Merge pull request #8 from Naxdy/work/misc-chores

Naxdy · web-flow · commit 0ed4fcb67b4e · 2025-07-04T20:16:10.000+02:00
treefmt, crate info
diff --git a/.github/workflows/publish-crate.yml b/.github/workflows/publish-crate.yml
@@ -25,4 +25,4 @@ jobs:
 
       - uses: katyo/publish-crates@v2
         with:
-            registry-token: ${{ secrets.CARGO_REGISTRY_TOKEN }}
+          registry-token: ${{ secrets.CARGO_REGISTRY_TOKEN }}
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,19 +1,25 @@
 [package]
+description = "Static encryption for string literals and binary data"
 name = "staticrypt"
+edition.workspace = true
+license.workspace = true
+repository.workspace = true
 version.workspace = true
-edition = "2024"
-license = "MIT"
-description = "Static encryption for string literals and binary data"
+authors.workspace = true
 
 [workspace]
 members = [".", "macros", "testbin"]
 
 [workspace.package]
-version = "1.1.0"
+edition = "2024"
+license = "MIT"
+repository = "https://github.com/Naxdy/staticrypt"
+version = "1.1.1"
+authors = ["Naxdy <naxdy@naxdy.org>"]
 
 [workspace.dependencies]
 aes-gcm = "0.10.3"
 
 [dependencies]
 aes-gcm.workspace = true
-staticrypt_macros = { version = "1.1.0", path = "macros" }
+staticrypt_macros = { version = "1.1.1", path = "macros" }
diff --git a/README.md b/README.md
@@ -1,50 +1,50 @@
- # Staticrypt
+# Staticrypt
 
- The name is an abbreviation of "Static Encryption" - a Rust proc macro libary to encrypt text
- literals or binary data using AES-256.
+The name is an abbreviation of "Static Encryption" - a Rust proc macro library to encrypt text
+literals or binary data using AES-256.
 
- The crate is intended to be a successor to [`litcrypt`](https://docs.rs/litcrypt/latest/litcrypt/),
- and expand on the overall idea of the library.
+The crate is intended to be a successor to [`litcrypt`](https://docs.rs/litcrypt/latest/litcrypt/),
+and expand on the overall idea of the library.
 
- Like litcrypt, staticrypt works by encrypting the given data at compile time. In its place, it
- leaves the encrypted contents and a 96 bit nonce (unique for every encrypted item), protecting
- your data from static analysis tools.
+Like litcrypt, staticrypt works by encrypting the given data at compile time. In its place, it
+leaves the encrypted contents and a 96 bit nonce (unique for every encrypted item), protecting
+your data from static analysis tools.
 
- In contrast to to litcrypt's `lc`, staticrypt's `sc` supports all valid Rust string literals,
- including those with escape sequences, unicode characters, etc.
+In contrast to to litcrypt's `lc`, staticrypt's `sc` supports all valid Rust string literals,
+including those with escape sequences, unicode characters, etc.
 
- To initialize staticrypt in a crate, the `use_staticrypt` macro needs to be called first. See
- its doc page for more info on initial setup.
+To initialize staticrypt in a crate, the `use_staticrypt` macro needs to be called first. See
+its doc page for more info on initial setup.
 
- ## Example
+## Example
 
- ```rust
- use staticrypt::*;
+```rust
+use staticrypt::*;
 
- // Needs to be present at the root of the crate.
- use_staticrypt!();
+// Needs to be present at the root of the crate.
+use_staticrypt!();
 
- fn main() {
-     // Protect sensitive information from static analysis / tampering
-     println!("The meaning of life is {}", sc!("42"));
- }
- ```
+fn main() {
+    // Protect sensitive information from static analysis / tampering
+    println!("The meaning of life is {}", sc!("42"));
+}
+```
 
- Everything inside the `sc` macro will be encrypted at compile time. You can verify that none
- of the strings are present in cleartext using something like `strings`:
+Everything inside the `sc` macro will be encrypted at compile time. You can verify that none
+of the strings are present in cleartext using something like `strings`:
 
- ```shell
- strings target/debug/my_app | grep 42
- ```
+```shell
+strings target/debug/my_app | grep 42
+```
 
- If the output is blank / does not contain the string you are looking for, then your app is safe
- from static analysis tools.
+If the output is blank / does not contain the string you are looking for, then your app is safe
+from static analysis tools.
 
