Add cloaking support for variable values

[erickgnavar]

Using a custom variable we can define if we want to cloak variable values at startup, also this feature can be toggle using envrc-toggle-cloak

Demo

[purcell]

Thanks. I can see you're eliding some env vars that contain secrets, but what's actually the rationale here? Presumably they would have come from a plain file (or process output) on your own system anyway. Maybe this is the perfect solution, but I'd love to understand the problem.

[erickgnavar]

Thanks. I can see you're eliding some env vars that contain secrets, but what's actually the rationale here? Presumably they would have come from a plain file (or process output) on your own system anyway. Maybe this is the perfect solution, but I'd love to understand the problem.

The point is to have a way to hide these values when we open this file when we are screen sharing, that's happened to me a few days ago while streaming 😅, if we configure envrc-cloak-vars-at-startup to t anytime we open this file all the sensitive credentials will be hidden.

[purcell]

that's happened to me a few days ago while streaming

Yikes, okay, that's kinda what I guessed. It's good to hear explicitly.

So in that case, my first thought is that there should be something for these use cases already: and indeed, something like https://github.com/juergenhoetzel/password-mode looks ideal. The tricky thing would be finding the right way to trigger enabling that minor mode: it might be that the *envrc* buffer should have its own major mode, then you could use add-hook to enable password-mode in envrc-status-mode or similar. What do you think?

[purcell]

There's also the hidepw package. That looks more likely to succeed. I'll try it out.

[purcell]

Hmm, actually I was thinking about the *envrc* output buffers, but I see you're more concerned about envrc-file-mode. There I think that hidepw or password-mode should work nicely.

[erickgnavar]

Thanks for the suggestions, I got the same result using hidepw. Didn't know about this package, I should have done a better research instead of implementing it from scratch 😅

This is the code if someone wants to use it

(use-package hidepw
  :ensure t
  :mode (("\\.envrc\\'" . hidepw-mode))
  :custom
  ;; envrc value pattern
  (hidepw-patterns '("[a-zA-Z0-9_]+[ \t]*=[ \t]*\\(.*+\\)$"))
  (hidepw-mask "🙈🙈🙈")
  :bind (:map envrc-mode-map
              ("C-c C-h" . 'hidepw-mode)))

[purcell]

Ah great, the monkey emoji are a nice touch!