🛡️ Naru

Securing the Backbone of Modern Applications

Naru (naru-config) is an industrial-grade, security-first configuration engine. Built with Rust 2021 edition, it provides a tamper-evident, schema-enforced ecosystem for managing application secrets and environment variables in high-stakes production environments.

Explore Documentation • Report an Issue • Request a Feature

🔥 Why Naru?

🚀 Getting Started in 3 Steps

1. Installation

From crates.io:

cargo install naru-config

From source:

git clone https://github.com/Luvion1/naru.git
cd naru
cargo build --release --locked
sudo cp target/release/naru /usr/local/bin/

2. Initialize your Vault

export NARU_ENCRYPTION_KEY="your-strong-master-password"
naru init

3. Secure a Configuration

# Define the validation rule
naru schema add --key STRIPE_KEY --type string --secret --pattern "^sk_live_.*$"

# Set the value (automatically encrypted and validated)
naru set STRIPE_KEY=sk_live_51Pq... --env production

🏛️ Architecture at a Glance

Naru follows a Clean Architecture pattern, isolating its cryptographic core from external I/O.

• src/core: The Stateless Engine. Pure business logic, validation, and crypto.
• src/cli: The Interface. High-performance command parsing and TUI.
• src/persistence: The Safe. Atomic file operations and OS-level locking.

🧪 Testing & Development

Naru includes a comprehensive testing suite with 257+ automated tests:

# Run all tests
cargo test

# Run penetration tests
cargo test penetration_tests

# Run security analysis
cargo test deep_security_tests

# Run with output
cargo test -- --nocapture

Test Coverage

• ✅ Penetration Tests - 8 exploit scenarios (race conditions, path traversal, injection)
• ✅ Security Tests - Encryption, validation, audit integrity
• ✅ Deep Security Analysis - DoS, timing attacks, information leaks
• ✅ Integration Tests - End-to-end workflow validation

🤝 Contributing

We believe in open security. Check our Contributing Guide to see how you can help strengthen the Naru ecosystem.