keynest 0.0.1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. keynest-0.0.1/.gitignore +220 -0
  2. keynest-0.0.1/LICENSE +21 -0
  3. keynest-0.0.1/PKG-INFO +135 -0
  4. keynest-0.0.1/README.md +108 -0
  5. keynest-0.0.1/keynest/__about__.py +38 -0
  6. keynest-0.0.1/keynest/__init__.py +5 -0
  7. keynest-0.0.1/keynest/__main__.py +6 -0
  8. keynest-0.0.1/keynest/app.py +24 -0
  9. keynest-0.0.1/keynest/backends/__init__.py +1 -0
  10. keynest-0.0.1/keynest/backends/aws_secrets_manager.py +226 -0
  11. keynest-0.0.1/keynest/backends/base.py +75 -0
  12. keynest-0.0.1/keynest/backends/os_keyring.py +166 -0
  13. keynest-0.0.1/keynest/backends/registry.py +34 -0
  14. keynest-0.0.1/keynest/cli.py +527 -0
  15. keynest-0.0.1/keynest/model.py +183 -0
  16. keynest-0.0.1/keynest/py.typed +0 -0
  17. keynest-0.0.1/keynest/services/__init__.py +1 -0
  18. keynest-0.0.1/keynest/services/audit.py +65 -0
  19. keynest-0.0.1/keynest/services/aws_policy.py +84 -0
  20. keynest-0.0.1/keynest/services/aws_wizard.py +194 -0
  21. keynest-0.0.1/keynest/services/clipboard.py +73 -0
  22. keynest-0.0.1/keynest/services/codegen.py +232 -0
  23. keynest-0.0.1/keynest/services/diagnostics.py +109 -0
  24. keynest-0.0.1/keynest/services/dotenv_parser.py +143 -0
  25. keynest-0.0.1/keynest/services/index_store.py +180 -0
  26. keynest-0.0.1/keynest/services/maptools.py +243 -0
  27. keynest-0.0.1/keynest/services/quick.py +88 -0
  28. keynest-0.0.1/keynest/services/repo_tools.py +58 -0
  29. keynest-0.0.1/keynest/services/runner.py +60 -0
  30. keynest-0.0.1/keynest/services/value_tools.py +68 -0
  31. keynest-0.0.1/keynest/ui/__init__.py +1 -0
  32. keynest-0.0.1/keynest/ui/actions_panel.py +31 -0
  33. keynest-0.0.1/keynest/ui/aws_wizard.py +118 -0
  34. keynest-0.0.1/keynest/ui/dialogs.py +95 -0
  35. keynest-0.0.1/keynest/ui/folder_panel.py +165 -0
  36. keynest-0.0.1/keynest/ui/main_window.py +484 -0
  37. keynest-0.0.1/keynest/ui/quick_dialogs.py +166 -0
  38. keynest-0.0.1/keynest/ui/secret_editor.py +200 -0
  39. keynest-0.0.1/pyproject.toml +225 -0
  40. keynest-0.0.1/tests/__init__.py +0 -0
  41. keynest-0.0.1/tests/conftest.py +81 -0
  42. keynest-0.0.1/tests/test_aws_backend.py +146 -0
  43. keynest-0.0.1/tests/test_aws_wizard.py +110 -0
  44. keynest-0.0.1/tests/test_cli.py +14 -0
  45. keynest-0.0.1/tests/test_cli_commands.py +235 -0
  46. keynest-0.0.1/tests/test_diagnostics_backup.py +37 -0
  47. keynest-0.0.1/tests/test_maptools.py +114 -0
  48. keynest-0.0.1/tests/test_model.py +82 -0
  49. keynest-0.0.1/tests/test_os_keyring_backend.py +76 -0
  50. keynest-0.0.1/tests/test_quick.py +62 -0
  51. keynest-0.0.1/tests/test_repo_tools.py +55 -0
  52. keynest-0.0.1/tests/test_services.py +133 -0
  53. keynest-0.0.1/tests/test_ui_aws_wizard_dialog.py +45 -0
  54. keynest-0.0.1/tests/test_ui_clipboard.py +63 -0
  55. keynest-0.0.1/tests/test_ui_main_window.py +269 -0
  56. keynest-0.0.1/tests/test_ui_panels.py +248 -0
@@ -0,0 +1,220 @@
1
+ # Byte-compiled / optimized / DLL files
2
+ __pycache__/
3
+ *.py[codz]
4
+ *$py.class
5
+
6
+ # C extensions
7
+ *.so
8
+
9
+ # Distribution / packaging
10
+ .Python
11
+ build/
12
+ develop-eggs/
13
+ dist/
14
+ downloads/
15
+ eggs/
16
+ .eggs/
17
+ lib/
18
+ lib64/
19
+ parts/
20
+ sdist/
21
+ var/
22
+ wheels/
23
+ share/python-wheels/
24
+ *.egg-info/
25
+ .installed.cfg
26
+ *.egg
27
+ MANIFEST
28
+
29
+ # PyInstaller
30
+ # Usually these files are written by a python script from a template
31
+ # before PyInstaller builds the exe, so as to inject date/other infos into it.
