toru-vault 0.1.4__py3-none-any.whl → 0.3.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. toru_vault/__init__.py +1 -0
  2. toru_vault/__main__.py +29 -6
  3. toru_vault/in_env.py +173 -0
  4. toru_vault/in_memory.py +379 -0
  5. toru_vault/lazy_dict.py +10 -15
  6. toru_vault/vault.py +110 -424
  7. {toru_vault-0.1.4.dist-info → toru_vault-0.3.0.dist-info}/METADATA +19 -9
  8. toru_vault-0.3.0.dist-info/RECORD +13 -0
  9. {toru_vault-0.1.4.dist-info → toru_vault-0.3.0.dist-info}/WHEEL +1 -1
  10. toru_vault-0.1.4.dist-info/RECORD +0 -11
  11. {toru_vault-0.1.4.dist-info → toru_vault-0.3.0.dist-info}/entry_points.txt +0 -0
  12. {toru_vault-0.1.4.dist-info → toru_vault-0.3.0.dist-info}/licenses/LICENSE +0 -0
  13. {toru_vault-0.1.4.dist-info → toru_vault-0.3.0.dist-info}/top_level.txt +0 -0
{toru_vault-0.1.4.dist-info → toru_vault-0.3.0.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: toru-vault
3
- Version: 0.1.4
3
+ Version: 0.3.0
4
4
  Summary: ToruVault: A simple Python package for managing Bitwarden secrets
5
5
  Author: Toru AI
6
6
  Author-email: ToruAI <mpaszynski@toruai.com>
@@ -28,7 +28,7 @@ Dynamic: requires-python
28
28
  A simple Python package for managing Bitwarden secrets with enhanced security.
29
29
 
30
30
 
31
- ![Version](https://img.shields.io/badge/version-1.0.0-blue)
31
+ ![Version](https://img.shields.io/badge/version-0.3.0-blue)
32
32
  ![Python](https://img.shields.io/badge/python-3.10%2B-blue)
33
33
  ![License](https://img.shields.io/badge/license-MIT-green)
34
34
 
@@ -37,8 +37,8 @@ A simple Python package for managing Bitwarden secrets with enhanced security.
37
37
  - Load secrets from Bitwarden Secret Manager into environment variables
38
38
  - Get secrets as a Python dictionary
39
39
  - Filter secrets by project ID
40
- - Secure in-memory caching with encryption
41
- - Automatic cache expiration (5 minutes)
40
+ - JIT decryption of individual secrets
41
+ - No persistent caching of decrypted values
42
42
  - Secure file permissions for state storage
43
43
  - Machine-specific secret protection
44
44
  - Secure credential storage using OS keyring
@@ -118,6 +118,7 @@ Alternatively, you can set the following environment variables:
118
118
  - `BWS_TOKEN`: Your Bitwarden access token
119
119
  - `ORGANIZATION_ID`: Your Bitwarden organization ID
120
120
  - `STATE_FILE`: Path to the state file (must be in an existing directory)
121
+ - `PROJECT_ID` (optional): Your Bitwarden project ID to filter secrets
121
122
  - `API_URL` (optional): Defaults to "https://api.bitwarden.com"
122
123
  - `IDENTITY_URL` (optional): Defaults to "https://identity.bitwarden.com"
123
124
 
@@ -159,6 +160,11 @@ print(os.environ.get("SECRET_NAME"))
159
160
  # Load secrets for a specific project
160
161
  vault.env_load(project_id="your-project-id")
161
162
 
163
+ # Alternatively, set PROJECT_ID environment variable and call without parameter
164
+ # export PROJECT_ID="your-project-id" # Linux/macOS
165
+ # set PROJECT_ID=your-project-id # Windows
166
+ vault.env_load() # Will use PROJECT_ID from environment
167
+
162
168
  # Override existing environment variables (default: False)
163
169
  vault.env_load(override=True)
164
170
  ```
@@ -178,6 +184,11 @@ secrets = vault.get(refresh=True)
178
184
  # Get secrets for a specific project
179
185
  secrets = vault.get(project_id="your-project-id")
180
186
 
187
+ # Alternatively, set PROJECT_ID environment variable and call without parameter
188
+ # export PROJECT_ID="your-project-id" # Linux/macOS
189
+ # set PROJECT_ID=your-project-id # Windows
190
+ secrets = vault.get() # Will use PROJECT_ID from environment
191
+
181
192
  # Use in-memory encryption instead of system keyring
182
193
  secrets = vault.get(use_keyring=False)
183
194
  ```
@@ -199,11 +210,10 @@ vault.env_load_all(override=True)
199
210
  The vault package includes several security enhancements:
200
211
 
