def next_valid_qr_mode(qr_mode: QRMode, with_zbar: bool = True) -> QRMode:
+    ok = False
+    while not ok:
+        qr_mode = next_qr_mode(qr_mode)
+        ok = True if with_zbar else qr_mode.name in CV2_QRMODES
+    return qr_mode
+
+
+def next_qr_mode(qr_mode: QRMode) -> QRMode:
+    return QRMode((qr_mode.value + 1) % len(QRMode))
+
+
+def do_debug_checks() -> bool:
+    log_debug('Do debug checks')
+    log_debug('Try: import cv2')
+    import cv2  # noqa: F401 # This is only a debug import
+    log_debug('Try: import numpy as np')
+    import numpy as np  # noqa: F401 # This is only a debug import
+    log_debug('Try: import pyzbar.pyzbar as zbar')
+    import pyzbar.pyzbar as zbar  # noqa: F401 # This is only a debug import
+    log_debug('Try: from qreader import QReader')
+    from qreader import QReader  # noqa: F401 # This is only a debug import
+    print(color('\nDebug checks passed', colorama.Fore.GREEN))
+    return True
+
+
+def is_not_headless() -> bool:
+    if headless:
+        log_warn("Cannot open dialog in headless mode")
+    return not headless
+
+
+class PrintVersionAction(argparse.Action):
+    def __init__(self, option_strings: Sequence[str], dest: str, nargs: int = 0, **kwargs: Any) -> None:
+        super().__init__(option_strings, dest, nargs, **kwargs)
+
+    def __call__(self, parser: argparse.ArgumentParser, namespace: Args, values: Union[str, Sequence[Any], None], option_string: Optional[str] = None) -> None:
+        print_version()
+        parser.exit()
+
+
+def print_version() -> None:
+    print(get_full_version())
+
+
+def get_full_version() -> str:
+    version = get_raw_version()
+    meta = [
+        platform.python_implementation()
+    ]
+    if executable: meta.append('exe')
+    meta.append(f"called as {'package' if __package__ else 'script'}")
+    return (
+        f"extract_otp_secrets {version} {platform.system()} {platform.machine()}"
+        f" Python {platform.python_version()}"
+        f" ({'/'.join(meta)})"
+    )
+
+
+# https://setuptools-git-versioning.readthedocs.io/en/stable/runtime_version.html
+def get_raw_version() -> str:
+    global __version__
+
+    try:
+        __version__ = version("extract_otp_secrets")
+        return __version__
+    except PackageNotFoundError:
+        # package is not installed
+        return ''
+
+
+# workaround for PYTHON <= 3.9 use: BaseException | None
+def log_debug(*values: object, sep: Optional[str] = ' ') -> None:
+    if os.name == 'nt':
+        # Workaround "Windows fatal exception: access violation"
+        print(f"\nDEBUG: {str(values[0])}")
+        return
+
+    if colored:
+        print(f"{colorama.Fore.CYAN}\nDEBUG: {str(values[0])}", *values[1:], colorama.Fore.RESET, sep=sep)
+    else:
+        print(f"\nDEBUG: {str(values[0])}", *values[1:], sep=sep)
+
+
+# workaround for PYTHON <= 3.9 use: BaseException | None
+def log_verbose(msg: str) -> None:
+    print(color(msg, colorama.Fore.CYAN))
+
+
+# workaround for PYTHON <= 3.9 use: BaseException | None
+def log_warn(msg: str, exception: Optional[BaseException] = None) -> None:
+    exception_text = "\nException: "
+    eprint(color(f"\nWARN: {msg}{(exception_text + str(exception)) if exception else ''}", colorama.Fore.RED))
+
+
+# workaround for PYTHON <= 3.9 use: BaseException | None
+def log_error(msg: str, exception: Optional[BaseException] = None) -> None:
+    exception_text = "\nException: "
+    eprint(color(f"\nERROR: {msg}{(exception_text + str(exception)) if exception else ''}", colorama.Fore.RED))
+
+
+def color(msg: str, color: Optional[str] = None) -> str:
+    return f"{color if colored and color else ''}{msg}{colorama.Fore.RESET if colored and color else ''}"
+
+
+def eprint(*values: object, **kwargs: Any) -> None:
+    '''Print to stderr.'''
+    print(*values, file=sys.stderr, **kwargs)
+
+
+# workaround for PYTHON <= 3.9 use: BaseException | None
+def abort(msg: str, exception: Optional[BaseException] = None) -> None:
+    log_error(msg, exception)
+    sys.exit(1)
+
+
+if __name__ == '__main__':
+    sys_main()
--- a/src/google_auth.proto
+++ b/src/google_auth.proto
--- a/src/protobuf_generated_python/google_auth_pb2.py
+++ b/src/protobuf_generated_python/google_auth_pb2.py
@@ -1,11 +1,22 @@
 # -*- coding: utf-8 -*-
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
+# NO CHECKED-IN PROTOBUF GENCODE
 # source: google_auth.proto
+# Protobuf Python Version: 6.33.0
 """Generated protocol buffer code."""
-from google.protobuf.internal import builder as _builder
 from google.protobuf import descriptor as _descriptor
 from google.protobuf import descriptor_pool as _descriptor_pool
+from google.protobuf import runtime_version as _runtime_version
 from google.protobuf import symbol_database as _symbol_database
+from google.protobuf.internal import builder as _builder
+_runtime_version.ValidateProtobufRuntimeVersion(
+    _runtime_version.Domain.PUBLIC,
+    6,
+    33,
+    0,
+    '',
+    'google_auth.proto'
+)
 # @@protoc_insertion_point(imports)

 _sym_db = _symbol_database.Default()
@@ -15,17 +26,17 @@ _sym_db = _symbol_database.Default()

 DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x11google_auth.proto\"\xb7\x03\n\x10MigrationPayload\x12\x37\n\x0eotp_parameters\x18\x01 \x03(\x0b\x32\x1f.MigrationPayload.OtpParameters\x12\x0f\n\x07version\x18\x02 \x01(\x05\x12\x12\n\nbatch_size\x18\x03 \x01(\x05\x12\x13\n\x0b\x62\x61tch_index\x18\x04 \x01(\x05\x12\x10\n\x08\x62\x61tch_id\x18\x05 \x01(\x05\x1a\xb7\x01\n\rOtpParameters\x12\x0e\n\x06secret\x18\x01 \x01(\x0c\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x0e\n\x06issuer\x18\x03 \x01(\t\x12.\n\talgorithm\x18\x04 \x01(\x0e\x32\x1b.MigrationPayload.Algorithm\x12\x0e\n\x06\x64igits\x18\x05 \x01(\x05\x12\'\n\x04type\x18\x06 \x01(\x0e\x32\x19.MigrationPayload.OtpType\x12\x0f\n\x07\x63ounter\x18\x07 \x01(\x03\",\n\tAlgorithm\x12\x10\n\x0c\x41LGO_INVALID\x10\x00\x12\r\n\tALGO_SHA1\x10\x01\"6\n\x07OtpType\x12\x0f\n\x0bOTP_INVALID\x10\x00\x12\x0c\n\x08OTP_HOTP\x10\x01\x12\x0c\n\x08OTP_TOTP\x10\x02\x62\x06proto3')

