varlock adds safer caching for the 1Password op CLI
varlock added a built-in cache that runs in front of the 1Password op CLI. Repeated secret loads no longer have to keep calling s, so they can run faster.
The change targets two common : slow op CLI calls and repeated unlock prompts. Some existing lightweight cache wrappers improve speed, but they can lose op's session-based biometric unlock behavior or leave plaintext secrets in memory.
varlock aims to keep the speed gain while using device-encrypted caching for better security. Its session handling is also more flexible than op's, which can reduce unexpected unlock prompts during parallel reads in turborepo and in non-terminal uses such as Claude or s.
Key points
- varlock now has a built-in cache for 1Password op CLI calls.
- Repeated secret loads can avoid repeated calls.
- The goal is fewer delays and fewer repeated unlock prompts.
- The design tries to avoid plaintext secrets staying exposed in memory.
- It may help with Claude or s that read secrets outside a normal terminal.