- ## DISCLAIMER
+## DISCLAIMER
 
- Although using tools like staticrypt makes it very difficult for attackers to view or alter
- your data, it does _not_ make it impossible. You should develop your programs with the
- assumption that a sufficiently determined attacker will be able to reverse engineer your
- encryption and gain access to any data present in your binary, so it is **highly discouraged** to
- use this crate to embed sensitive information like API keys, passwords, private keys etc. in your
- application.
+Although using tools like staticrypt makes it very difficult for attackers to view or alter
+your data, it does _not_ make it impossible. You should develop your programs with the
+assumption that a sufficiently determined attacker will be able to reverse engineer your
+encryption and gain access to any data present in your binary, so it is **highly discouraged** to
+use this crate to embed sensitive information like API keys, passwords, private keys etc. in your
+application.
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -7,6 +7,8 @@
     crane.url = "github:ipetkov/crane";
 
     fenix.url = "github:nix-community/fenix";
+
+    treefmt-nix.url = "github:numtide/treefmt-nix";
   };
 
   outputs =
@@ -15,12 +17,16 @@
       nixpkgs,
       crane,
       fenix,
+      treefmt-nix,
     }:
     let
       supportedSystems = [
         "x86_64-linux"
         "aarch64-linux"
+        "x86_64-darwin"
+        "aarch64-darwin"
       ];
+
       forEachSupportedSystem =
         f:
         nixpkgs.lib.genAttrs supportedSystems (
@@ -54,25 +60,43 @@
             };
 
             cargoArtifacts = craneLib.buildDepsOnly craneArgs;
+
+            cargoToml = builtins.fromTOML (builtins.readFile ./Cargo.toml);
+
+            treefmtEval = treefmt-nix.lib.evalModule pkgs (
+              import ./treefmt.nix { inherit rustToolchain cargoToml; }
+            );
+
+            treefmt = treefmtEval.config.build.wrapper;
           in
           f {
             inherit
-              pkgs
-              rustToolchain
-              craneLib
               cargoArtifacts
               craneArgs
+              craneLib
+              pkgs
+              rustToolchain
+              treefmt
+              treefmtEval
               ;
           }
         );
     in
     {
+      formatter = forEachSupportedSystem ({ treefmt, ... }: treefmt);
+
       devShells = forEachSupportedSystem (
-        { pkgs, rustToolchain, ... }:
+        {
+          pkgs,
+          rustToolchain,
+          treefmt,
+          ...
+        }:
         {
           default = pkgs.mkShell {
             nativeBuildInputs = [
               rustToolchain
+              treefmt
             ];
 
             STATICRYPT_SEED = "01234567890123456789012345678901";
@@ -86,9 +110,12 @@
           craneLib,
           cargoArtifacts,
           craneArgs,
+          treefmtEval,
           ...
         }:
         {
+          treefmt = treefmtEval.config.build.check self;
+
           cargoDoc = craneLib.cargoDoc (craneArgs // { inherit cargoArtifacts; });
 
           cargoTest = craneLib.cargoTest (
diff --git a/macros/Cargo.toml b/macros/Cargo.toml
@@ -1,9 +1,11 @@
 [package]
 name = "staticrypt_macros"
-version.workspace = true
-edition = "2024"
-license = "MIT"
 description = "Macros for the `staticrypt` crate"
+edition.workspace = true
+license.workspace = true
+repository.workspace = true
+version.workspace = true
+authors.workspace = true
 
 [lib]
 proc-macro = true
diff --git a/src/lib.rs b/src/lib.rs
@@ -1,6 +1,6 @@
 //! # Staticrypt
 //!
-//! The name is an abbreviation of "Static Encryption" - a Rust proc macro libary to encrypt text
+//! The name is an abbreviation of "Static Encryption" - a Rust proc macro library to encrypt text
 //! literals or binary data using [`Aes256Gcm`].
 //!
 //! The crate is intended to be a successor to the [`litcrypt`](https://docs.rs/litcrypt/latest/litcrypt/),
diff --git a/testbin/Cargo.toml b/testbin/Cargo.toml
@@ -1,7 +1,10 @@
 [package]
 name = "staticrypt_testbin"
 version.workspace = true
-edition = "2024"
+edition.workspace = true
+repository.workspace = true
+license.workspace = true
+authors.workspace = true
 publish = false
 
 [dependencies]
diff --git a/treefmt.nix b/treefmt.nix
@@ -0,0 +1,36 @@
+{ rustToolchain, cargoToml }:
+{ pkgs, ... }:
+{
+  # rust
+  programs.rustfmt = {
+    enable = true;
+    package = rustToolchain;
+    edition = cargoToml.workspace.package.edition or cargoToml.package.edition;
+  };
+
+  # nix
+  programs.nixfmt.enable = true;
+
+  # toml
+  programs.taplo.enable = true;
+
+  # markdown, yaml, etc.
+  programs.prettier = {
+    enable = true;
+    settings = {
+      trailingComma = "all";
+      semi = true;
+      printWidth = 120;
+      singleQuote = true;
+    };
+  };
+
+  programs.typos = {
+    enable = true;
+    includes = [
+      "*.rs"
+      "*.md"
+      "*.yml"
+    ];
+  };
+}
