Expand description
Environment and .env file handling.
Enums§
- Envrc
Status - Status of
.envrcafter writing.
Constants§
- ENV_
MURK_ KEY - Environment variable for the secret key.
- ENV_
MURK_ KEY_ FILE - Environment variable for the secret key file path.
- ENV_
MURK_ VAULT - Environment variable for the vault filename.
Functions§
- dotenv_
has_ murk_ key - Check whether
.envalready contains aMURK_KEYline. - key_
file_ path - Compute the key file path for a vault:
~/.config/murk/keys/<hash>. The hash is a truncated SHA-256 of the absolute vault path. - parse_
env - Parse a .env file into key-value pairs.
Skips comments, blank lines,
MURK_*keys, and strips quotes andexportprefixes. - read_
key_ from_ dotenv - Read MURK_KEY from
.envfile if present. - resolve_
key - Resolve the secret key, checking in order:
- warn_
env_ permissions - Warn if
.envhas loose permissions (Unix only). - write_
envrc - Write a
.envrcfile for direnv integration. - write_
key_ ref_ to_ dotenv - Write a MURK_KEY_FILE reference to
.env, removing any existing MURK_KEY/MURK_KEY_FILE lines. - write_
key_ to_ dotenv - Write a MURK_KEY to
.env, removing any existing MURK_KEY lines. On Unix, sets file permissions to 600 atomically at creation time to prevent a TOCTOU window where the secret key is world-readable. On non-Unix platforms, permissions are not hardened. - write_
key_ to_ file - Write a secret key to a file with restricted permissions.