-_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals())
-_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'google_auth_pb2', globals())
-if _descriptor._USE_C_DESCRIPTORS == False:
-
-  DESCRIPTOR._options = None
-  _MIGRATIONPAYLOAD._serialized_start=22
-  _MIGRATIONPAYLOAD._serialized_end=461
-  _MIGRATIONPAYLOAD_OTPPARAMETERS._serialized_start=176
-  _MIGRATIONPAYLOAD_OTPPARAMETERS._serialized_end=359
-  _MIGRATIONPAYLOAD_ALGORITHM._serialized_start=361
-  _MIGRATIONPAYLOAD_ALGORITHM._serialized_end=405
-  _MIGRATIONPAYLOAD_OTPTYPE._serialized_start=407
-  _MIGRATIONPAYLOAD_OTPTYPE._serialized_end=461
+_globals = globals()
+_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals)
+_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'google_auth_pb2', _globals)
+if not _descriptor._USE_C_DESCRIPTORS:
+  DESCRIPTOR._loaded_options = None
+  _globals['_MIGRATIONPAYLOAD']._serialized_start=22
+  _globals['_MIGRATIONPAYLOAD']._serialized_end=461
+  _globals['_MIGRATIONPAYLOAD_OTPPARAMETERS']._serialized_start=176
+  _globals['_MIGRATIONPAYLOAD_OTPPARAMETERS']._serialized_end=359
+  _globals['_MIGRATIONPAYLOAD_ALGORITHM']._serialized_start=361
+  _globals['_MIGRATIONPAYLOAD_ALGORITHM']._serialized_end=405
+  _globals['_MIGRATIONPAYLOAD_OTPTYPE']._serialized_start=407
+  _globals['_MIGRATIONPAYLOAD_OTPTYPE']._serialized_end=461
 # @@protoc_insertion_point(module_scope)
--- a/src/protobuf_generated_python/google_auth_pb2.pyi
+++ b/src/protobuf_generated_python/google_auth_pb2.pyi
@@ -0,0 +1,109 @@
+"""
+@generated by mypy-protobuf.  Do not edit manually!
+isort:skip_file
+"""
+
+import builtins
+import collections.abc
+import google.protobuf.descriptor
+import google.protobuf.internal.containers
+import google.protobuf.internal.enum_type_wrapper
+import google.protobuf.message
+import sys
+import typing
+
+if sys.version_info >= (3, 10):
+    import typing as typing_extensions
+else:
+    import typing_extensions
+
+DESCRIPTOR: google.protobuf.descriptor.FileDescriptor
+
+@typing.final
+class MigrationPayload(google.protobuf.message.Message):
+    """Copied from: https://github.com/beemdevelopment/Aegis/blob/master/app/src/main/proto/google_auth.proto"""
+
+    DESCRIPTOR: google.protobuf.descriptor.Descriptor
+
+    class _Algorithm:
+        ValueType = typing.NewType("ValueType", builtins.int)
+        V: typing_extensions.TypeAlias = ValueType
+
+    class _AlgorithmEnumTypeWrapper(google.protobuf.internal.enum_type_wrapper._EnumTypeWrapper[MigrationPayload._Algorithm.ValueType], builtins.type):
+        DESCRIPTOR: google.protobuf.descriptor.EnumDescriptor
+        ALGO_INVALID: MigrationPayload._Algorithm.ValueType  # 0
+        ALGO_SHA1: MigrationPayload._Algorithm.ValueType  # 1
+
+    class Algorithm(_Algorithm, metaclass=_AlgorithmEnumTypeWrapper): ...
+    ALGO_INVALID: MigrationPayload.Algorithm.ValueType  # 0
+    ALGO_SHA1: MigrationPayload.Algorithm.ValueType  # 1
+
+    class _OtpType:
+        ValueType = typing.NewType("ValueType", builtins.int)
+        V: typing_extensions.TypeAlias = ValueType
+
+    class _OtpTypeEnumTypeWrapper(google.protobuf.internal.enum_type_wrapper._EnumTypeWrapper[MigrationPayload._OtpType.ValueType], builtins.type):
+        DESCRIPTOR: google.protobuf.descriptor.EnumDescriptor
+        OTP_INVALID: MigrationPayload._OtpType.ValueType  # 0
+        OTP_HOTP: MigrationPayload._OtpType.ValueType  # 1
+        OTP_TOTP: MigrationPayload._OtpType.ValueType  # 2
+
+    class OtpType(_OtpType, metaclass=_OtpTypeEnumTypeWrapper): ...
+    OTP_INVALID: MigrationPayload.OtpType.ValueType  # 0
+    OTP_HOTP: MigrationPayload.OtpType.ValueType  # 1
+    OTP_TOTP: MigrationPayload.OtpType.ValueType  # 2
+
+    @typing.final
+    class OtpParameters(google.protobuf.message.Message):
+        DESCRIPTOR: google.protobuf.descriptor.Descriptor
+
+        SECRET_FIELD_NUMBER: builtins.int
+        NAME_FIELD_NUMBER: builtins.int
+        ISSUER_FIELD_NUMBER: builtins.int
+        ALGORITHM_FIELD_NUMBER: builtins.int
+        DIGITS_FIELD_NUMBER: builtins.int
+        TYPE_FIELD_NUMBER: builtins.int
+        COUNTER_FIELD_NUMBER: builtins.int
+        secret: builtins.bytes
+        name: builtins.str
+        issuer: builtins.str
+        algorithm: global___MigrationPayload.Algorithm.ValueType
+        digits: builtins.int
+        type: global___MigrationPayload.OtpType.ValueType
+        counter: builtins.int
+        def __init__(
+            self,
+            *,
+            secret: builtins.bytes = ...,
+            name: builtins.str = ...,
+            issuer: builtins.str = ...,
+            algorithm: global___MigrationPayload.Algorithm.ValueType = ...,
+            digits: builtins.int = ...,
+            type: global___MigrationPayload.OtpType.ValueType = ...,
+            counter: builtins.int = ...,
+        ) -> None: ...
+        def ClearField(self, field_name: typing.Literal["algorithm", b"algorithm", "counter", b"counter", "digits", b"digits", "issuer", b"issuer", "name", b"name", "secret", b"secret", "type", b"type"]) -> None: ...
+
+    OTP_PARAMETERS_FIELD_NUMBER: builtins.int
+    VERSION_FIELD_NUMBER: builtins.int
+    BATCH_SIZE_FIELD_NUMBER: builtins.int
+    BATCH_INDEX_FIELD_NUMBER: builtins.int
+    BATCH_ID_FIELD_NUMBER: builtins.int
+    version: builtins.int
+    batch_size: builtins.int
+    batch_index: builtins.int
+    batch_id: builtins.int
+    @property
+    def otp_parameters(self) -> google.protobuf.internal.containers.RepeatedCompositeFieldContainer[global___MigrationPayload.OtpParameters]: ...
+    def __init__(
+        self,
+        *,
+        otp_parameters: collections.abc.Iterable[global___MigrationPayload.OtpParameters] | None = ...,
+        version: builtins.int = ...,
+        batch_size: builtins.int = ...,
+        batch_index: builtins.int = ...,
+        batch_id: builtins.int = ...,
+    ) -> None: ...
+    def ClearField(self, field_name: typing.Literal["batch_id", b"batch_id", "batch_index", b"batch_index", "batch_size", b"batch_size", "otp_parameters", b"otp_parameters", "version", b"version"]) -> None: ...
+
+global___MigrationPayload = MigrationPayload
--- a/test/print_verbose_output.txt
+++ b/test/print_verbose_output.txt
@@ -1,89 +0,0 @@
-# 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/
-# Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY
-# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
-otpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B
-
-1. Payload Line
-otp_parameters {
-  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
-  name: "pi@raspberrypi"
-  issuer: "raspberrypi"
-  algorithm: ALGO_SHA1
-  digits: 1
-  type: OTP_TOTP
-}
-version: 1
-batch_size: 1
-batch_id: -1320898453
-
-
-1. Secret Key
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Issuer: raspberrypi
-Type:   OTP_TOTP
-otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
-
-
-# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
-otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D
-
-2. Payload Line
-otp_parameters {
-  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
-  name: "pi@raspberrypi"
-  algorithm: ALGO_SHA1
-  digits: 1
-  type: OTP_TOTP
-}
-version: 1
-batch_size: 1
-batch_id: -2094403140
-
-
-2. Secret Key
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Type:   OTP_TOTP
-otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
-
-
-# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
-# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
-otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B
-
-3. Payload Line
-otp_parameters {
-  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
-  name: "pi@raspberrypi"
-  algorithm: ALGO_SHA1
-  digits: 1
-  type: OTP_TOTP
-}
-otp_parameters {
-  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
-  name: "pi@raspberrypi"
-  issuer: "raspberrypi"
-  algorithm: ALGO_SHA1
-  digits: 1
-  type: OTP_TOTP
-}
-version: 1
-batch_size: 1
-batch_id: -1822886384
-
-
-3. Secret Key
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Type:   OTP_TOTP
-otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
-
-
-4. Secret Key
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Issuer: raspberrypi
-Type:   OTP_TOTP
-otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
-
--- a/test_extract_otp_secret_keys_pytest.py
+++ b/test_extract_otp_secret_keys_pytest.py
@@ -1,152 +0,0 @@
-# pytest for extract_otp_secret_keys.py
-
-# Run tests:
-# pytest
-
-# Author: Scito (https://scito.ch)
-
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-from utils import read_csv, read_json, remove_file, read_file_to_str
-
-import extract_otp_secret_keys
-
-
-def test_extract_csv():
-    # Arrange
-    cleanup()
-
-    # Act
-    extract_otp_secret_keys.main(['-q', '-c', 'test_example_output.csv', 'example_export.txt'])
-
-    # Assert
-    expected_csv = read_csv('example_output.csv')
-    actual_csv = read_csv('test_example_output.csv')
-
-    assert actual_csv == expected_csv
-
-    # Clean up
-    cleanup()
-
-
-def test_extract_json():
-    # Arrange
-    cleanup()
-
-    # Act
-    extract_otp_secret_keys.main(['-q', '-j', 'test_example_output.json', 'example_export.txt'])
-
-    # Assert
-    expected_json = read_json('example_output.json')
-    actual_json = read_json('test_example_output.json')
-
-    assert actual_json == expected_json
-
-    # Clean up
-    cleanup()
-
-
-def test_extract_stdout(capsys):
-    # Act
-    extract_otp_secret_keys.main(['example_export.txt'])
-
-    # Assert
-    captured = capsys.readouterr()
-
-    expected_stdout = '''Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Issuer: raspberrypi
-Type:   OTP_TOTP
-
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Type:   OTP_TOTP
-
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Type:   OTP_TOTP
-
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Issuer: raspberrypi
-Type:   OTP_TOTP
-
-'''
-
-    assert captured.out == expected_stdout
-    assert captured.err == ''
-
-
-def test_extract_not_encoded_plus(capsys):
-    # Act
-    extract_otp_secret_keys.main(['test/test_plus_problem_export.txt'])
-
-    # Assert
-    captured = capsys.readouterr()
-
-    expected_stdout = '''Name:   SerenityLabs:test1@serenitylabs.co.uk
-Secret: A4RFDYMF4GSLUIBQV4ZP67OJEZ2XUQVM
-Issuer: SerenityLabs
-Type:   OTP_TOTP
-
-Name:   SerenityLabs:test2@serenitylabs.co.uk
-Secret: SCDDZ7PW5MOZLE3PQCAZM7L4S35K3UDX
-Issuer: SerenityLabs
-Type:   OTP_TOTP
-
-Name:   SerenityLabs:test3@serenitylabs.co.uk
-Secret: TR76272RVYO6EAEY2FX7W7R7KUDEGPJ4
-Issuer: SerenityLabs
-Type:   OTP_TOTP
-
-Name:   SerenityLabs:test4@serenitylabs.co.uk
-Secret: N2ILWSXSJUQUB7S6NONPJSC62NPG7EXN
-Issuer: SerenityLabs
-Type:   OTP_TOTP
-
-'''
-
-    assert captured.out == expected_stdout
-    assert captured.err == ''
-
-
-def test_extract_printqr(capsys):
-    # Act
-    extract_otp_secret_keys.main(['-p', 'example_export.txt'])
-
-    # Assert
-    captured = capsys.readouterr()
-
-    expected_stdout = read_file_to_str('test/printqr_output.txt')
-
-    assert captured.out == expected_stdout
-    assert captured.err == ''
-
-
-def test_extract_verbose(capsys):
-    # Act
-    extract_otp_secret_keys.main(['-v', 'example_export.txt'])
-
-    # Assert
-    captured = capsys.readouterr()
-
-    expected_stdout = read_file_to_str('test/print_verbose_output.txt')
-
-    assert captured.out == expected_stdout
-    assert captured.err == ''
-
-
-def cleanup():
-    remove_file('test_example_output.csv')
-    remove_file('test_example_output.json')
--- a/test_extract_otp_secret_keys_unittest.py
+++ b/test_extract_otp_secret_keys_unittest.py
@@ -1,162 +0,0 @@
-# Unit test for extract_otp_secret_keys.py
-
-# Run tests:
-# python -m unittest
-
-# Author: Scito (https://scito.ch)
-
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-import unittest
-import io
-from contextlib import redirect_stdout
-from utils import read_csv, read_json, remove_file, Capturing, read_file_to_str
-
-import extract_otp_secret_keys
-
-
-class TestExtract(unittest.TestCase):
-
-    def test_extract_csv(self):
-        extract_otp_secret_keys.main(['-q', '-c', 'test_example_output.csv', 'example_export.txt'])
-
-        expected_csv = read_csv('example_output.csv')
-        actual_csv = read_csv('test_example_output.csv')
-
-        self.assertEqual(actual_csv, expected_csv)
-
-    def test_extract_json(self):
-        extract_otp_secret_keys.main(['-q', '-j', 'test_example_output.json', 'example_export.txt'])
-
-        expected_json = read_json('example_output.json')
-        actual_json = read_json('test_example_output.json')
-
-        self.assertEqual(actual_json, expected_json)
-
-    def test_extract_stdout_1(self):
-        with Capturing() as output:
-            extract_otp_secret_keys.main(['example_export.txt'])
-
-        expected_output = [
-            'Name:   pi@raspberrypi',
-            'Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY',
-            'Issuer: raspberrypi',
-            'Type:   OTP_TOTP',
-            '',
-            'Name:   pi@raspberrypi',
-            'Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY',
-            'Type:   OTP_TOTP',
-            '',
-            'Name:   pi@raspberrypi',
-            'Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY',
-            'Type:   OTP_TOTP',
-            '',
-            'Name:   pi@raspberrypi',
-            'Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY',
-            'Issuer: raspberrypi',
-            'Type:   OTP_TOTP',
-            ''
-        ]
-        self.assertEqual(output, expected_output)
-
-    # Ref for capturing https://stackoverflow.com/a/40984270
-    def test_extract_stdout_2(self):
-        out = io.StringIO()
-        with redirect_stdout(out):
-            extract_otp_secret_keys.main(['example_export.txt'])
-        actual_output = out.getvalue()
-
-        expected_output = '''Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Issuer: raspberrypi
-Type:   OTP_TOTP
-
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Type:   OTP_TOTP
-
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Type:   OTP_TOTP
-
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Issuer: raspberrypi
-Type:   OTP_TOTP
-
-'''
-        self.assertEqual(actual_output, expected_output)
-
-    def test_extract_not_encoded_plus(self):
-        out = io.StringIO()
-        with redirect_stdout(out):
-            extract_otp_secret_keys.main(['test/test_plus_problem_export.txt'])
-        actual_output = out.getvalue()
-
-        expected_output = '''Name:   SerenityLabs:test1@serenitylabs.co.uk
-Secret: A4RFDYMF4GSLUIBQV4ZP67OJEZ2XUQVM
-Issuer: SerenityLabs
-Type:   OTP_TOTP
-
-Name:   SerenityLabs:test2@serenitylabs.co.uk
-Secret: SCDDZ7PW5MOZLE3PQCAZM7L4S35K3UDX
-Issuer: SerenityLabs
-Type:   OTP_TOTP
-
-Name:   SerenityLabs:test3@serenitylabs.co.uk
-Secret: TR76272RVYO6EAEY2FX7W7R7KUDEGPJ4
-Issuer: SerenityLabs
-Type:   OTP_TOTP
-
-Name:   SerenityLabs:test4@serenitylabs.co.uk
-Secret: N2ILWSXSJUQUB7S6NONPJSC62NPG7EXN
-Issuer: SerenityLabs
-Type:   OTP_TOTP
-
-'''
-        self.assertEqual(actual_output, expected_output)
-
-    def test_extract_printqr(self):
-        out = io.StringIO()
-        with redirect_stdout(out):
-            extract_otp_secret_keys.main(['-p', 'example_export.txt'])
-        actual_output = out.getvalue()
-
-        expected_output = read_file_to_str('test/printqr_output.txt')
-
-        self.assertEqual(actual_output, expected_output)
-
-    def test_extract_verbose(self):
-        out = io.StringIO()
-        with redirect_stdout(out):
-            extract_otp_secret_keys.main(['-v', 'example_export.txt'])
-        actual_output = out.getvalue()
-
-        expected_output = read_file_to_str('test/print_verbose_output.txt')
-
-        self.assertEqual(actual_output, expected_output)
-
-    def setUp(self):
-        self.cleanup()
-
-    def tearDown(self):
-        self.cleanup()
-
-    def cleanup(self):
-        remove_file('test_example_output.csv')
-        remove_file('test_example_output.json')
-
-
-if __name__ == '__main__':
-    unittest.main()
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -0,0 +1,21 @@
+from typing import Any
+
+import pytest
+
+
+def pytest_addoption(parser: pytest.Parser) -> None:
+    parser.addoption("--relaxed", action='store_true', help="run tests in relaxed mode")
+    parser.addoption("--fast", action="store_true", help="faster execution, do not run all combinations")
+
+
+@pytest.fixture
+def relaxed(request: pytest.FixtureRequest) -> Any:
+    return request.config.getoption("--relaxed")
+
+
+def pytest_generate_tests(metafunc: pytest.Metafunc) -> None:
+    if "qr_mode" in metafunc.fixturenames:
+        all_qr_modes = ['ZBAR', 'QREADER', 'QREADER_DEEP', 'CV2', 'CV2_WECHAT']
+        number = 2 if metafunc.config.getoption("fast") else len(all_qr_modes)