32
+ *.manifest
33
+ *.spec
34
+
35
+ # Installer logs
36
+ pip-log.txt
37
+ pip-delete-this-directory.txt
38
+
39
+ # Unit test / coverage reports
40
+ htmlcov/
41
+ .tox/
42
+ .nox/
43
+ .coverage
44
+ .coverage.*
45
+ .cache
46
+ nosetests.xml
47
+ coverage.xml
48
+ junit.xml
49
+ *.cover
50
+ *.py.cover
51
+ .hypothesis/
52
+ .pytest_cache/
53
+ cover/
54
+
55
+ # Translations
56
+ *.mo
57
+ *.pot
58
+
59
+ # Django stuff:
60
+ *.log
61
+ local_settings.py
62
+ db.sqlite3
63
+ db.sqlite3-journal
64
+
65
+ # Flask stuff:
66
+ instance/
67
+ .webassets-cache
68
+
69
+ # Scrapy stuff:
70
+ .scrapy
71
+
72
+ # Sphinx documentation
73
+ docs/_build/
74
+
75
+ # PyBuilder
76
+ .pybuilder/
77
+ target/
78
+
79
+ # Jupyter Notebook
80
+ .ipynb_checkpoints
81
+
82
+ # IPython
83
+ profile_default/
84
+ ipython_config.py
85
+
86
+ # pyenv
87
+ # For a library or package, you might want to ignore these files since the code is
88
+ # intended to run in multiple environments; otherwise, check them in:
89
+ # .python-version
90
+
91
+ # pipenv
92
+ # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
93
+ # However, in case of collaboration, if having platform-specific dependencies or dependencies
94
+ # having no cross-platform support, pipenv may install dependencies that don't work, or not
95
+ # install all needed dependencies.
96
+ # Pipfile.lock
97
+
98
+ # UV
99
+ # Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
100
+ # This is especially recommended for binary packages to ensure reproducibility, and is more
101
+ # commonly ignored for libraries.
102
+ # uv.lock
103
+
104
+ # poetry
105
+ # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
106
+ # This is especially recommended for binary packages to ensure reproducibility, and is more
107
+ # commonly ignored for libraries.
108
+ # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
109
+ # poetry.lock
110
+ # poetry.toml
111
+
112
+ # pdm
113
+ # Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
114
+ # pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python.
115
+ # https://pdm-project.org/en/latest/usage/project/#working-with-version-control
116
+ # pdm.lock
117
+ # pdm.toml
118
+ .pdm-python
119
+ .pdm-build/
120
+
121
+ # pixi
122
+ # Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control.
123
+ # pixi.lock
124
+ # Pixi creates a virtual environment in the .pixi directory, just like venv module creates one
125
+ # in the .venv directory. It is recommended not to include this directory in version control.
