brew package intelligence

mercurial

Automic Vault tracks mercurial because plain text mercurial auth passwords matters when AI agents run command-line tools on macOS.

Read docs Run scanner

overview

What Automic Vault knows about mercurial

Scalable distributed version control system

Homepage

Not present in the local metadata.

Commands and aliases

No executable aliases were found in the local package database.

radioisotope

Plain Text Mercurial Auth Passwords

Mercurial user hgrc files can contain [auth] password fields and password-bearing repository URLs. Our isotope stores those hgrc files in the macOS keychain and injects them through temporary HOME/XDG_CONFIG_HOME and HGRCPATH values while `hg` runs.

Local README excerpt

Mercurial

Mercurial reads user configuration from ~/.hgrc and ~/.config/hg/hgrc. Those files can contain [auth] credentials, including password fields and password-bearing remote URLs.

This radioisotope migrates those hgrc files to the keychain and wraps hg so they are recreated under a temporary home/config tree while Mercurial runs.

Source: data/radioisotopes/mercurial/README.md

Coverage source

https://formulae.brew.sh/formula/mercurial

Caveats

Runtime edits to hgrc are not persisted back to keychain.
Direct execution of the original binary will not receive credentials.

install metadata

Resolver facts

Package key	brew:mercurial
Last updated	2026-05-07T23:57:07Z
Pulse	updated

source trail

Generated from repository data

This page is regenerated by scripts/generate-pkg-pages.py. Deployments refuse to publish if www/pkg/ is stale relative to local package data.

Used sources

Nucleus package database
local isotope README
radioisotope security manifest