+        qr_modes = [mode for mode in all_qr_modes]
+        metafunc.parametrize("qr_mode", qr_modes[0:number])
--- a/tests/data/empty_file.txt
+++ b/tests/data/empty_file.txt
--- a/tests/data/example_export_only_totp.txt
+++ b/tests/data/example_export_only_totp.txt
@@ -0,0 +1,15 @@
+# 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/
+# Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+otpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B
+
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D
+
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B
+
+# otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+# Name: "encoding: ¿äÄéÉ? (demo)"
+otpauth-migration://offline?data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D
--- a/tests/data/lena_std.tif
+++ b/tests/data/lena_std.tif
--- a/tests/data/only_comments.txt
+++ b/tests/data/only_comments.txt
@@ -0,0 +1,3 @@
+# comment 1
+
+# comment 2
--- a/tests/data/print_verbose_output-n-v.txt
+++ b/tests/data/print_verbose_output-n-v.txt
@@ -0,0 +1,51 @@
+QReader installed: True
+CV2 version: 4.10.0
+QR reading mode: ZBAR
+
+Input files: ['example_export.txt']
+
+1. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+
+2. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+3. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+4. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+
+5. Secret
+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+
+
+6. Secret
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+Extracted 6 otps from 5 otp urls by reading 1 infile
--- a/tests/data/print_verbose_output-n-vv.txt
+++ b/tests/data/print_verbose_output-n-vv.txt
@@ -0,0 +1,71 @@
+QReader installed: True
+CV2 version: 4.10.0
+QR reading mode: ZBAR
+
+Input files: ['example_export.txt']
+Processing infile example_export.txt
+# 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/
+
+# Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+otpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B
+
+1. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D
+
+2. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B
+
+3. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+4. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+
+# otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+otpauth-migration://offline?data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D
+
+5. Secret
+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+
+
+# otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+# Name: "encoding: ¿äÄéÉ? (demo)"
+otpauth-migration://offline?data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D
+
+6. Secret
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+Extracted 6 otps from 5 otp urls by reading 1 infile
--- a/tests/data/print_verbose_output-n-vvv.txt
+++ b/tests/data/print_verbose_output-n-vvv.txt
@@ -0,0 +1,227 @@
+QReader installed: True
+CV2 version: 4.10.0
+QR reading mode: ZBAR
+
+Version: extract_otp_secrets 2.8.4.post4+git.7ce765dd.dirty Linux x86_64 Python 3.11.10 (CPython/called as script)
+
+Input files: ['example_export.txt']
+
+DEBUG: Expanded input files: ['example_export.txt']
+Processing infile example_export.txt
+Reading lines of example_export.txt
+# 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/
+
+# Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+otpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B
+
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D
+
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B
+
+# otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+otpauth-migration://offline?data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D
+
+# otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+# Name: "encoding: ¿äÄéÉ? (demo)"
+otpauth-migration://offline?data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D
+# 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/
+
+# Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+otpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B
+
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B', fragment='')
+
+DEBUG: querystring params={'data': ['CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK+/////8B']}
+
+DEBUG: data_base64=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK+/////8B
+
+DEBUG: data_base64_fixed=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK+/////8B
+
+DEBUG: 
+1. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "pi@raspberrypi"
+  issuer: "raspberrypi"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+version: 1
+batch_size: 1
+batch_id: -1320898453
+
+
+1. Secret
+
+DEBUG: OTP enum type: OTP_TOTP
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D
+
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D', fragment='')
+
+DEBUG: querystring params={'data': ['CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4/////wE=']}
+
+DEBUG: data_base64=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4/////wE=
+
+DEBUG: data_base64_fixed=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4/////wE=
+
+DEBUG: 
+2. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "pi@raspberrypi"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+version: 1
+batch_size: 1
+batch_id: -2094403140
+
+
+2. Secret
+
+DEBUG: OTP enum type: OTP_TOTP
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B
+
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B', fragment='')
+
+DEBUG: querystring params={'data': ['CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa+f////8B']}
+
+DEBUG: data_base64=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa+f////8B
+
+DEBUG: data_base64_fixed=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa+f////8B
+
+DEBUG: 
+3. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "pi@raspberrypi"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "pi@raspberrypi"
+  issuer: "raspberrypi"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+version: 1
+batch_size: 1
+batch_id: -1822886384
+
+
+3. Secret
+
+DEBUG: OTP enum type: OTP_TOTP
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+4. Secret
+
+DEBUG: OTP enum type: OTP_TOTP
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+
+# otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+otpauth-migration://offline?data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D
+
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D', fragment='')
+
+DEBUG: querystring params={'data': ['CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6/////wE=']}
+
+DEBUG: data_base64=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6/////wE=
+
+DEBUG: data_base64_fixed=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6/////wE=
+
+DEBUG: 
+4. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "hotp demo"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_HOTP
+  counter: 4
+}
+version: 1
+batch_size: 1
+batch_id: -1558849573
+
+
+5. Secret
+
+DEBUG: OTP enum type: OTP_HOTP
+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+
+
+# otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+# Name: "encoding: ¿äÄéÉ? (demo)"
+otpauth-migration://offline?data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D
+
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D', fragment='')
+
+DEBUG: querystring params={'data': ['CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv//////AQ==']}
+
+DEBUG: data_base64=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv//////AQ==
+
+DEBUG: data_base64_fixed=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv//////AQ==
+
+DEBUG: 
+5. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "encoding: ¿äÄéÉ? (demo)"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+version: 1
+batch_size: 1
+batch_id: -171198419
+
+
+6. Secret
+
+DEBUG: OTP enum type: OTP_TOTP
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+Extracted 6 otps from 5 otp urls by reading 1 infile
--- a/tests/data/print_verbose_output-n.txt
+++ b/tests/data/print_verbose_output-n.txt
@@ -0,0 +1,27 @@
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+
+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+
--- a/tests/data/print_verbose_output-v.txt
+++ b/tests/data/print_verbose_output-v.txt
@@ -0,0 +1,51 @@
+QReader installed: True
+CV2 version: 4.10.0
+QR reading mode: ZBAR
+
+Input files: ['example_export.txt']
+
+1. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+
+2. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+3. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+4. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+
