MeVault Python SDK — request secrets from the local MeVault broker
Project description
MeVault Python SDK
Request secrets from the MeVault broker in Python — no passwords, no env-var leakage, no subprocesses.
Requirements
- Python 3.9+
- Windows (the broker communicates over a Windows named pipe)
- MeVault broker running and vault unlocked
Installation
pip install mevault
Or from source:
cd sdk/python
pip install -e .
Usage
Synchronous
from mevault import get_secret, get_optional_secret
from mevault.exceptions import VaultLocked, SecretNotFound, MeVaultUnavailable
# Raises SecretNotFound if the secret doesn't exist.
db_password = get_secret("DB_PASSWORD")
# Returns None (or a custom default) if the secret doesn't exist.
api_key = get_optional_secret("OPTIONAL_API_KEY", default="")
Asynchronous
import asyncio
from mevault import async_get_secret
async def main():
token = await async_get_secret("AUTH_TOKEN")
# use token ...
asyncio.run(main())
Error handling
| Exception | When raised |
|---|---|
MeVaultUnavailable |
Broker not running / pipe not found |
VaultLocked |
Vault is locked — user must unlock MeVault |
SecretNotFound |
No secret with that name |
AccessDenied |
Process not permitted to read the secret |
SessionExpired |
Broker session expired — user must re-authenticate |
ProtocolError |
Malformed or oversized broker response |
All exceptions derive from MeVaultError.
from mevault.exceptions import MeVaultError
try:
value = get_secret("MY_SECRET")
except MeVaultError as exc:
# Handle any MeVault error generically.
print(f"MeVault error: {exc}")
Security notes
- Secret values are never logged or printed by the SDK.
SecretValue.__repr__and__str__return<redacted>to prevent accidental exposure in logs or tracebacks.- The SDK does not accept vault passwords and does not spawn subprocesses.
- The SDK does not place secrets in environment variables.
- Each request uses a fresh pipe connection, closed immediately after the response is received.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
mevault-0.3.0.tar.gz
(9.6 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mevault-0.3.0.tar.gz.
File metadata
- Download URL: mevault-0.3.0.tar.gz
- Upload date:
- Size: 9.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1713d0cbcd2faafe7465337eec96aa4b9587d3e08ba3f453549fef9fcb3050bd
|
|
| MD5 |
2c12e6b4b99adaab88bccfcf867ab306
|
|
| BLAKE2b-256 |
ea38881d782a24e24a0f472bca6653b5dab44ead11ddfc436c9e7a3304ec70b3
|
File details
Details for the file mevault-0.3.0-py3-none-win_amd64.whl.
File metadata
- Download URL: mevault-0.3.0-py3-none-win_amd64.whl
- Upload date:
- Size: 4.3 MB
- Tags: Python 3, Windows x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
38eb19f572b5eb036633d7e984dbcd1d9ca503a39551a9d0d3d1557c2e9b397f
|
|
| MD5 |
1bb19d8519a9031e9ada09b4ec08580f
|
|
| BLAKE2b-256 |
c20c64a2a4ffbc38fbbc2b7487efdb26a84503f225c9ee33c8a8fde375387c13
|