Skip to content

Add walking up parent directories when loading dotenv files#4147

Open
revolter wants to merge 5 commits into
sqlitebrowser:masterfrom
revolter:feature/sqlcipher-passwords-walk-parents
Open

Add walking up parent directories when loading dotenv files#4147
revolter wants to merge 5 commits into
sqlitebrowser:masterfrom
revolter:feature/sqlcipher-passwords-walk-parents

Conversation

@revolter

@revolter revolter commented Jun 6, 2026

Copy link
Copy Markdown
Member

Previously, only a .env file next to the database was checked.
Now parent directories are searched until a matching password entry
is found.

Related-to: 3cdc65a (#1404).

revolter added 5 commits June 6, 2026 18:26
@revolter
Add missing explicit QSettings import
55ab149 
It is used to load the dotenv file.
@revolter
Remove superfluous local variable
b872e83
@revolter
Fix local variables not being marked as constants
d6d637f
@revolter
Fix superfluously trying to parse missing dotenv files
061b9ec
@revolter
Add walking up parent directories when loading dotenv files
70f0f22 
Previously, only a `.env` file next to the database was checked.
Now parent directories are searched until a matching password entry
is found.

Related-to: 3cdc65a
@revolter revolter self-assigned this Jun 6, 2026
@revolter revolter requested review from Copilot and mgrojo June 6, 2026 16:52
Copilot AI reviewed Jun 6, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enhances the SQLCipher “dotenv” auto-unlock flow by extending the .env lookup beyond the database’s directory: it now walks up parent directories until it finds a matching password entry for the database filename. This builds on the earlier dotenv-based encrypted DB opening work referenced in PR #1404.

Changes:

  • Add QSettings include to support reading .env files.
  • Replace single-directory .env lookup with a parent-directory search loop, stopping once a matching password entry is found.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/sqlitedb.cpp
@mgrojo

mgrojo commented Jun 8, 2026

Copy link
Copy Markdown
Member

Hi @revolter,
I have mixed feelings about this change. I assume your use case is that you have several database files in subdirectories, and a single .env file applicable to all of them in the parent directory or in the project root. But what happens if we load in memory a .env file which wasn't for us and contains other secrets. I guess nothing very important, besides failing to open the database, but it put us in a risky situation.

At least, I think this behaviour should be opt-in through a setting in the preferences' dialog.

@revolter

revolter commented Jun 9, 2026

Copy link
Copy Markdown
Member Author

Hi @mgrojo,

I assume your use case is that you have several database files in subdirectories, and a single .env file applicable to all of them in the parent directory or in the project root.

Ish. I have some encrypted databases in an iOS app, and running it in the Simulator places the databases in a deeply nested location under ~/Library, and it also changes on every subsequent run. As such, I want to place the .env file in the root folder to be picked up regardless.

But what happens if we load in memory a .env file which wasn't for us and contains other secrets.

True, good catch!

I now realize that other tools with a similar feature have their own custom naming for these files (they're also configs, not secret holders).

At least, I think this behaviour should be opt-in through a setting in the preferences' dialog.

Makes sense!

But, with the above, what do you think of searching for .db4s.env outside the current folder, and for .env OR .db4s.env? This way, whenever you see a dotenv file with NO database next to it, you know what's it about, we don't risk clashes with other software, and we could deprecate the non-specific file name in the future.

@FriedrichFroebel

FriedrichFroebel commented Jun 9, 2026

Copy link
Copy Markdown
Contributor

While I understand the use case here as well, I do not think that this is the right approach. Especially with deeply nested file hierarchies, this is some unnecessary overhead, apart from the fact that at some level the permissions might not even be available anymore.

For this use case, it seems like letting the environment load the .env file into environment variables and allowing DB4S to read them (I am not sure whether this might already be supported) seems like the most straightforward approach where each user can choose the preferred way to achieve the loading.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mgrojo mgrojo Awaiting requested review from mgrojo

Assignees

@revolter revolter

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@revolter @mgrojo @FriedrichFroebel