Skip to content

Luvion1/naru

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

46 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

Naru Logo

πŸ›‘οΈ Naru

Securing the Backbone of Modern Applications

Rust 2021 AES-256-GCM Audit Chained Tests License

Naru (naru-config) is an industrial-grade, security-first configuration engine. Built with Rust 2021 edition, it provides a tamper-evident, schema-enforced ecosystem for managing application secrets and environment variables in high-stakes production environments.

Explore Documentation β€’ Report an Issue β€’ Request a Feature


πŸ”₯ Why Naru?

Feature Description
Zero-Trust Encryption All sensitive data is protected by AES-256-GCM with SHA-256 key derivation.
Immutable Audit Trail Every mutation is cryptographically signed and chained, creating a tamper-evident history.
Industrial Validation Enforce strict types, numeric ranges, and Regex patterns before data ever leaves the CLI.
Atomic & Thread-Safe OS-level advisory locking ensures zero data corruption during concurrent operations.
Modern Interop Native handling of .env, YAML, JSON, and TOML with intelligent merging logic.
Battle-Tested 264+ automated tests including penetration testing and security analysis.

πŸš€ Getting Started in 3 Steps

1. Installation

From crates.io:

cargo install naru-config

From source:

git clone https://github.com/Luvion1/naru.git
cd naru
cargo build --release --locked
sudo cp target/release/naru /usr/local/bin/

2. Initialize your Vault

export NARU_ENCRYPTION_KEY="your-strong-master-password"
naru init

3. Secure a Configuration

# Define the validation rule
naru schema add --key STRIPE_KEY --type string --secret --pattern "^sk_live_.*$"

# Set the value (automatically encrypted and validated)
naru set STRIPE_KEY=sk_live_51Pq... --env production

πŸ›οΈ Architecture at a Glance

Naru follows a Clean Architecture pattern, isolating its cryptographic core from external I/O.

  • src/core: The Stateless Engine. Pure business logic, validation, and crypto.
  • src/cli: The Interface. High-performance command parsing and TUI.
  • src/persistence: The Safe. Atomic file operations and OS-level locking.

πŸ§ͺ Testing & Development

Naru includes a comprehensive testing suite with 257+ automated tests:

# Run all tests
cargo test

# Run penetration tests
cargo test penetration_tests

# Run security analysis
cargo test deep_security_tests

# Run with output
cargo test -- --nocapture

Test Coverage

  • βœ… Penetration Tests - 8 exploit scenarios (race conditions, path traversal, injection)
  • βœ… Security Tests - Encryption, validation, audit integrity
  • βœ… Deep Security Analysis - DoS, timing attacks, information leaks
  • βœ… Integration Tests - End-to-end workflow validation

🀝 Contributing

We believe in open security. Check our Contributing Guide to see how you can help strengthen the Naru ecosystem.


Developed with precision for the security-conscious engineer.
Released under the MIT License.

About

πŸ›‘οΈ High-performance, security-first CLI tool for structured and schema-aware application configuration management.

Topics

Resources

License

Code of conduct

Contributing

Security policy

Stars

1 star

Watchers

1 watching

Forks

Packages

 
 
 

Contributors

Languages