+5. Secret
+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+
+
+6. Secret
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+Extracted 6 otps from 5 otp urls by reading 1 infile
--- a/tests/data/print_verbose_output-vv.txt
+++ b/tests/data/print_verbose_output-vv.txt
@@ -0,0 +1,71 @@
+QReader installed: True
+CV2 version: 4.10.0
+QR reading mode: ZBAR
+
+Input files: ['example_export.txt']
+[36mProcessing infile example_export.txt[39m
+[36m# 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/[39m
+[36m[39m
+[36m# Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi[39m
+[36motpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B[39m
+
+1. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+[36m[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36motpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D[39m
+
+2. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+[36m[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36motpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B[39m
+
+3. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+4. Secret
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+[36m[39m
+[36m# otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4[39m
+[36motpauth-migration://offline?data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D[39m
+
+5. Secret
+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+
+[36m[39m
+[36m# otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36m# Name: "encoding: ¿äÄéÉ? (demo)"[39m
+[36motpauth-migration://offline?data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D[39m
+
+6. Secret
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+Extracted 6 otps from 5 otp urls by reading 1 infile
--- a/tests/data/print_verbose_output-vvv.txt
+++ b/tests/data/print_verbose_output-vvv.txt
@@ -0,0 +1,232 @@
+QReader installed: True
+CV2 version: 4.10.0
+QR reading mode: ZBAR
+
+Version: extract_otp_secrets 2.8.4.post4+git.7ce765dd.dirty Linux x86_64 Python 3.11.10 (CPython/called as script)
+
+Input files: ['example_export.txt']
+[36m
+DEBUG: Expanded input files: ['example_export.txt'] [39m
+[36mProcessing infile example_export.txt[39m
+Reading lines of example_export.txt
+[36m# 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/[39m
+[36m[39m
+[36m# Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi[39m
+[36motpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B[39m
+[36m[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36motpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D[39m
+[36m[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36motpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B[39m
+[36m[39m
+[36m# otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4[39m
+[36motpauth-migration://offline?data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D[39m
+[36m[39m
+[36m# otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36m# Name: "encoding: ¿äÄéÉ? (demo)"[39m
+[36motpauth-migration://offline?data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D[39m
+[36m# 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/[39m
+[36m[39m
+[36m# Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi[39m
+[36motpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B[39m
+[36m
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B', fragment='') [39m
+[36m
+DEBUG: querystring params={'data': ['CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK+/////8B']} [39m
+[36m
+DEBUG: data_base64=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK+/////8B [39m
+[36m
+DEBUG: data_base64_fixed=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK+/////8B [39m
+[36m
+DEBUG: 
+1. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "pi@raspberrypi"
+  issuer: "raspberrypi"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+version: 1
+batch_size: 1
+batch_id: -1320898453
+
+[39m
+
+1. Secret
+[36m
+DEBUG: OTP enum type: OTP_TOTP [39m
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+[36m[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36motpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D[39m
+[36m
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D', fragment='') [39m
+[36m
+DEBUG: querystring params={'data': ['CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4/////wE=']} [39m
+[36m
+DEBUG: data_base64=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4/////wE= [39m
+[36m
+DEBUG: data_base64_fixed=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4/////wE= [39m
+[36m
+DEBUG: 
+2. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "pi@raspberrypi"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+version: 1
+batch_size: 1
+batch_id: -2094403140
+
+[39m
+
+2. Secret
+[36m
+DEBUG: OTP enum type: OTP_TOTP [39m
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+[36m[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi[39m
+[36m# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36motpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B[39m
+[36m
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B', fragment='') [39m
+[36m
+DEBUG: querystring params={'data': ['CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa+f////8B']} [39m
+[36m
+DEBUG: data_base64=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa+f////8B [39m
+[36m
+DEBUG: data_base64_fixed=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa+f////8B [39m
+[36m
+DEBUG: 
+3. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "pi@raspberrypi"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "pi@raspberrypi"
+  issuer: "raspberrypi"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+version: 1
+batch_size: 1
+batch_id: -1822886384
+
+[39m
+
+3. Secret
+[36m
+DEBUG: OTP enum type: OTP_TOTP [39m
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+
+4. Secret
+[36m
+DEBUG: OTP enum type: OTP_TOTP [39m
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+
+[36m[39m
+[36m# otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4[39m
+[36motpauth-migration://offline?data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D[39m
+[36m
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D', fragment='') [39m
+[36m
+DEBUG: querystring params={'data': ['CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6/////wE=']} [39m
+[36m
+DEBUG: data_base64=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6/////wE= [39m
+[36m
+DEBUG: data_base64_fixed=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6/////wE= [39m
+[36m
+DEBUG: 
+4. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "hotp demo"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_HOTP
+  counter: 4
+}
+version: 1
+batch_size: 1
+batch_id: -1558849573
+
+[39m
+
+5. Secret
+[36m
+DEBUG: OTP enum type: OTP_HOTP [39m
+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+
+[36m[39m
+[36m# otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY[39m
+[36m# Name: "encoding: ¿äÄéÉ? (demo)"[39m
+[36motpauth-migration://offline?data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D[39m
+[36m
+DEBUG: parsed_url=ParseResult(scheme='otpauth-migration', netloc='offline', path='', params='', query='data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D', fragment='') [39m
+[36m
+DEBUG: querystring params={'data': ['CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv//////AQ==']} [39m
+[36m
+DEBUG: data_base64=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv//////AQ== [39m
+[36m
+DEBUG: data_base64_fixed=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv//////AQ== [39m
+[36m
+DEBUG: 
+5. Payload Line
+otp_parameters {
+  secret: "\372\245\005\3513\240\321.\220\276\352\226\310\301\0106"
+  name: "encoding: ¿äÄéÉ? (demo)"
+  algorithm: ALGO_SHA1
+  digits: 1
+  type: OTP_TOTP
+}
+version: 1
+batch_size: 1
+batch_id: -171198419
+
+[39m
+
+6. Secret
+[36m
+DEBUG: OTP enum type: OTP_TOTP [39m
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+
+Extracted 6 otps from 5 otp urls by reading 1 infile
--- a/tests/data/print_verbose_output.txt
+++ b/tests/data/print_verbose_output.txt
@@ -0,0 +1,27 @@
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+
+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+
--- a/tests/data/printqr_output.txt
+++ b/tests/data/printqr_output.txt
@@ -1,7 +1,7 @@
-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Issuer: raspberrypi
-Type:   OTP_TOTP
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
                                              