126
+ .pixi
127
+
128
+ # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
129
+ __pypackages__/
130
+
131
+ # Celery stuff
132
+ celerybeat-schedule
133
+ celerybeat.pid
134
+
135
+ # Redis
136
+ *.rdb
137
+ *.aof
138
+ *.pid
139
+
140
+ # RabbitMQ
141
+ mnesia/
142
+ rabbitmq/
143
+ rabbitmq-data/
144
+
145
+ # ActiveMQ
146
+ activemq-data/
147
+
148
+ # SageMath parsed files
149
+ *.sage.py
150
+
151
+ # Environments
152
+ .env
153
+ .envrc
154
+ .venv
155
+ env/
156
+ venv/
157
+ ENV/
158
+ env.bak/
159
+ venv.bak/
160
+
161
+ # Spyder project settings
162
+ .spyderproject
163
+ .spyproject
164
+
165
+ # Rope project settings
166
+ .ropeproject
167
+
168
+ # mkdocs documentation
169
+ /site
170
+
171
+ # mypy
172
+ .mypy_cache/
173
+ .dmypy.json
174
+ dmypy.json
175
+
176
+ # Pyre type checker
177
+ .pyre/
178
+
179
+ # pytype static type analyzer
180
+ .pytype/
181
+
182
+ # Cython debug symbols
183
+ cython_debug/
184
+
185
+ # PyCharm
186
+ # JetBrains specific template is maintained in a separate JetBrains.gitignore that can
187
+ # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
188
+ # and can be added to the global gitignore or merged into this file. For a more nuclear
189
+ # option (not recommended) you can uncomment the following to ignore the entire idea folder.
190
+ # .idea/
191
+
192
+ # Abstra
193
+ # Abstra is an AI-powered process automation framework.
194
+ # Ignore directories containing user credentials, local state, and settings.
195
+ # Learn more at https://abstra.io/docs
196
+ .abstra/
197
+
198
+ # Visual Studio Code
199
+ # Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore
200
+ # that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
201
+ # and can be added to the global gitignore or merged into this file. However, if you prefer,
202
+ # you could uncomment the following to ignore the entire vscode folder
203
+ # .vscode/
204
+ # Temporary file for partial code execution
205
+ tempCodeRunnerFile.py
206
+
207
+ # Ruff stuff:
208
+ .ruff_cache/
209
+
210
+ # PyPI configuration file
211
+ .pypirc
212
+
213
+ # Marimo
214
+ marimo/_static/
215
+ marimo/_lsp/
216
+ __marimo__/
217
+
218
+ # Streamlit
219
+ .streamlit/secrets.toml
220
+ .idea
keynest-0.0.1/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 Matthew Martin
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
keynest-0.0.1/PKG-INFO ADDED
@@ -0,0 +1,135 @@
1
+ Metadata-Version: 2.4
2
+ Name: keynest
3
+ Version: 0.0.1
4
+ Summary: Developer secret workbench: a pure-Python keystore with GUI and CLI for OS keyring and AWS Secrets Manager
5
+ Project-URL: Repository, https://github.com/matthewdeanmartin/keynest
6
+ Project-URL: Documentation, https://keynest.readthedocs.io/en/latest/
7
+ Project-URL: Changelog, https://github.com/matthewdeanmartin/keynest/blob/main/CHANGELOG.md
8
+ Project-URL: homepage, https://github.com/matthewdeanmartin/keynest
9
+ Project-URL: issues, https://github.com/matthewdeanmartin/keynest/issues/
10
+ Author-email: Matthew Martin <matthewdeanmartin@gmail.com>
11
+ License-Expression: MIT
12
+ License-File: LICENSE
13
+ Keywords: aws,cli,credentials,developer-tools,gui,keyring,secrets,secrets-manager,tkinter,vault
14
+ Classifier: Development Status :: 3 - Alpha
15
+ Classifier: Intended Audience :: Developers
16
+ Classifier: License :: OSI Approved :: MIT License
17
+ Classifier: Operating System :: OS Independent
18
+ Classifier: Programming Language :: Python
19
+ Classifier: Programming Language :: Python :: 3.11
20
+ Classifier: Programming Language :: Python :: 3.12
21
+ Classifier: Programming Language :: Python :: 3.13
22
+ Classifier: Programming Language :: Python :: 3.14
23
+ Requires-Python: >=3.11
24
+ Requires-Dist: boto3>=1.34.0
25
+ Requires-Dist: keyring>=24.0.0
26
+ Description-Content-Type: text/markdown
27
+
28
+ # keynest
29
+
30
+ Developer keystore that is pipx-installable and supports the OS keychain / credential
31
+ manager and AWS Secrets Manager — with both a CLI and a Tkinter GUI.
