Scan a repo for secrets and encrypt/decrypt them in-place.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mortaccio from gravatar.com mortaccio

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: Superencrypt Contributors
  • Tags secrets , encryption , git , security , cli
  • Requires: Python >=3.10
Classifiers
Report project as malware

Project description

superencrypt

CLI to scan a repo for secrets (including env files), encrypt them in-place, and decrypt them later using a key.

Why

superencrypt helps you keep accidental secrets out of your repo history by encrypting sensitive values in-place while keeping files versionable.

Install

pip install superencryptx

No venv (recommended)

pipx install superencryptx

System install (no venv)

python3 -m pip install --user superencryptx

Quick start

# Encrypt in-place (generates a key, prints it, and writes .superencrypt.key)
superencrypt encrypt

# Decrypt in-place (use in CI/CD pipelines)
superencrypt decrypt --key-file .superencrypt.key

Usage

# Encrypt in-place (generates a key, prints it, and writes .superencrypt.key)
superencrypt encrypt

# Decrypt in-place (provide key or key file)
superencrypt decrypt --key-file .superencrypt.key

# Scan only (no changes)
superencrypt scan

Pipeline example

export SUPERENCRYPT_KEY="$(cat .superencrypt.key)"
superencrypt decrypt --key "$SUPERENCRYPT_KEY"

Notes

  • Encrypted values are stored as ENC[<token>].
  • Key file .superencrypt.key should be protected and not committed.
  • Use scan first to review matches.

Development

python -m venv .venv
source .venv/bin/activate
pip install -e .

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mortaccio from gravatar.com mortaccio

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: Superencrypt Contributors
  • Tags secrets , encryption , git , security , cli
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

0.1.2

0.1.1

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

superencryptx-0.1.0.tar.gz (7.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

superencryptx-0.1.0-py3-none-any.whl (8.6 kB view details)

Uploaded Python 3

File details

Details for the file superencryptx-0.1.0.tar.gz.

File metadata

  • Download URL: superencryptx-0.1.0.tar.gz
  • Upload date:
  • Size: 7.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.2

File hashes

Hashes for superencryptx-0.1.0.tar.gz
Algorithm Hash digest
SHA256 69bd5f48e6353b5d3690d76279c346bd89f54125a0956b9ce0602b1815ab5159
MD5 f457000e0113369faa6484a9321fa11d
BLAKE2b-256 6fa20cc726a469b1bdb9ea65f6b5f3c1ef71c5979b2e98e87824c898e897af20

See more details on using hashes here.

File details

Details for the file superencryptx-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: superencryptx-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 8.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.2

File hashes

Hashes for superencryptx-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 28733c8873917ab7f82a2662d0fc4a719121168a80e8a551cf08ff035ddc421f
MD5 9fda4ada4eb45ad996d95fada9f12c87
BLAKE2b-256 4d0839ab55611786c684b05a46d5206e468611fe18f34e069e622db0ea08248a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page