Metadata-Version: 2.4
Name: pacli-tool
Version: 1.4.3
Summary: A secure CLI to manage secrets locally with encryption, master password, and clipboard support.
Author-email: Mobarak Hosen Shakil <mh.ice.iu@gmail.com>
License-Expression: MIT
Project-URL: Homepage, https://github.com/imshakil/pacli
Project-URL: Issues, https://github.com/imshakil/pacli/issues
Keywords: cli,secrets,encryption,password,token,clipboard,security
Classifier: Programming Language :: Python :: 3
Classifier: Operating System :: OS Independent
Classifier: Environment :: Console
Classifier: Intended Audience :: End Users/Desktop
Classifier: Topic :: Security :: Cryptography
Classifier: Topic :: Utilities
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: cryptography==46.0.7
Requires-Dist: click==8.2.1
Requires-Dist: requests==2.33.1
Requires-Dist: pyperclip==1.9.0
Requires-Dist: flask==3.1.3
Requires-Dist: flask-socketio==5.6.1
Requires-Dist: paramiko==4.0.0
Requires-Dist: python-socketio==5.16.1
Requires-Dist: backports-tarfile==1.2.0
Requires-Dist: bcrypt==5.0.0
Requires-Dist: bidict==0.23.1
Requires-Dist: blinker==1.9.0
Requires-Dist: boolean-py==5.0
Requires-Dist: build==1.4.3
Requires-Dist: cachecontrol==0.14.4
Requires-Dist: certifi==2025.8.3
Requires-Dist: cffi==2.0.0
Requires-Dist: charset-normalizer==3.4.3
Requires-Dist: cyclonedx-python-lib==11.7.0
Requires-Dist: defusedxml==0.7.1
Requires-Dist: docutils==0.22.4
Requires-Dist: filelock==3.29.0
Requires-Dist: h11==0.16.0
Requires-Dist: id==1.6.1
Requires-Dist: idna==3.10
Requires-Dist: importlib-metadata==9.0.0
Requires-Dist: invoke==3.0.3
Requires-Dist: itsdangerous==2.2.0
Requires-Dist: jaraco-classes==3.4.0
Requires-Dist: jaraco-context==6.1.2
Requires-Dist: jaraco-functools==4.4.0
Requires-Dist: jinja2==3.1.6
Requires-Dist: keyring==25.7.0
Requires-Dist: license-expression==30.4.4
Requires-Dist: markdown-it-py==4.0.0
Requires-Dist: markupsafe==3.0.3
Requires-Dist: mdurl==0.1.2
Requires-Dist: more-itertools==11.0.2
Requires-Dist: msgpack==1.1.2
Requires-Dist: nh3==0.3.4
Requires-Dist: packageurl-python==0.17.6
Requires-Dist: packaging==26.1
Requires-Dist: pip-api==0.0.34
Requires-Dist: pip-requirements-parser==32.0.1
Requires-Dist: pip-audit==2.10.0
Requires-Dist: platformdirs==4.9.6
Requires-Dist: py-serializable==2.1.0
Requires-Dist: pycparser==2.22
Requires-Dist: pygments==2.20.0
Requires-Dist: pynacl==1.6.2
Requires-Dist: pyparsing==3.3.2
Requires-Dist: pyproject-hooks==1.2.0
Requires-Dist: python-engineio==4.13.1
Requires-Dist: readme-renderer==44.0
Requires-Dist: requests-toolbelt==1.0.0
Requires-Dist: rfc3986==2.0.0
Requires-Dist: rich==15.0.0
Requires-Dist: simple-websocket==1.1.0
Requires-Dist: sortedcontainers==2.4.0
Requires-Dist: tomli==2.4.1
Requires-Dist: tomli-w==1.2.0
Requires-Dist: twine==6.2.0
Requires-Dist: typing-extensions==4.15.0
Requires-Dist: urllib3==2.6.3
Requires-Dist: werkzeug==3.1.6
Requires-Dist: wsproto==1.3.2
Requires-Dist: zipp==3.23.1
Dynamic: license-file

