Password prompting

@guillem writes:

I think sq should be able to provide a way to let the program control how the prompting should happen.

We're striving for a REST-style. My thought on this is that sq should signal the application that a password is needed, and exit, and then the application should prompt the user, and retry the command. Although we're aiming to stabilize the CLI with 1.0, we're not yet stabilizing the output, and what I've described above is not yet really possible without some ad-hoc parsing of the output.

In 2025, we plan to add a machine interface to sq. As a first approximation this will wrap the human readable output in JSON data structures that an application can parse. Then the application can detect that sq decrypt failed, because a password for x, y, or z was missing, prompt the user appropriately, and retry.

An alternative would be to have something like pinentry, which prompts the user on behalf of the application. In my experience this model has a few usability issues. The pinentry window is not associated with the application, and thus not shown over it. It's even worse when the user is logged in remotely via ssh and the pinentry is shown in the local desktop session. I think using secret service or something like that would result in the same issues.

Thoughts?