32
+
33
+ keynest is a **developer secret workbench**. It helps a single developer stop scattering
34
+ secrets across Notepad, stray `.env` files, shell history, and repo-adjacent config. It
35
+ manages *secret maps* (JSON dictionaries of keys to values) in either the laptop OS secret
36
+ store (via Python [`keyring`](https://pypi.org/project/keyring/)) or
37
+ [AWS Secrets Manager](https://aws.amazon.com/secrets-manager/) (via `boto3`).
38
+
39
+ The guiding opinion: **make the safe path the easy path.** Instead of
40
+
41
+ ```bash
42
+ export DATABASE_PASSWORD=...
43
+ ```
44
+
45
+ prefer
46
+
47
+ ```bash
48
+ keynest run my-app -- python app.py
49
+ ```
50
+
51
+ See [spec/spec.md](spec/spec.md) for the full product specification.
52
+
53
+ ## Prior Art
54
+
55
+ [aws-vault](https://github.com/ByteNess/aws-vault) is the best prior art and is recommended
56
+ over this tool for the moment. The main advantage of keynest will be that it is pure Python
57
+ and ships a GUI. keynest also borrows patterns shamelessly from `chamber`, SOPS, KeePassXC,
58
+ and the developer-docs-as-a-feature approach of Infisical / Doppler / 1Password.
59
+
60
+ ## Installation
61
+
62
+ ```bash
63
+ pipx install keynest
64
+ ```
65
+
66
+ Or with pip:
67
+
68
+ ```bash
69
+ pip install keynest
70
+ ```
71
+
72
+ ## Usage
73
+
74
+ ```bash
75
+ keynest --help
76
+ ```
77
+
78
+ > Note: keynest is in early development. The CLI and GUI described in the
79
+ > [spec](spec/spec.md) are not yet implemented — the package scaffold and quality gates
80
+ > are in place first.
81
+
82
+ ## Contributing
83
+
84
+ See [CONTRIBUTING.md](docs/extending/CONTRIBUTING.md).
85
+
86
+ ## License
87
+
88
+ MIT — see [LICENSE](LICENSE).
89
+
90
+ ## Changelog
91
+
92
+ See [CHANGELOG.md](CHANGELOG.md).
93
+
94
+ ## Current implementation
95
+
96
+ The implementation has moved beyond the early scaffold note above: both the CLI and Tkinter GUI are available, with
97
+ OS-keyring and AWS Secrets Manager backends. The specification remains useful as product history, while the
98
+ [user documentation](docs/index.md) describes the behavior and limitations of the current code.
99
+
100
+ The preferred installation is an isolated global tool environment:
101
+
102
+ ```bash
103
+ uv tool install keynest
104
+ ```
105
+
106
+ or:
107
+
108
+ ```bash
109
+ pipx install keynest
110
+ ```
111
+
112
+ The install provides `keynest` and `keynest-gui`. Start with:
113
+
114
+ ```bash
115
+ keynest health
116
+ keynest --help
117
+ keynest-gui
118
+ ```
119
+
120
+ The recommended usage path injects a map only into a child process:
121
+
122
+ ```bash
123
+ keynest run my-app/dev -- python app.py
124
+ ```
125
+
126
+ See the [documentation home](docs/index.md), [concepts and storage](docs/concepts.md), dedicated
127
+ [CLI reference](docs/usage/cli.md), [GUI guide](docs/usage/gui.md), [AWS guide](docs/aws.md), and
128
+ [security model](docs/security.md).