                                              
     █▀▀▀▀▀█  ▄▀▄▄█ █▀  ▀▀▀▀▀█  ▄▄ █▀▀▀▀▀█    
@@ -26,9 +26,9 @@ Type:   OTP_TOTP
                                              
                                              

-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Type:   OTP_TOTP
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
                                          
                                          
     █▀▀▀▀▀█ ▀▀██ █▄▀█ ▀▄▄▀█▀▄ █▀▀▀▀▀█    
@@ -51,9 +51,9 @@ Type:   OTP_TOTP
                                          
                                          

-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Type:   OTP_TOTP
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
                                          
                                          
     █▀▀▀▀▀█ ▀▀██ █▄▀█ ▀▄▄▀█▀▄ █▀▀▀▀▀█    
@@ -76,10 +76,10 @@ Type:   OTP_TOTP
                                          
                                          

-Name:   pi@raspberrypi
-Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY
-Issuer: raspberrypi
-Type:   OTP_TOTP
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
                                              
                                              
     █▀▀▀▀▀█  ▄▀▄▄█ █▀  ▀▀▀▀▀█  ▄▄ █▀▀▀▀▀█    
@@ -104,3 +104,60 @@ Type:   OTP_TOTP
                                              
                                              

+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+                                             
+                                             
+    █▀▀▀▀▀█ ▄█▀▄▄ ▄▄▄██  █▄▄██ █▄ █▀▀▀▀▀█    
+    █ ███ █  ▀▄   ▄▄▄  ▀▄ ▄▄▀ █▀  █ ███ █    
+    █ ▀▀▀ █ ▀█ ▄▄█▄  ▄▀█▀▀██▄▄██▄ █ ▀▀▀ █    
+    ▀▀▀▀▀▀▀ ▀▄▀ █▄▀▄█▄█▄█ ▀▄█▄█ █ ▀▀▀▀▀▀▀    
+    █▄█ █ ▀▄▄ ▀ ▄▄███▄█▄   ▄█▀ ▀█  ▄█▄▄▀▄    
+    ▄██▄▀▄▀██▄▀▄▀ ▀▀█ ▀▄ █▄▀██▄  ▀▄▀▀▀▄█▀    
+    ▄ ▄█▄▀▀▀▀█▄▄▄▀▄█▄ ▄ ▄██▀█▀▄ ▀▄█▄ █▀▀█    
+    ▄▀▄▀██▀█▀  ██▀▄ ▀▀ ▄▄▄█▄██ ▄▀█▄▄▄ ▀▄▀    
+    █▄▀▀▀█▀█▄ ▄ ▀ ▀█ ▄ ▄█ █▄▀█▄ █▄█    ▀▄    
+    ▀▀██▄█▀  ▄█▄▀▀█▄ ▄█▀██▄▄█▄  █▀▄█ ▀▀▀█    
+    █████▄▀▀█▀▀█▀▀▄  ▄ ▀█▀▄ ██▄ ▄███ ▄▀█     
+     ▄▄█▀▀▀█▀█▄█  ▄█▄▄█ ▀▀ ▄▀▄ ▄█▀▄▄█▀▀▄▄    
+     ██▄ █▀▄▀▀ █  ▀██ █▄ ▄   █  ▀▄█▀▄█▄██    
+    ▀▄▀ █ ▀▄▀▄██▄█ ▀█▀▄▄ ██▄▄▄▀ ▀▄ ▄█ ███    
+    ▀  ▀▀ ▀▀▄ ▄▄▄█▄██▀▀ ▄█ ▀ █▀▀█▀▀▀█▀  █    
+    █▀▀▀▀▀█  █▄█▀█▀▀█▀   ▄█ ▀▄▄▀█ ▀ █▀▀ ▀    
+    █ ███ █ ▀█▀▀ ▀ █ ▄ ▄█▄█  █▄ █▀▀██▀ ██    
+    █ ▀▀▀ █ ▀▄▀▄█▀▀▄  ▀▀█▄▄ ▀▄▄█   █▀▀▀▄▀    
+    ▀▀▀▀▀▀▀ ▀▀▀▀  ▀ ▀  ▀▀▀   ▀▀ ▀ ▀▀▀▀ ▀▀    
+                                             
+                                             
+
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+                                                 
+                                                 
+    █▀▀▀▀▀█ ▄▀▀  ▀  ▄▀█ ▄▄▄██▀ ▄▀█▄█▀ █▀▀▀▀▀█    
+    █ ███ █ █▄▀█▄▄ ▀  ▄▀█  █  █  ▀▀▀▄ █ ███ █    
+    █ ▀▀▀ █  ▄ ▀ ▀▄▀▄ ▄▄▀▄▄█▄ ▀▄ █▀▀█ █ ▀▀▀ █    
+    ▀▀▀▀▀▀▀ █ █ █▄█▄▀ ▀▄▀ █▄█ ▀ █ ▀ █ ▀▀▀▀▀▀▀    
+    ▀   ▄ ▀ █▀▀▄▀ ▄▄▀▀▄█▄ █▄▀▀▄█▀██▄▄█▀ ▄█▀▀▄    
+    ▄▀█▄█ ▀ ▀ █▄█▄▄    ▄███▄▄▀▀▀▄▄▀▄    ▄█▀▄▄    
+     ▀█▀ ▄▀▄▄█ ▄▀███▀ ▄▀█▀▄▀▄  ▀██▄▄ ▄█▀█  ▀▄    
+     ▄▀ █▄▀▀ █▀▄▄▄  ▄█▄█ ▀▄ ▄▄ ▄  ▀▀█▄▄ ▀█▄▄▄    
+    ▀ ▄▄▄▀▀▄▄█▀▄ ▀▀▀█▄ █▄ ▀ ▄█▄▄▀▄▀▀▀▄▄█▄ ▀ ▀    
+    █ ▄   ▀█ ▄▀ ██ █ ▄▄▀▀▀███▄     ▄▄██ ██▀█▀    
+    █▀█▀██▀▀███▄  ▀▀▄▄▄▄█▀ █ ▄█▄█▄▀ ▄▄▀  ▄▄ ▀    
+    ▄██▄▄ ▀ ▀   ▀▀  ██▄▄▄▀▀▄█▀█▄ ▀ █▄▀▄   ▀▄▄    
+      ███▄▀█▄█▄▄█ ▀█▄ ▀▄█  ▄▀▄ █▄  ▄ █▄  ▄▀▄▀    
+    █  ▄ ▄▀▀▄▄█▄▄█▄█ ▄▄▄ █▄▄▀█ █▀█▄ ▄▀▀█▄▄▄▀▀    
+    ▄  ▀▄▀▀ ▄▄▀██  ▀▀▄█▀▀▄ ▀▀█   ▄ ████ █▀█▀█    
+    █▀▄▀█ ▀▄▄ ▄ ▀▀▀ ▄▀ ▀ █▀▄▀▀█▀▀█▄▀█ ▀▄▀▄ █     
+    ▀ ▀  ▀▀ ▄ █▄▀█▀▀▄▀█ ▀▄▄█▄▀ ██ ▀██▀▀▀█▀▄▄     
+    █▀▀▀▀▀█  ▀█ ▄▄██▀ ▀██▄▀██ ▄▄██ ▀█ ▀ █ ▀█     
+    █ ███ █  █▄ █▀▀█▀▀▀█▀█ ▀ ▀█ █▀▀ ██▀▀▀███▀    
+    █ ▀▀▀ █  ▄ ▄▀█▄▄ ▀█ ▀▀  ▄ ▀█▀ ▄▀ █▀▀██ ▀▄    
+    ▀▀▀▀▀▀▀ ▀ ▀ ▀ ▀▀   ▀  ▀ ▀▀▀▀ ▀  ▀   ▀ ▀      
+                                                 
+                                                 
+
--- a/tests/data/qr_but_without_otp.png
+++ b/tests/data/qr_but_without_otp.png
--- a/tests/data/test_export_wrong_content.txt
+++ b/tests/data/test_export_wrong_content.txt
@@ -0,0 +1 @@
+Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua.
--- a/tests/data/test_export_wrong_data.txt
+++ b/tests/data/test_export_wrong_data.txt
@@ -0,0 +1 @@
+otpauth-migration://offline?data=XXXX
--- a/tests/data/test_export_wrong_prefix.txt
+++ b/tests/data/test_export_wrong_prefix.txt
@@ -0,0 +1 @@
+QR-Code:otpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B
--- a/tests/data/test_googleauth_export.png
+++ b/tests/data/test_googleauth_export.png
--- a/tests/data/test_plus_problem_export.txt
+++ b/tests/data/test_plus_problem_export.txt
--- a/tests/data/text_masquerading_as_image.jpeg
+++ b/tests/data/text_masquerading_as_image.jpeg
@@ -0,0 +1 @@
+This is just a text file masquerading as an image file.
--- a/tests/data/url_list_output.txt
+++ b/tests/data/url_list_output.txt
@@ -0,0 +1,6 @@
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
+otpauth://totp/pi%40raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi
+otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4
+otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY
--- a/tests/extract_otp_secrets_img_unit_test.py
+++ b/tests/extract_otp_secrets_img_unit_test.py
@@ -0,0 +1,89 @@
+# Unit test for extract_otp_secrets.py
+
+# Run tests:
+# python -m unittest
+
+# Author: sssudame
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+from __future__ import annotations  # workaround for PYTHON <= 3.10
+import unittest
+
+import extract_otp_secrets
+from utils import Capturing
+
+
+class TestQRImageExtract(unittest.TestCase):
+    def test_img_qr_reader_happy_path(self) -> None:
+        with Capturing() as actual_output:
+            extract_otp_secrets.main(['tests/data/test_googleauth_export.png'])
+
+        expected_output =\
+            ['Name:    Test1:test1@example1.com', 'Secret:  JBSWY3DPEHPK3PXP', 'Issuer:  Test1', 'Type:    totp', '',
+             'Name:    Test2:test2@example2.com', 'Secret:  JBSWY3DPEHPK3PXQ', 'Issuer:  Test2', 'Type:    totp', '',
+             'Name:    Test3:test3@example3.com', 'Secret:  JBSWY3DPEHPK3PXR', 'Issuer:  Test3', 'Type:    totp', '']
+
+        self.assertEqual(actual_output, expected_output)
+
+    def test_img_qr_reader_no_qr_code_in_image(self) -> None:
+        with Capturing() as actual_output:
+            with self.assertRaises(SystemExit) as context:
+                extract_otp_secrets.main(['-n', 'tests/data/lena_std.tif'])
+
+        expected_output = ['', 'ERROR: Unable to read QR Code from file.', 'input file: tests/data/lena_std.tif']
+
+        self.assertEqual(actual_output, expected_output)
+        self.assertEqual(context.exception.code, 1)
+
+    def test_img_qr_reader_nonexistent_file(self) -> None:
+        with Capturing() as actual_output:
+            with self.assertRaises(SystemExit) as context:
+                extract_otp_secrets.main(['-n', 'nonexistent.bmp'])
+
+        expected_output = ['', 'ERROR: Input file provided is non-existent or not a file.', 'input file: nonexistent.bmp']
+
+        self.assertEqual(actual_output, expected_output)
+        self.assertEqual(context.exception.code, 1)
+
+    def test_img_qr_reader_non_image_file(self) -> None:
+        with Capturing() as actual_output:
+            extract_otp_secrets.main(['-n', 'tests/data/text_masquerading_as_image.jpeg'])
+
+        expected_output = [
+            '',
+            'WARN: input is not a otpauth-migration:// url',
+            'source: tests/data/text_masquerading_as_image.jpeg',
+            "input: This is just a text file masquerading as an image file.",
+            'Maybe a wrong file was given',
+            '',
+            'ERROR: could not parse query parameter in input url',
+            'source: tests/data/text_masquerading_as_image.jpeg',
+            "url: This is just a text file masquerading as an image file.",
+        ]
+
+        self.assertEqual(actual_output, expected_output)
+
+    def setUp(self) -> None:
+        self.cleanup()
+
+    def tearDown(self) -> None:
+        self.cleanup()
+
+    def cleanup(self) -> None:
+        pass
+
+
+if __name__ == '__main__':
+    unittest.main()
--- a/tests/extract_otp_secrets_test.py
+++ b/tests/extract_otp_secrets_test.py
--- a/tests/extract_otp_secrets_txt_unit_test.py
+++ b/tests/extract_otp_secrets_txt_unit_test.py
@@ -0,0 +1,237 @@
+# Unit test for extract_otp_secrets.py
+
+# Run tests:
+# python -m unittest
+
+# Author: Scito (https://scito.ch)
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+from __future__ import annotations  # workaround for PYTHON <= 3.10
+
+import io
+import os
+import unittest
+from contextlib import redirect_stdout
+
+from utils import (Capturing, count_files_in_dir, read_csv, read_file_to_str,
+                   read_json, remove_dir_with_files, remove_file)
+
+import extract_otp_secrets
+
+# Conditional skip example
+# if sys.implementation.name == 'pypy' or sys.platform.startswith("win") or sys.version_info < (3, 10):
+#             self.skipTest("Avoid encoding problems")
+
+
+class TestExtract(unittest.TestCase):
+
+    def test_extract_csv(self) -> None:
+        extract_otp_secrets.main(['-q', '-c', 'test_example_output.csv', 'example_export.txt'])
+
+        expected_csv = read_csv('example_output.csv')
+        actual_csv = read_csv('test_example_output.csv')
+
+        self.assertEqual(actual_csv, expected_csv)
+
+    def test_extract_json(self) -> None:
+        extract_otp_secrets.main(['-q', '-j', 'test_example_output.json', 'example_export.txt'])
+
+        expected_json = read_json('example_output.json')
+        actual_json = read_json('test_example_output.json')
+
+        self.assertEqual(actual_json, expected_json)
+
+    def test_extract_stdout_1(self) -> None:
+        with Capturing() as output:
+            extract_otp_secrets.main(['example_export.txt'])
+
+        expected_output = [
+            'Name:    pi@raspberrypi',
+            'Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY',
+            'Issuer:  raspberrypi',
+            'Type:    totp',
+            '',
+            'Name:    pi@raspberrypi',
+            'Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY',
+            'Type:    totp',
+            '',
+            'Name:    pi@raspberrypi',
+            'Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY',
+            'Type:    totp',
+            '',
+            'Name:    pi@raspberrypi',
+            'Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY',
+            'Issuer:  raspberrypi',
+            'Type:    totp',
+            '',
+            'Name:    hotp demo',
+            'Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY',
+            'Type:    hotp',
+            'Counter: 4',
+            '',
+            'Name:    encoding: ¿äÄéÉ? (demo)',
+            'Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY',
+            'Type:    totp',
+            ''
+        ]
+        self.assertEqual(output, expected_output)
+
+    # Ref for capturing https://stackoverflow.com/a/40984270
+    def test_extract_stdout_2(self) -> None:
+        out = io.StringIO()
+        with redirect_stdout(out):
+            extract_otp_secrets.main(['example_export.txt'])
+        actual_output = out.getvalue()
+
+        expected_output = '''Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+
+Name:    pi@raspberrypi
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Issuer:  raspberrypi
+Type:    totp
+
+Name:    hotp demo
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    hotp
+Counter: 4
+
+Name:    encoding: ¿äÄéÉ? (demo)
+Secret:  7KSQL2JTUDIS5EF65KLMRQIIGY
+Type:    totp
+
+'''
+        self.assertEqual(actual_output, expected_output)
+
+    def test_extract_not_encoded_plus(self) -> None:
+        out = io.StringIO()
+        with redirect_stdout(out):
+            extract_otp_secrets.main(['tests/data/test_plus_problem_export.txt'])
+        actual_output = out.getvalue()
+
+        expected_output = '''Name:    SerenityLabs:test1@serenitylabs.co.uk
+Secret:  A4RFDYMF4GSLUIBQV4ZP67OJEZ2XUQVM
+Issuer:  SerenityLabs
+Type:    totp
+
+Name:    SerenityLabs:test2@serenitylabs.co.uk
+Secret:  SCDDZ7PW5MOZLE3PQCAZM7L4S35K3UDX
+Issuer:  SerenityLabs
+Type:    totp
+
+Name:    SerenityLabs:test3@serenitylabs.co.uk
+Secret:  TR76272RVYO6EAEY2FX7W7R7KUDEGPJ4
+Issuer:  SerenityLabs
+Type:    totp
+
+Name:    SerenityLabs:test4@serenitylabs.co.uk
+Secret:  N2ILWSXSJUQUB7S6NONPJSC62NPG7EXN
+Issuer:  SerenityLabs
+Type:    totp
+
+'''
+        self.assertEqual(actual_output, expected_output)
+
+    def test_extract_printqr(self) -> None:
+        out = io.StringIO()
+        with redirect_stdout(out):
+            extract_otp_secrets.main(['-p', 'example_export.txt'])
+        actual_output = out.getvalue()
+
+        expected_output = read_file_to_str('tests/data/printqr_output.txt')
+
+        self.assertEqual(actual_output, expected_output)
+
+    def test_extract_saveqr(self) -> None:
+        extract_otp_secrets.main(['-q', '-s', 'testout/qr/', 'example_export.txt'])
+
+        self.assertTrue(os.path.isfile('testout/qr/1-piraspberrypi-raspberrypi.png'))
+        self.assertTrue(os.path.isfile('testout/qr/2-piraspberrypi.png'))
+        self.assertTrue(os.path.isfile('testout/qr/3-piraspberrypi.png'))
+        self.assertTrue(os.path.isfile('testout/qr/4-piraspberrypi-raspberrypi.png'))
+        self.assertTrue(os.path.isfile('testout/qr/5-hotpdemo.png'))
+        self.assertTrue(os.path.isfile('testout/qr/6-encodingäÄéÉdemo.png'))
+        self.assertEqual(count_files_in_dir('testout/qr'), 6)
+
+    def test_extract_debug(self) -> None:
+        out = io.StringIO()
+        with redirect_stdout(out):
+            extract_otp_secrets.main(['-vvv', 'example_export.txt'])
+        actual_output = out.getvalue()
+
+        expected_stdout = read_file_to_str('tests/data/print_verbose_output.txt')
+
+        self.assertGreater(len(actual_output), len(expected_stdout))
+        self.assertTrue("DEBUG: " in actual_output)
+
+    def test_extract_help_1(self) -> None:
+        out = io.StringIO()
+        with redirect_stdout(out):
+            try:
+                extract_otp_secrets.main(['-h'])
+                self.fail("Must abort")
+            except SystemExit as e:
+                self.assertEqual(e.code, 0)
+
+        actual_output = out.getvalue()
+
+        self.assertGreater(len(actual_output), 0)