# 🔐 pacli - Secrets Management CLI

___

![pacli-logo](https://github.com/user-attachments/assets/742d776d-107a-495e-8bcf-5f68f25a087f)
[![Build Status](https://github.com/imshakil/pacli/actions/workflows/release.yml/badge.svg)](https://github.com/imshakil/pacli/actions)
[![pre-commit.ci status](https://results.pre-commit.ci/badge/github/imShakil/pacli/main.svg)](https://results.pre-commit.ci/latest/github/imShakil/pacli/main)
[![PyPI version](https://img.shields.io/pypi/v/pacli-tool.svg)](https://pypi.org/project/pacli-tool/)
[![PyPI Downloads](https://img.shields.io/pepy/dt/pacli-tool?style=flat)](https://pepy.tech/projects/pacli-tool)
[![Python Versions](https://img.shields.io/pypi/pyversions/pacli-tool.svg)](https://pypi.org/project/pacli-tool/)
[![License](https://img.shields.io/github/license/imshakil/pacli)](LICENSE)
[![security:bandit](https://img.shields.io/badge/security-bandit-yellow.svg)](https://github.com/imShakil/pacli)

pacli is a secure, local-first secrets manager that stores your passwords, API keys, and SSH credentials with encryption and master password protection - no cloud dependencies required.

## Features

- Securely store and manage secrets locally
- Master password protection
- Support separate options for token, password, and SSH connections
- Add, retrieve, update, and delete secrets
- Copy secrets directly to your clipboard
- SSH connection management with key file support
- URL shortening with [LinklyHQ](https://linklyhq.com/?via=ShakilOps) integration
- Export list of secrets into JSON or CSV file
- Easy-to-use command-line interface
- **Web UI** for managing secrets through a modern web interface

## Sonarqube Code Quality Metrics

[![Lines of Code](https://sonarcloud.io/api/project_badges/measure?project=imShakil_pacli&metric=ncloc)](https://sonarcloud.io/summary/new_code?id=imShakil_pacli)
[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=imShakil_pacli&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=imShakil_pacli)
[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=imShakil_pacli&metric=coverage)](https://sonarcloud.io/summary/new_code?id=imShakil_pacli)
[![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=imShakil_pacli&metric=reliability_rating)](https://sonarcloud.io/summary/new_code?id=imShakil_pacli)
[![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=imShakil_pacli&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=imShakil_pacli)
[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=imShakil_pacli&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=imShakil_pacli)
[![Duplicated Lines (%)](https://sonarcloud.io/api/project_badges/measure?project=imShakil_pacli&metric=duplicated_lines_density)](https://sonarcloud.io/summary/new_code?id=imShakil_pacli)

## Installation

### Recommended: pipx (isolated, no conflicts)

[pipx](https://pipx.pypa.io/) installs CLI tools in their own isolated environments and makes them available system-wide. This is the safest and cleanest approach.

```sh
# Install pipx if you don't have it
pip install pipx
pipx ensurepath

# Install pacli
pipx install pacli-tool
```

### Standard pip

```sh
pip install pacli-tool
```

> **Note for Ubuntu 23+, Debian 12+, and other modern Linux distros:** Your system Python may be externally managed (PEP 668) and block pip installs by default. Use one of the alternatives below.

### Modern Linux (externally managed Python)

If you get an `externally-managed-environment` error, choose one of these:

```sh
# Use a virtual environment (safest for system Python)
python3 -m venv ~/.venv/pacli
~/.venv/pacli/bin/pip install pacli-tool

# Then add the binary to your PATH
echo 'export PATH="$HOME/.venv/pacli/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc
```

### Install from source

```sh
git clone https://github.com/imshakil/pacli.git
cd pacli
pip install -e .
```

Or directly from GitHub without cloning:

```sh
pip install git+https://github.com/imshakil/pacli.git
```

### Verify installation

```sh
pacli --help
```

## Usage

To see all available commands and options:

```sh
pacli --help
```

### Common Commands

| Command                | Description                                      |
|------------------------|--------------------------------------------------|
| `init`                 | Initialize pacli and set a master password       |
| `add`                  | Add a secret with a label                        |
| `get`                  | Retrieve secrets by label                        |
| `get-by-id`            | Retrieve a secret by its ID                      |
| `update`               | Update old secret by label                       |
| `update-by-id`         | Update old secret by its ID                      |
| `list`                 | List all saved secrets                           |
| `delete`               | Delete a secret by label                         |
| `delete-by-id`         | Delete a secret by its ID                        |
| `ssh`                  | Connect to SSH server using saved credentials    |
| `short`                | Shorten URLs using LinklyHQ service              |
| `cc`                   | Copy stdin content to clipboard                  |
| `change-master-key`    | Change the master password without losing data   |
| `export`               | Export secrets to JSON or CSV format             |
| `web`                  | Launch/manage the Web UI for managing secrets    |
| `version`              | Show the current version of pacli                |

