Configuration

The shape of ~/.config/div/config.json and how settings are resolved.

Configuration

The Div CLI reads per-machine configuration from a JSON file at:

~/.config/div/config.json

(Path is platform-appropriate; run div config path to see the resolved location on your system.)

The file is created and managed via div config, but you're welcome to hand-edit it if that's more your speed.

#Schema

{
  "apiUrl": "https://div.so",
  "insecure": false
}

All fields are optional. An empty object (or a missing file) is perfectly valid — the CLI uses defaults for everything.

Field	Type	Default	Notes
`apiUrl`	string (URL)	`https://div.so`	The API host the CLI sends requests to. Must parse as a URL. Trailing slashes are stripped.
`insecure`	boolean	`false`	When `true`, sets `NODE_TLS_REJECT_UNAUTHORIZED=0` at startup so Node accepts self-signed certificates. Use only with local dev hosts.

#Resolution order

Settings come from three places. Higher in this list wins:

Environment variables (e.g. DIV_API_URL, NODE_TLS_REJECT_UNAUTHORIZED).
config.json on disk.
Built-in defaults.

So a one-off override like:

DIV_API_URL=https://staging.div.so div deploy

…still wins over apiUrl: "https://div.so" saved in your config. Handy for those rare moments when you want to go off-script.

#Recognized environment variables

The CLI honors the following env vars regardless of what's in config.json:

DIV_API_URL — same as apiUrl. URL string.
NODE_TLS_REJECT_UNAUTHORIZED — set by Node itself. The CLI sets this to '0' at startup if insecure: true is in config and the env var isn't already set.
NODE_EXTRA_CA_CERTS — points Node's fetch at an additional CA bundle. The cleaner alternative to insecure: true for trusting Herd's local certificate.

See Environment variables for the full list and examples.

#Editing by hand

If you'd rather not use div config set, you can edit the file directly:

$EDITOR "$(div config path)"

The CLI re-reads the file on every invocation, so no restart is needed. If your edits are malformed JSON, the CLI silently falls back to defaults (no scary error message). To check what was actually loaded:

div config get

#Permissions

config.json is created with the user's umask (typically world-readable). It contains no secrets — apiUrl and insecure aren't sensitive on their own. Saved credentials live in a separate file (~/.config/div/auth.json) which is created with mode 0600.

#Resetting

To wipe your config and start fresh:

rm "$(div config path)"

Or remove individual keys with div config unset <key>.

#See also

div config — the user-facing command.
Environment variables — every env var the CLI honors.
Local development guide — when these settings matter in practice.