201
212
  1. **OS Keyring Integration**: Securely stores BWS_TOKEN, ORGANIZATION_ID, and STATE_FILE in your OS keyring
202
- 2. **Memory Protection**: Secrets are encrypted in memory using Fernet encryption (AES-128)
203
- 3. **Lazy Decryption**: Secrets are only decrypted when explicitly accessed
204
- 4. **Cache Expiration**: Cached secrets expire after 5 minutes by default
205
- 5. **Secure File Permissions**: Sets secure permissions on state files
206
- 6. **Machine-Specific Encryption**: Uses machine-specific identifiers for encryption keys
213
+ 2. **Memory Protection**: Secrets are individually encrypted in memory using Fernet encryption (AES-128)
214
+ 3. **JIT Decryption**: Secrets are only decrypted when explicitly accessed and never stored in decrypted form
215
+ 4. **Secure File Permissions**: Sets secure permissions on state files
216
+ 5. **Machine-Specific Encryption**: Uses machine-specific identifiers for encryption keys
207
217
  7. **Cache Clearing**: Automatically clears secret cache on program exit
208
218
  8. **Environment Variable Protection**: Doesn't override existing environment variables by default
209
219
  9. **Secure Key Derivation**: Uses PBKDF2 with SHA-256 for key derivation
toru_vault-0.3.0.dist-info/RECORD ADDED
@@ -0,0 +1,13 @@
1
+ toru_vault/__init__.py,sha256=cuJbupbncEeVdqwab-yn1AYh7WidavXkTmKXFbIGzak,199
2
+ toru_vault/__main__.py,sha256=K7r3qU55avI0n9k2PpOME8LYJTTpAzkkKa2Ytq78Nqo,7245
3
+ toru_vault/in_env.py,sha256=cr-Md7YODsRgeebPrzMcRsvojmVH4Mb-cmsUWFcj64k,6253
4
+ toru_vault/in_memory.py,sha256=Xt9F_a3it-SQ9f2lMdvO0e4aCkrcZR6bUujuMKHABS0,13608
5
+ toru_vault/lazy_dict.py,sha256=VRJAP-3SSk09GZh4le69kmHCoPzNOmP2ewWEEG5po6g,3054
6
+ toru_vault/py.typed,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
7
+ toru_vault/vault.py,sha256=10FVC6kV-IU9p5ptYG48hyrloC_cI75dTALN3tpnGBY,9361
8
+ toru_vault-0.3.0.dist-info/licenses/LICENSE,sha256=TbuuchABSutbmmaI1M232F22GsaI88_hwEvto5w_Ux4,1063
9
+ toru_vault-0.3.0.dist-info/METADATA,sha256=Bso1OVGlp25FVExkRkNQgJJSn1ZxMss6HRzu5WuI9N8,8683
10
+ toru_vault-0.3.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
11
+ toru_vault-0.3.0.dist-info/entry_points.txt,sha256=dfqkbNftpmAv0iKzVgdkjymkCfj3TwzUrQm2PO7Xgxs,56
12
+ toru_vault-0.3.0.dist-info/top_level.txt,sha256=c9ulQ18kKs3HbkI5oeoLmnFTknjC0rY1BwsNLJKDua8,11
13
+ toru_vault-0.3.0.dist-info/RECORD,,
{toru_vault-0.1.4.dist-info → toru_vault-0.3.0.dist-info}/WHEEL RENAMED
@@ -1,5 +1,5 @@
1
1
  Wheel-Version: 1.0
2
- Generator: setuptools (80.7.1)
2
+ Generator: setuptools (80.9.0)
3
3
  Root-Is-Purelib: true
4
4
  Tag: py3-none-any
5
5
 
toru_vault-0.1.4.dist-info/RECORD DELETED
@@ -1,11 +0,0 @@
1
- toru_vault/__init__.py,sha256=Co9SSa9gFFTME0YcMzA1vEqJxs045-0kYfdP9GxGasU,177
2
- toru_vault/__main__.py,sha256=C7_IR95L9yMpwx_Nj31lQDnA9q9bo56j7lk1s6aoL9I,6729
3
- toru_vault/lazy_dict.py,sha256=OZVD-VYQHFRzMw1dOPXpagnddAJNNCZKtcdmTiio4lk,3232
4
- toru_vault/py.typed,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
5
- toru_vault/vault.py,sha256=Mrkhf2AXoEIwMNj4N8psO-sga1E_XtHhKiTm_haS_nE,20551
6
- toru_vault-0.1.4.dist-info/licenses/LICENSE,sha256=TbuuchABSutbmmaI1M232F22GsaI88_hwEvto5w_Ux4,1063
7
- toru_vault-0.1.4.dist-info/METADATA,sha256=JDfnAJi-KJDJgyQH9flVQff6abGa8eCRmF5ezzxfyAM,8159
8
- toru_vault-0.1.4.dist-info/WHEEL,sha256=Nw36Djuh_5VDukK0H78QzOX-_FQEo6V37m3nkm96gtU,91
9
- toru_vault-0.1.4.dist-info/entry_points.txt,sha256=dfqkbNftpmAv0iKzVgdkjymkCfj3TwzUrQm2PO7Xgxs,56
10
- toru_vault-0.1.4.dist-info/top_level.txt,sha256=c9ulQ18kKs3HbkI5oeoLmnFTknjC0rY1BwsNLJKDua8,11
11
- toru_vault-0.1.4.dist-info/RECORD,,