### Examples

#### Adding and Retrieving Secrets

```sh
# Initialize pacli (run once)
pacli init

# Add a password
pacli add --pass github

# Add a token
pacli add --token api-key

# Add SSH connection
pacli add --ssh ec2-vm user:192.168.1.100

# Add SSH connection with key file
pacli add --ssh ec2-vm user:192.168.1.100 --key ~/.ssh/id_rsa

# Retrieve a secret
pacli get github

# Connect via SSH
pacli ssh ec2-vm

# Export secrets to JSON
pacli export --format json --output my_secrets.json

# Export secrets to CSV
pacli export --format csv --output my_secrets.csv

# Shorten a URL
pacli short https://example.com/very/long/url

# Shorten with custom name and copy to clipboard
pacli short https://example.com -n "My Link" --clip

# Copy file content to clipboard
cat file.txt | pacli cc

# Copy command output to clipboard
echo "Hello World" | pacli cc

# Copy API response to clipboard
curl -s https://api.example.com/data | pacli cc
```

## Web UI

[![Web UI](https://mhosen.com/projects/pacli/pacli-web-ui.png)](https://mhosen.com/projects/pacli---secrets-management-cli)

Launch the Web UI to manage your secrets through a modern, user-friendly interface:

```sh
# Start the Web UI (opens in your default browser)
pacli web

# Start in background mode
pacli web start

# Stop background mode
pacli web stop

# Check background status
pacli web status

# Start on a custom host and port
pacli web --host 0.0.0.0 --port 8080

# Start in background on custom host and port
pacli web start --host 0.0.0.0 --port 8080

# Start without opening browser
pacli web --no-browser

# Start in background without opening browser
pacli web start --no-browser
```

The Web UI provides:

- 🔐 Master password authentication
- 📋 View, add, edit, and delete secrets
- 🔍 Search and filter secrets by type
- 📋 Display secrets with creation/update timestamps
- 👁️ Toggle secret visibility
- 📋 Copy secrets to clipboard
- 🎨 Responsive design for desktop and mobile

## Display Format

- Credentials are shown as: `username:password`
- SSH connections are shown as: `user:ip` or `user:ip (Key: /path/to/key)`

## Copy to Clipboard

To copy a secret directly to your clipboard, use the `--clip` option:

```sh
pacli get google --clip
```

### Pipeline Usage

Use `pacli cc` to copy any command output or file content to clipboard:

```sh
# Copy file contents
cat ~/.ssh/id_rsa.pub | pacli cc

# Copy command output
ls -la | pacli cc

# Copy JSON response
curl -s https://api.github.com/user | pacli cc
```

For more information, use `pacli --help` or see the documentation.

## Tips

### Avoid Master Password Prompts

To avoid entering your master password repeatedly, you can set it as an environment variable:

```sh
# For current session only
export PACLI_MASTER_PASSWORD="your-master-password"

# Or add to your shell profile for permanent use
echo 'export PACLI_MASTER_PASSWORD="your-master-password"' >> ~/.bashrc  # For bash
echo 'export PACLI_MASTER_PASSWORD="your-master-password"' >> ~/.zshrc   # For zsh
```

**Security Note:** Adding the password to your shell profile makes it persistent but less secure. Use the session-only approach for better security.

### URL Shortening Setup

To use the URL shortening feature, set up your [LinklyHQ](https://linklyhq.com/?via=ShakilOps) credentials as environment variables:

```sh
# Set LinklyHQ credentials
export PACLI_LINKLYHQ_KEY="your_api_key"
export PACLI_LINKLYHQ_WID="your_workspace_id"

# Add to your shell profile for permanent use
echo 'export PACLI_LINKLYHQ_KEY="your_api_key"' >> ~/.bashrc
echo 'export PACLI_LINKLYHQ_WID="your_workspace_id"' >> ~/.bashrc
```

> [Visits here](https://linklyhq.com/?via=ShakilOps) to get your credentials.

## Demo

![demo](https://github.com/user-attachments/assets/be7ea309-9f5c-4f5a-a4f3-fdf065577d8b)
