WingNews logo WingNews
top | item 45725200

(no title)

domenkozar | 4 months ago

Look at the problem statement, it's exactly the same. When I designed secretspec, I researched the space and no other tool approached secrets in such a way.

Syntax of toml is almost identical, the CLI as well.

It even has the same vocabulary.

I didn't dig deeper though, but I'd be surprised not to find more :)

discuss

order

kstrauser|4 months ago

I almost feel like we're looking at different things. From secretspec[0]:

  [project]
  name = "web-api"
  revision = "2.1.0"
  extends = ["../shared/base", "../shared/auth"]
  
  [profiles.default]
  # Inherits DATABASE_URL, LOG_LEVEL from base
  # Inherits JWT_SECRET, SESSION_SECRET from auth
  # Service-specific additions:
  STRIPE_API_KEY = { description = "Stripe payment API", required = true }
  REDIS_URL = { description = "Redis cache connection", required = true }
  PORT = { description = "Server port", required = false, default = "3000" }
From fnox[1]:

  [secrets.DATABASE_URL]
  provider = "onepass"
  value = "Database"  # ← Item name in 1Password (fetches 'password' field)
  
  [secrets.DB_USERNAME]
  provider = "onepass"
  value = "Database/username"  # ← Specific field
  
  [secrets.API_KEY]
  provider = "onepass"
  value = "op://Development/API Keys/credential"  # ←
Is the similarity that they both refer to providers (as did Terraform and countless other config tools before it)? Or profiles (like aws-cli and countless other config tools before it)? Because other than that, I'm not really seeing it. And if I hadn't seen either of these, and my boss ordered me to implement something like them, I almost guarantee I'd use similar names for things because those are the common terms for them in industry.

Honestly, I'm not invested in either of these. They both look nifty, but I couldn't personally care less if either (or both or neither) of these catch on and become standards. I'm only commenting here because your statement here and on the linked discussion[2] ("it's almost a verbatim copy") seems incredibly aggressive, and to me, quite offputting. They don't look alike at all to me, other than that they both aim to do similar things and thus will have some natural overlap in terminology.

[0]https://secretspec.dev/concepts/declarative/

[1]https://github.com/jdx/fnox

[2]https://github.com/jdx/mise/discussions/6779#discussioncomme...

domenkozar|4 months ago

[deleted]

KingMob|4 months ago

I don't see it, and like the other commenters, it seems like the design space is just constrained enough that the projects would have to have some similarities.

Regardless, if you think you're being copied, just copy right back. I suggest imitating the DX.

As someone who tried devenv (and nix-darwin for a while), before eventually returning to homebrew and mise, I really wanted to like it, but the nix complexity kept leaking out.

Mise does maybe 80% of what I did with devenv, but at only 1% of the hassle.