129
+
130
+ On Windows, keynest does not enumerate Credential Manager. It uses Python `keyring` to request exact entries under
131
+ its own `DeveloperSecretWorkbench` service and keeps a separate non-secret index for listing. Windows itself has a
132
+ credential-enumeration API, but keynest does not call it; this is an implementation boundary, not protection from
133
+ other software running as your user. Consequently, unrelated credentials stored by other applications do not appear
134
+ in keynest. The [storage documentation](docs/concepts.md#why-keynest-cannot-see-your-other-windows-credentials) has the
135
+ full explanation.
@@ -0,0 +1,108 @@
1
+ # keynest
2
+
3
+ Developer keystore that is pipx-installable and supports the OS keychain / credential
4
+ manager and AWS Secrets Manager — with both a CLI and a Tkinter GUI.
5
+
6
+ keynest is a **developer secret workbench**. It helps a single developer stop scattering
7
+ secrets across Notepad, stray `.env` files, shell history, and repo-adjacent config. It
8
+ manages *secret maps* (JSON dictionaries of keys to values) in either the laptop OS secret
9
+ store (via Python [`keyring`](https://pypi.org/project/keyring/)) or
10
+ [AWS Secrets Manager](https://aws.amazon.com/secrets-manager/) (via `boto3`).
11
+
12
+ The guiding opinion: **make the safe path the easy path.** Instead of
13
+
14
+ ```bash
15
+ export DATABASE_PASSWORD=...
16
+ ```
17
+
18
+ prefer
19
+
20
+ ```bash
21
+ keynest run my-app -- python app.py
22
+ ```
23
+
24
+ See [spec/spec.md](spec/spec.md) for the full product specification.
25
+
26
+ ## Prior Art
27
+
28
+ [aws-vault](https://github.com/ByteNess/aws-vault) is the best prior art and is recommended
29
+ over this tool for the moment. The main advantage of keynest will be that it is pure Python
30
+ and ships a GUI. keynest also borrows patterns shamelessly from `chamber`, SOPS, KeePassXC,
31
+ and the developer-docs-as-a-feature approach of Infisical / Doppler / 1Password.
32
+
33
+ ## Installation
34
+
35
+ ```bash
36
+ pipx install keynest
37
+ ```
38
+
39
+ Or with pip:
40
+
41
+ ```bash
42
+ pip install keynest
43
+ ```
44
+
45
+ ## Usage
46
+
47
+ ```bash
48
+ keynest --help
49
+ ```
50
+
51
+ > Note: keynest is in early development. The CLI and GUI described in the
52
+ > [spec](spec/spec.md) are not yet implemented — the package scaffold and quality gates
53
+ > are in place first.
54
+
55
+ ## Contributing
56
+
57
+ See [CONTRIBUTING.md](docs/extending/CONTRIBUTING.md).
58
+
59
+ ## License
60
+
61
+ MIT — see [LICENSE](LICENSE).
62
+
63
+ ## Changelog
64
+
65
+ See [CHANGELOG.md](CHANGELOG.md).
66
+
67
+ ## Current implementation
68
+
69
+ The implementation has moved beyond the early scaffold note above: both the CLI and Tkinter GUI are available, with
70
+ OS-keyring and AWS Secrets Manager backends. The specification remains useful as product history, while the
71
+ [user documentation](docs/index.md) describes the behavior and limitations of the current code.
