I almost feel like we're looking at different things. From secretspec[0]:
[project]
name = "web-api"
revision = "2.1.0"
extends = ["../shared/base", "../shared/auth"]
[profiles.default]
# Inherits DATABASE_URL, LOG_LEVEL from base
# Inherits JWT_SECRET, SESSION_SECRET from auth
# Service-specific additions:
STRIPE_API_KEY = { description = "Stripe payment API", required = true }
REDIS_URL = { description = "Redis cache connection", required = true }
PORT = { description = "Server port", required = false, default = "3000" }
From fnox[1]:
[secrets.DATABASE_URL]
provider = "onepass"
value = "Database" # ← Item name in 1Password (fetches 'password' field)
[secrets.DB_USERNAME]
provider = "onepass"
value = "Database/username" # ← Specific field
[secrets.API_KEY]
provider = "onepass"
value = "op://Development/API Keys/credential" # ←
Is the similarity that they both refer to providers (as did Terraform and countless other config tools before it)? Or profiles (like aws-cli and countless other config tools before it)? Because other than that, I'm not really seeing it. And if I hadn't seen either of these, and my boss ordered me to implement something like them, I almost guarantee I'd use similar names for things because those are the common terms for them in industry.
Honestly, I'm not invested in either of these. They both look nifty, but I couldn't personally care less if either (or both or neither) of these catch on and become standards. I'm only commenting here because your statement here and on the linked discussion[2] ("it's almost a verbatim copy") seems incredibly aggressive, and to me, quite offputting. They don't look alike at all to me, other than that they both aim to do similar things and thus will have some natural overlap in terminology.
[0]https://secretspec.dev/concepts/declarative/
[1]https://github.com/jdx/fnox
[2]https://github.com/jdx/mise/discussions/6779#discussioncomme...
> I'm asking for an attribution given that the tool was copied, how is that aggressive?
Because it implies that the tool is copied. To me, they look similar, in a way that all tools like this are going to look somewhat similar.
> - fnix imports, - secretspec extends
So, they both have ways to slurp in other files so that you can kind of emulate inheritance. They call them different things, but the idea's similar: they both look similar to mise's configuration hierarchy, which predates both tools.[0]
> - secretspec profiles, - fnix profiles
They both support named profiles like "dev", "production", etc... like so many other devops tools that I'm having a hard time narrowing it down to one pre-existing example among thousands.
No, I'm still not seeing it. Fnox seems to be a copy of secretspec in the same way that Nginx is a copy of Apache, because they both do similar things and have config files that talk about domain names and ports and paths and certificates.
[0]https://mise.jdx.dev/configuration.html#configuration-hierar...
I have to agree... the linked Github files look like pretty generic config structures you'd find in projects, regardless of the tool or specification.
> I'm asking for an attribution given that the tool was copied, how is that aggressive?
Your original comment is snarky and unprofessional. That's a bad look for projects that actually seem solid and impressive.
It's fine if you think your projects are better, and want to mention that. Just do it in a professional, objective way.
I'm asking out of curiosity if ad hominem attacks fall into professional behavior?
Bring it up with the author then. To the rest of us, what you're saying is senseless.