Cálestyo

add option to return a non-zero exit staus if -n was used and a file couldn't be extracted

I don't think sshpass could ever guarantee that a passphrase given as argument cannot be viewed by others, even if it would overwrite it. The OS might still export the original command line somehow and even if it wouldn't there's always the small time frame between starting the process (where the passphrase would be visible) and overwriting it, where an attacker could see it. Your only chance is if the OS prohibits users to see the command arguments of processes from other users.

crashes when directory is `.`, `..` or starts with a `.`

One more thought about it: e) Maybe, what sshpass would need was even another way to specify the passphrase... something like -c "command", in which command is a shell command executed via system(3). sshpass could simply check it's exit status and if 0 take whatever was printed to stdout and use that ass password (including any newlines and so). Exit status 1 would indicate errors, others could be reserved for future use. Of course one would also need to educate users that they mustn't include any...

I've never migrated a project from SF to git(lab/hub)... not sure whether the latter provide any migration tools, so that one could keep all the issues etc.. But at least the repo should be possible.

consider switching to git[lab/hub/etc.]

I put some more thinking into this,... so for the records: a) with scp, one might have actually any number of remote sides (it allows 1-n sources and 1 destination), all of them may have 0-i hops and each of those may have 0-m password/OTP prompts... b) the prompts may be identifiable (like in "(user@example.org) Your 2nd factor (user):" or non-identifiable (like in"OTP:") c) it may probably make sense to match using regular expressions (ideally probably PCRE), so if one has one OTP secret or password...

Nice. Thanks.