{"id":13423806,"url":"https://github.com/netheril96/securefs","last_synced_at":"2025-10-21T04:53:46.453Z","repository":{"id":30222802,"uuid":"33773866","full_name":"netheril96/securefs","owner":"netheril96","description":"Filesystem in userspace (FUSE) with transparent authenticated encryption","archived":false,"fork":false,"pushed_at":"2025-10-01T05:11:56.000Z","size":14127,"stargazers_count":795,"open_issues_count":17,"forks_count":66,"subscribers_count":29,"default_branch":"master","last_synced_at":"2025-10-01T06:28:03.047Z","etag":null,"topics":["authentication","cloud","crypto","cryptography","encryption","filesystem","filesystems","fuse","fuse-filesystem","security"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/netheril96.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2015-04-11T11:48:51.000Z","updated_at":"2025-09-29T22:29:32.000Z","dependencies_parsed_at":"2024-01-20T14:31:45.588Z","dependency_job_id":"e84437c7-1b4e-46e1-8a9c-8cd4961d5b0b","html_url":"https://github.com/netheril96/securefs","commit_stats":{"total_commits":965,"total_committers":12,"mean_commits":80.41666666666667,"dds":0.0766839378238342,"last_synced_commit":"537abeebf761ab816df68570d46e89a6acf8a3b9"},"previous_names":[],"tags_count":48,"template":false,"template_full_name":null,"purl":"pkg:github/netheril96/securefs","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netheril96%2Fsecurefs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netheril96%2Fsecurefs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netheril96%2Fsecurefs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netheril96%2Fsecurefs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/netheril96","download_url":"https://codeload.github.com/netheril96/securefs/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netheril96%2Fsecurefs/sbom","scorecard":{"id":666155,"data":{"date":"2025-08-11","repo":{"name":"github.com/netheril96/securefs","commit":"c959a8fe7cb70d68ddd8e710bdb289e2247b25d4"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ccpp.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ccpp.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ccpp.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ccpp.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ccpp.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/ccpp.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:267: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:268: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:276: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:291: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:301: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:320: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:322: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:329: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:338: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:352: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:358: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:169: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:217: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:232: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:249: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:255: update your workflow using https://app.stepsecurity.io/secureworkflow/netheril96/securefs/release.yml/master?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/ccpp.yml:65","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:208","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:37","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:122","Info:   0 out of  37 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   9 third-party GitHubAction dependencies pinned","Info:   0 out of   4 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v2.0.0-beta1 not signed: https://api.github.com/repos/netheril96/securefs/releases/226883883","Warn: release artifact v1.1.1 not signed: https://api.github.com/repos/netheril96/securefs/releases/222055580","Warn: release artifact v1.1.0 not signed: https://api.github.com/repos/netheril96/securefs/releases/215013276","Warn: release artifact v1.0.0 not signed: https://api.github.com/repos/netheril96/securefs/releases/152202336","Warn: release artifact 0.14.3 not signed: https://api.github.com/repos/netheril96/securefs/releases/115088638","Warn: release artifact v2.0.0-beta1 does not have provenance: https://api.github.com/repos/netheril96/securefs/releases/226883883","Warn: release artifact v1.1.1 does not have provenance: https://api.github.com/repos/netheril96/securefs/releases/222055580","Warn: release artifact v1.1.0 does not have provenance: https://api.github.com/repos/netheril96/securefs/releases/215013276","Warn: release artifact v1.0.0 does not have provenance: https://api.github.com/repos/netheril96/securefs/releases/152202336","Warn: release artifact 0.14.3 does not have provenance: https://api.github.com/repos/netheril96/securefs/releases/115088638"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-21T18:07:13.910Z","repository_id":30222802,"created_at":"2025-08-21T18:07:13.910Z","updated_at":"2025-08-21T18:07:13.910Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":280207194,"owners_count":26290616,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-21T02:00:06.614Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","cloud","crypto","cryptography","encryption","filesystem","filesystems","fuse","fuse-filesystem","security"],"created_at":"2024-07-31T00:00:42.962Z","updated_at":"2025-10-21T04:53:46.446Z","avatar_url":"https://github.com/netheril96.png","language":"C++","funding_links":[],"categories":["C++","File Encryption","\u003ca name=\"cpp\"\u003e\u003c/a\u003eC++","cloud"],"sub_categories":["Snippets Manager"],"readme":"# securefs\n\n`securefs` is a filesystem in userspace (FUSE) with transparent encryption (when writing) and decryption (when reading).\n\n`securefs` mounts a regular directory onto a mount point. The mount point appears as a regular filesystem, where one can read/write/create files, directories and symbolic links. The underlying directory will be automatically updated to contain the encrypted and authenticated contents.\n\n## Motivation\n\nFrom sensitive financial records to personal diaries and collection of guilty pleasures, we all have something to keep private from prying eyes. Especially when we store our files in the cloud, the company and the NSA may well get their hands upon it. The best protection we can afford ourselves is **cryptography**, the discipline developed by mathematicians and military originally to keep the national secrets.