72
+
73
+ The preferred installation is an isolated global tool environment:
74
+
75
+ ```bash
76
+ uv tool install keynest
77
+ ```
78
+
79
+ or:
80
+
81
+ ```bash
82
+ pipx install keynest
83
+ ```
84
+
85
+ The install provides `keynest` and `keynest-gui`. Start with:
86
+
87
+ ```bash
88
+ keynest health
89
+ keynest --help
90
+ keynest-gui
91
+ ```
92
+
93
+ The recommended usage path injects a map only into a child process:
94
+
95
+ ```bash
96
+ keynest run my-app/dev -- python app.py
97
+ ```
98
+
99
+ See the [documentation home](docs/index.md), [concepts and storage](docs/concepts.md), dedicated
100
+ [CLI reference](docs/usage/cli.md), [GUI guide](docs/usage/gui.md), [AWS guide](docs/aws.md), and
101
+ [security model](docs/security.md).
102
+
103
+ On Windows, keynest does not enumerate Credential Manager. It uses Python `keyring` to request exact entries under
104
+ its own `DeveloperSecretWorkbench` service and keeps a separate non-secret index for listing. Windows itself has a
105
+ credential-enumeration API, but keynest does not call it; this is an implementation boundary, not protection from
106
+ other software running as your user. Consequently, unrelated credentials stored by other applications do not appear
107
+ in keynest. The [storage documentation](docs/concepts.md#why-keynest-cannot-see-your-other-windows-credentials) has the
108
+ full explanation.
@@ -0,0 +1,38 @@
1
+ """Metadata for keynest."""
2
+
3
+ __all__ = [
4
+ "__credits__",
5
+ "__dependencies__",
6
+ "__description__",
7
+ "__keywords__",
8
+ "__license__",
9
+ "__readme__",
10
+ "__requires_python__",
11
+ "__status__",
12
+ "__title__",
13
+ "__version__",
14
+ ]
15
+
16
+ __title__ = "keynest"
17
+ __version__ = "0.0.1"
18
+ __description__ = (
19
+ "Developer secret workbench: a pure-Python keystore with GUI and CLI for OS keyring and AWS Secrets Manager"
20
+ )
21
+ __readme__ = "README.md"
22
+ __credits__ = [{"name": "Matthew Martin", "email": "matthewdeanmartin@gmail.com"}]
23
+ __keywords__ = [
24
+ "secrets",
25
+ "keyring",
26
+ "aws",
27
+ "secrets-manager",
28
+ "credentials",
29
+ "vault",
30
+ "developer-tools",
31
+ "cli",
32
+ "gui",
33
+ "tkinter",
34
+ ]
35
+ __license__ = "MIT"
36
+ __requires_python__ = ">=3.11"
37
+ __status__ = "3 - Alpha"
38
+ __dependencies__ = ["keyring>=24.0.0", "boto3>=1.34.0"]
@@ -0,0 +1,5 @@
1
+ """Developer secret workbench: a pure-Python keystore with GUI and CLI for OS keyring and AWS Secrets Manager."""
2
+
3
+ from keynest.__about__ import __version__
4
+
5
+ __all__ = ["__version__"]
@@ -0,0 +1,6 @@
1
+ """Allows `python -m keynest` invocation."""
2
+
3
+ from keynest.cli import main
4
+
5
+ if __name__ == "__main__":
6
+ raise SystemExit(main())
@@ -0,0 +1,24 @@
1
+ """Tkinter application entry point for keynest.
2
+
3
+ Launch with ``python -m keynest.app`` or the ``keynest-gui`` console script.
4
+ """
5
+
6
+ from __future__ import annotations
7
+
8
+ import sys
9
+
10
+
11
+ def main() -> int:
12
+ """Launch the keynest GUI, returning a process exit code."""
13
+ try:
14
+ # Imported lazily so the CLI works even where tkinter is unavailable.
15
+ from keynest.ui.main_window import run # pylint: disable=import-outside-toplevel
16
+ except ImportError as exc: # pragma: no cover - tkinter missing on some builds
17
+ print(f"Could not start the GUI (is tkinter installed?): {exc}", file=sys.stderr)
18
+ return 1
19
+ run()
20
+ return 0
21
+
22
+
23
+ if __name__ == "__main__":
24
+ raise SystemExit(main())
@@ -0,0 +1 @@
1
+ """Storage backends for secret maps."""