+        self.assertTrue("-h, --help" in actual_output and "-v, --verbose" in actual_output)
+
+    def test_extract_help_2(self) -> None:
+        out = io.StringIO()
+        with redirect_stdout(out):
+            with self.assertRaises(SystemExit) as context:
+                extract_otp_secrets.main(['-h'])
+
+        actual_output = out.getvalue()
+
+        self.assertGreater(len(actual_output), 0)
+        self.assertTrue("-h, --help" in actual_output and "-v, --verbose" in actual_output)
+        self.assertEqual(context.exception.code, 0)
+
+    def test_extract_help_3(self) -> None:
+        with Capturing() as actual_output:
+            with self.assertRaises(SystemExit) as context:
+                extract_otp_secrets.main(['-h'])
+
+        self.assertGreater(len(actual_output), 0)
+        self.assertTrue("-h, --help" in "\n".join(actual_output) and "-v, --verbose" in "\n".join(actual_output))
+        self.assertEqual(context.exception.code, 0)
+
+    def setUp(self) -> None:
+        self.cleanup()
+
+    def tearDown(self) -> None:
+        self.cleanup()
+
+    def cleanup(self) -> None:
+        remove_file('test_example_output.csv')
+        remove_file('test_example_output.json')
+        remove_dir_with_files('testout/')
+
+
+if __name__ == '__main__':
+    unittest.main()
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -0,0 +1,140 @@
+# Author: Scito (https://scito.ch)
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+from __future__ import annotations  # workaround for PYTHON <= 3.10
+import csv
+import glob
+import io
+import json
+import os
+import re
+import shutil
+import sys
+import pathlib
+from typing import BinaryIO, Any, Union, List
+
+
+# Types
+# workaround for PYTHON <= 3.9: Workaround for str | pathlib.Path
+PathLike = Union[str, pathlib.Path]
+
+
+# Ref. https://stackoverflow.com/a/16571630
+# workaround for PYTHON <= 3.10: class Capturing(list[Any]):
+class Capturing(List[Any]):
+    '''Capture stdout and stderr
+Usage:
+with Capturing() as output:
+    print("Output")
+'''
+    # TODO remove type ignore if fixed, see https://github.com/python/mypy/issues/11871, https://stackoverflow.com/questions/72174409/type-hinting-the-return-value-of-a-class-method-that-returns-self
+    def __enter__(self):  # type: ignore
+        self._stdout = sys.stdout
+        sys.stdout = self._stringio_std = io.StringIO()
+        self._stderr = sys.stderr
+        sys.stderr = self._stringio_err = io.StringIO()
+        return self
+
+    def __exit__(self, *args: Any) -> None:
+        self.extend(self._stringio_std.getvalue().splitlines())
+        del self._stringio_std    # free up some memory
+        sys.stdout = self._stdout
+
+        self.extend(self._stringio_err.getvalue().splitlines())
+        del self._stringio_err    # free up some memory
+        sys.stderr = self._stderr
+
+
+def file_exits(file: PathLike) -> bool:
+    return os.path.isfile(file)
+
+
+def remove_file(file: PathLike) -> None:
+    if file_exits(file): os.remove(file)
+
+
+def remove_files(glob_pattern: str) -> None:
+    for f in glob.glob(glob_pattern):
+        os.remove(f)
+
+
+def remove_dir_with_files(dir: PathLike) -> None:
+    if os.path.exists(dir): shutil.rmtree(dir)
+
+
+def read_csv(filename: str) -> List[List[str]]:
+    """Returns a list of lines."""
+    with open(filename, "r", encoding="utf-8", newline='') as infile:
+        lines: List[List[str]] = []
+        reader = csv.reader(infile)
+        for line in reader:
+            lines.append(line)
+        return lines
+
+
+def read_csv_str(data_str: str) -> List[List[str]]:
+    """Returns a list of lines."""
+    lines: List[List[str]] = []
+    reader = csv.reader(data_str.splitlines())
+    for line in reader:
+        lines.append(line)
+    return lines
+
+
+def read_json(filename: str) -> Any:
+    """Returns a list or a dictionary."""
+    with open(filename, "r", encoding="utf-8") as infile:
+        return json.load(infile)
+
+
+def read_json_str(data_str: str) -> Any:
+    """Returns a list or a dictionary."""
+    return json.loads(data_str)
+
+
+def read_file_to_list(filename: str) -> List[str]:
+    """Returns a list of lines."""
+    with open(filename, "r", encoding="utf-8") as infile:
+        return infile.readlines()
+
+
+def read_file_to_str(filename: str) -> str:
+    """Returns a str."""
+    return "".join(read_file_to_list(filename))
+
+
+def read_binary_file_as_stream(filename: str) -> BinaryIO:
+    """Returns binary file content."""
+    with open(filename, "rb",) as infile:
+        return io.BytesIO(infile.read())
+
+
+def replace_escaped_octal_utf8_bytes_with_str(str: str) -> str:
+    encoded_name_strings = re.findall(r'name: .*$', str, flags=re.MULTILINE)
+    for encoded_name_string in encoded_name_strings:
+        escaped_bytes = re.findall(r'((?:\\[0-9]+)+)', encoded_name_string)
+        for byte_sequence in escaped_bytes:
+            unicode_str = b''.join([int(byte, 8).to_bytes(1, 'little') for byte in byte_sequence.split('\\') if byte]).decode('utf-8')
+            print("Replace '{}' by '{}'".format(byte_sequence, unicode_str))
+            str = str.replace(byte_sequence, unicode_str)
+    return str
+
+
+def quick_and_dirty_workaround_encoding_problem(str: str) -> str:
+    return re.sub(r'name: "encoding: .*$', '', str, flags=re.MULTILINE)
+
+
+def count_files_in_dir(path: PathLike) -> int:
+    return len([name for name in os.listdir(path) if os.path.isfile(os.path.join(path, name))])
--- a/utils.py
+++ b/utils.py
@@ -1,69 +0,0 @@
-# Author: Scito (https://scito.ch)
-
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-import csv
-import json
-import os
-from io import StringIO
-import sys
-
-
-# Ref. https://stackoverflow.com/a/16571630
-class Capturing(list):
-    '''Capture stdout and stderr
-Usage:
-with Capturing() as output:
-    print("Output")
-'''
-    def __enter__(self):
-        self._stdout = sys.stdout
-        sys.stdout = self._stringio = StringIO()
-        return self
-
-    def __exit__(self, *args):
-        self.extend(self._stringio.getvalue().splitlines())
-        del self._stringio    # free up some memory
-        sys.stdout = self._stdout
-
-
-def remove_file(filename):
-    if os.path.exists(filename): os.remove(filename)
-
-
-def read_csv(filename):
-    """Returns a list of lines."""
-    with open(filename, "r") as infile:
-        lines = []
-        reader = csv.reader(infile)
-        for line in reader:
-            lines.append(line)
-        return lines
-
-
-def read_json(filename):
-    """Returns a list or a dictionary."""
-    with open(filename, "r") as infile:
-        return json.load(infile)
-
-
-def read_file_to_list(filename):
-    """Returns a list of lines."""
-    with open(filename, "r") as infile:
-        return infile.readlines()
-
-
-def read_file_to_str(filename):
-    """Returns a str."""
-    return "".join(read_file_to_list(filename))
				`@@ -0,0 +1 @@`
				`Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua.`
				`@@ -0,0 +1 @@`
				`QR-Code:otpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B`
				`@@ -0,0 +1 @@`
				`This is just a text file masquerading as an image file.`