Naru (naru-config) is an industrial-grade, security-first configuration engine. Built with Rust 2021 edition, it provides a tamper-evident, schema-enforced ecosystem for managing application secrets and environment variables in high-stakes production environments.
Explore Documentation β’ Report an Issue β’ Request a Feature
| Feature | Description |
|---|---|
| Zero-Trust Encryption | All sensitive data is protected by AES-256-GCM with SHA-256 key derivation. |
| Immutable Audit Trail | Every mutation is cryptographically signed and chained, creating a tamper-evident history. |
| Industrial Validation | Enforce strict types, numeric ranges, and Regex patterns before data ever leaves the CLI. |
| Atomic & Thread-Safe | OS-level advisory locking ensures zero data corruption during concurrent operations. |
| Modern Interop | Native handling of .env, YAML, JSON, and TOML with intelligent merging logic. |
| Battle-Tested | 264+ automated tests including penetration testing and security analysis. |
From crates.io:
cargo install naru-configFrom source:
git clone https://github.com/Luvion1/naru.git
cd naru
cargo build --release --locked
sudo cp target/release/naru /usr/local/bin/export NARU_ENCRYPTION_KEY="your-strong-master-password"
naru init# Define the validation rule
naru schema add --key STRIPE_KEY --type string --secret --pattern "^sk_live_.*$"
# Set the value (automatically encrypted and validated)
naru set STRIPE_KEY=sk_live_51Pq... --env productionNaru follows a Clean Architecture pattern, isolating its cryptographic core from external I/O.
src/core: The Stateless Engine. Pure business logic, validation, and crypto.src/cli: The Interface. High-performance command parsing and TUI.src/persistence: The Safe. Atomic file operations and OS-level locking.
Naru includes a comprehensive testing suite with 257+ automated tests:
# Run all tests
cargo test
# Run penetration tests
cargo test penetration_tests
# Run security analysis
cargo test deep_security_tests
# Run with output
cargo test -- --nocapture- β Penetration Tests - 8 exploit scenarios (race conditions, path traversal, injection)
- β Security Tests - Encryption, validation, audit integrity
- β Deep Security Analysis - DoS, timing attacks, information leaks
- β Integration Tests - End-to-end workflow validation
We believe in open security. Check our Contributing Guide to see how you can help strengthen the Naru ecosystem.
Developed with precision for the security-conscious engineer.
Released under the MIT License.