\n\nSecurity, however, is often at odds with convenience, and people easily grow tired of the hassle and revert to no protection at all. Consider the case of protecting our files either locally or in the cloud: we have to encrypt the files before committing to the cloud and decrypt it every time we need to read and write. Worse still, such actions leave unencrypted traces on our hard drive. If we store data in the cloud, another issue arise: manual encryption and decryption prevent files from being synced efficiently.\n\n`securefs` is intended to make the experience as smooth as possible so that the security and convenience do not conflict. After mounting the virtual filesystem, everything just works\u0026#8482;.\n\n## Comparison\n\nThere are already many encrypting filesystem in widespread use. Some notable ones are TrueCrypt, FileVault, BitLocker, eCryptFS, encfs, cryfs, rclone and gocryptfs. `securefs` differs from them in that it is the only one with all of the following features:\n\n- [Authenticated encryption](https://en.wikipedia.org/wiki/Authenticated_encryption) (hence secure against chosen ciphertext attacks)\n- [Probabilistic encryption](https://en.wikipedia.org/wiki/Probabilistic_encryption) (hence provides semantical security)\n- Supported on all major platforms (Mac, Linux, BSDs and Windows)\n- Efficient cloud synchronization (not a single preallocated file as container)\n- Full 255 bytes long file name components.\n- (Optional) File size obfuscation by random padding.\n- (Optional) Case insensitive and case preserving filesystem (matching the default behavior of NTFS).\n- (Optional) Unicode normalization agnostic filesystem (matching the default behavior of APFS/HFS+)\n\n## Install\n\n[![Actions Status](https://github.com/netheril96/securefs/workflows/C%2FC%2B%2B%20CI/badge.svg)](https://github.com/netheril96/securefs/actions)\n\n### Dependencies\n\nOn Windows, we need to separately install [WinFsp](https://winfsp.dev/) and [VC++ redistributable](https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170#visual-studio-2015-2017-2019-and-2022).\n\nOn Linux, we need to install `libfuse-dev`/`fuse-devel` package.\n\nOn FreeBSD, we need to run `pkg install fusefs-libs`.\n\nOn macOS, we need to install [MacFUSE](https://osxfuse.github.io/).\n\n### Binary packages\n\nDownload from the Release page.\n\n### Build from source\n\nFirst you need to install [vcpkg](https://vcpkg.io). Then run `python3 build.py --enable_unit_test`.\n\n### Package managers\n\n#### Windows\n\nUse WinGet.\n\nUser scoped install: `winget install -e netheril96.securefs`\n\nSystem wide install: `sudo winget install --scope machine -e netheril96.securefs`\n\n#### macOS\nUse [homebrew](https://brew.sh).\n\n`brew install netheril96/fuse/securefs-mac`\n\n## Basic usage\n\n_It is recommended to disable or encrypt the swap and hibernation file. Otherwise plaintext and keys stored in the main memory may be written to disk by the OS at any time._\n\nExamples:\n\n```bash\n# Help commands\nsecurefs --help\nsecurefs m --help\nsecurefs c --help\n# Creation\nsecurefs create ~/Secret # Default parameters\nsecurefs create ~/Secret --keyfile ./mykey # Use keyfile instead of password\nsecurefs c ~/Secret --max-padding 65535 # Randomly pad each file with at most 65535 bytes to obfuscate its size\nsecurefs c ~/Secret --format full # Full mode. See below for the meaning.\nsecurefs c ~/Secret --format full --case insensitive # Like NTFS\nsecurefs c ~/Secret --format full --uninorm insensitive # Like APFS\n# Mounting\nsecurefs mount ~/Secret ~/Mount # press Ctrl-C to unmount\nsecurefs mount ~/Secret ~/Mount --keyfile ./mykey # press Ctrl-C to unmount\n# Mount in the background (no-op on Windows). Use `umount` to unmount.\nsecurefs m -b ~/Secret ~/Mount --log ~/securefs.thismaycontainsensitiveinformation.log\nsecurefs m --plain-text-names ~/Secret ~/Mount # Do not encrypt the filenames\nsecurefs m ~/Secret Z: # Windows only\n# Change password\nsecurefs chpass ~/Secret\n```\n\nSee the [full command line options](docs/usage.md).\n\n## GUI\n\n[SiriKali](https://mhogomchungu.github.io/sirikali/) is a GUI frontend for securefs (and several other filesystems).\n\nNote: this is informational only. The author of securefs has never tried SiriKali or vetted its code.\n\n## Lite and full mode\n\nThere are two categories of filesystem format.\n\nThe **lite** format simply encrypts filenames and file contents separately, similar to how `encfs` operates, although with more security.\n\nThe **full** format maps files, directory and symlinks in the virtual filesystem all to regular files in the underlying filesystem. The directory structure is flattened and recorded as B-trees in files.\n\nThe lite format is the default as it is much faster and features easier conflict resolution, especially when used with DropBox, Google Drive, etc. The full format, however, leaks fewer information about the filesystem hierarchy, runs relatively independent of the features of the underlying filesystem, and is in general more secure.\n\nTo request full format, which is no longer the default, run `securefs create --format full`.\n\n## Design and algorithms\n\nSee [here](docs/design.md).\n\n## Caveat\n\nIf you store `securefs` encrypted files on iCloud Drive, it might cause Spotlight Search on iOS to stop working. It is a bug in iOS, not in `securefs`.\n\nTo work around that bug, you can disable the indexing of _Files_ app in Settings -\u003e Siri \u0026 Suggestions.\n\n## Crash resistance\nIf `securefs` exits abnormally, or if the computer suddenly powers down, we have only the following guarantees (assuming the underlying filesystem isn't corrupted)\n\n1. Files not being written will never be corrupted.\n2. In lite format, the directory structure and file names will not be corrupted, unless the file name is a [long name](docs/long_name.md).\n3. In full format, the directory structure and file names may be corrupted, but the files themselves can be recovered even in this case.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetheril96%2Fsecurefs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnetheril96%2Fsecurefs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetheril96%2Fsecurefs/lists"}