module Build::EnvFormat

Overview

Parse and emit shell-style KEY=VALUE environment assignments.

Accepts the subset of POSIX sh assignment syntax used by bld config -s, heroku config -s, export -p, and common .env files:

[export] IDENT= value := '...' literal | "..." with \n \t \r \ " $ ` escapes | $'...' ANSI-C: \n \t \r \ ' " \0 \a \b \e \f \v | bare unquoted, no expansion

Values may concatenate quoted and unquoted segments like real shell: 'it'\''s' parses as it's, matching what our emitter produces for a value containing a single quote. Quoted segments can span newlines.

SECURITY: this is deliberately NOT a shell. It never performs variable expansion, command substitution, arithmetic, globbing, or any other form of evaluation. The worst an attacker can do with crafted input is set config var values to arbitrary bytes — which any user can already do via explicit KEY=VALUE args. That invariant keeps the attack surface of piping a file identical to passing args explicitly.

Defined in:

env_format.cr

Class Method Summary

.parse(raw : String) : Hash(String, String)
Parse assignments out of a raw string.
.shell_format_kv(key : String, value : String) : String
Emit one KEY=value line that round-trips through .parse above, bash source, and heroku config -s-style consumers.

Class Method Detail

def self.parse(raw : String) : Hash(String, String) #

Parse assignments out of a raw string. Lines that don't match the grammar (malformed, stray text, etc.) are silently skipped to stay tolerant of format drift between producers.

[View source]

def self.shell_format_kv(key : String, value : String) : String #

Emit one KEY=value line that round-trips through .parse above, bash source, and heroku config -s-style consumers. Values with control characters use $'...' (ANSI-C) so they stay single-line and decode back to the same bytes.