npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@polyfillhq/senv

v3.0.0

Published

A simple CLI tool for encrypting and decrypting .env files

Downloads

4

Readme

🔐 senv

Build Status

A simple CLI tool for encrypting and decrypting .env files.

Features:

  • 🔒 Encrypt and decrypt .env files so they can be securely tracked in Git
  • 👀 .env file changes are easily visible during code review
  • 🔢 Supports multiple .env files for different environment configurations
  • 🎮 Supports encryption and decryption via CLI tool
  • 🚢 Easy to configure for use with a CI system

Installation:

$ yarn global add senv

or

$ npm install -g senv

Basic Usage

Setup your encryption key

$ echo "your_password_here" >> .env.pass

Encrypt a plain text .env file:

$ senv encrypt .env -o .env.enc

Decrypt an encrypted .env file:

$ senv decrypt .env.enc -o .env

Passwords

There are several ways to store your passwords, depending on what works best with your project's existing setup.

One password for all .env files

To configure senv to use a single password for all .env files you have two options:

  1. Set the DOTENV_PASS environment variable in your ~/.bash_profile:
$ export DOTENV_PASS=your_password_here
  1. Create a file named .env.pass in the same directory as your .env file:
$ echo "your_password_here" >> .env.pass

If both an environment variable and a password file are present, senv will default to using the environment variable.

One password for each .env file

senv will look for and use an environment variables or password file for each .env file based on the filename that is passed in, like so:

$ senv encrypt .env                 # Looks for $DOTENV_PASS or .env.pass
$ senv encrypt .env.prod            # Looks for $DOTENV_PROD_PASS or .env.prod.pass

$ senv decrypt .env.prod.enc        # Looks for $DOTENV_PROD_PASS or .env.prod.pass
$ senv decrypt .env.prod.encrypted  # Looks for $DOTENV_PROD_PASS or .env.prod.pass
$ senv decrypt .env.prod.suffix     # Looks for $DOTENV_PROD_SUFFIX_PASS or .env.prod.suffix.pass

If both an environment variable and a password file are present for an individual .env file, senv will default to using the environment variable.

CLI Argument (insecure)

You can also pass in your password as a command line argument, like so:

$ senv encrypt .env -p your_password_here

However, this method is insecure and should not be your first choice.

Advanced Usage

Update encrypted .env file on each commit:

$ echo "#!/bin/sh" >> .git/hooks/pre-commit
$ echo "senv encrypt .env -o .env.enc" >> .git/hooks/pre-commit
$ chmod +x .git/hooks/pre-commit

Decrypt .env.env file in CI pipeline:

  • Add $DOTENV_PASS or individual file environment variable via UI

Why?

Everyone knows it's bad practice to store plaintext secrets in git. Often the alternatives are unecessarily complex for small projects (e.g. Hashicorp Vault), or are a pain to manage (e.g. passing around .env files among developers via slack or email 🤮).

This tool makes it easy to encrypt and decrypt any .env files so they can be securely tracked in Git.

There are several other great libraries that support encryption of environment variables (encrypt-env, secure-env, etc), but none fit our use case well (managing secrets in .env files with react-native-config) for one reason or another.

So I created this tool. Hope it helps someone else out 😊.