github jdx/fnox v1.13.0
v1.13.0: JSON secrets and comment-preserving config edits
on GitHub

6 hours ago

This release adds native JSON secret extraction and fixes an annoying issue where fnox import and fnox remove would strip comments from your config files.

Highlights

  • JSON secrets: Extract individual fields from JSON-formatted secrets using json_path, eliminating the need for jq workarounds.
  • Comment preservation: All config-modifying commands now preserve your TOML comments and formatting.

Added

JSON path extraction for secrets (#247) -- Thanks @halms!

Many secret managers (particularly AWS Secrets Manager) store secrets as JSON blobs. Previously, extracting individual fields required piping through jq, which didn't work with fnox exec or shell integration. The new json_path option extracts a specific field from a JSON secret at resolve time: 

[secrets]
DB_PASS = { provider = "aws", value = "db-credentials", json_path = "password" }
DB_HOST = { provider = "aws", value = "db-config", json_path = "database.host" }

Supports dot notation for nested paths and escaped dots (\.) for keys containing literal dots. Works with all providers, default values, environment variable fallbacks, and the as_file option.

Fixed

fnox import and fnox remove now preserve TOML comments (#268)

Previously, both commands re-serialized the entire config from the internal Rust struct, destroying all comments, custom formatting, and whitespace. They now edit the TOML document AST directly (the same approach fnox set already used), so your comments stay intact. All config-modifying commands now preserve formatting:

Command Status
fnox set Already preserved
fnox edit Already preserved
fnox import Fixed in this release
fnox remove Fixed in this release

KeePass provider compatibility (#286)

Updated the KeePass provider to work with the keepass crate 0.8.21 API, which changed how database entries and groups are traversed.

Documentation

  • Fixed incorrect cd . reload instructions in shell integration docs -- the shell hook auto-detects config changes on each prompt, so no manual reload is needed (#265)
  • Fixed env-specific config example in mise integration guide to use separate mise.{env}.toml files instead of inline sections (#267)

New Contributors

Full Changelog: v1.12.1...v1.13.0

Check out latest releases or
releases around jdx/fnox v1.13.0

Don't miss a new fnox release

NewReleases is sending notifications on new releases.

Get notifications