npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

env-cipher

v0.2.1

Published

A module to encrypt and decrypt ENV variables

Downloads

48

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

ralfbecherralfbecher

Keywords

dotenvsecure-envencrypt-envdecrypt-env

Readme

NPM version Maintenance LICENSE

env-cipher

Env-cipher is a module that reads encrypted environment variables with a specific suffix (default: _CIPHER) from process.env and decrypts it. The result can then be stored back into process.env and used in a node.js app as usual.

It also has a CLI to create a .env-cipher file with encrypted variable values. Additionally, a .env-cipher.yaml file is created for environment usage in the Docker or Kubernetes context.

The idea behind is to only use encrypted settings in deployment files or secrets or cloud vaults. A secret file (e.g. a certificate) can be used to encrypt the values during development or CI/CD. For decryption, the secret file can be placed inside the node.js docker container (in best case use a distroless image!) to process the decryption.

Usage

Create a certificate by running npm run certgen. It will be stored into ./ssl/cert.pem and used as default.

Create a .env file in the root directory of your project. Add environment-specific variables on new lines in the form of NAME=VALUE. For example:

ACCOUNT=hazfd783.cloudname.com
USER=fridolinhamster
PASSWORD=y0uw1lln0tbr4ek
DATABASE=hr.salaries
SCHEMA=management
ROLE=SYSADMIN
URL=localhorst:8123

Encrypt .env values

$ npm install -g env-cipher
$ npx env-cipher
# or
$ env-cipher .env -s mySecretPassword

After running the CLI command the encrypted values resulting in:

ACCOUNT_CIPHER=6478b68193c03a3c0bdadec46f89a09eef5beb55077d5c4cf7e72f733d3d75b4
USER_CIPHER=17e766942fe4fa19068202c4138c517a
PASSWORD_CIPHER=1ccd001d85277b9be50da994590e5f7f
DATABASE_CIPHER=374eab00f4a46cd2276ef8b9f6ce9f27
SCHEMA_CIPHER=a4a62c29f0a2f50d06c414ff91ebd676
ROLE_CIPHER=506824248ee4729c22381fd838139c49
URL_CIPHER=31fe6850775707846d5c8aa56a5d9c84

The YAML output file .env-cipher.yaml looks like this:

environment:
  - ACCOUNT_CIPHER=6478b68193c03a3c0bdadec46f89a09eef5beb55077d5c4cf7e72f733d3d75b4
  - USER_CIPHER=17e766942fe4fa19068202c4138c517a
  - PASSWORD_CIPHER=1ccd001d85277b9be50da994590e5f7f
  - DATABASE_CIPHER=374eab00f4a46cd2276ef8b9f6ce9f27
  - SCHEMA_CIPHER=a4a62c29f0a2f50d06c414ff91ebd676
  - ROLE_CIPHER=506824248ee4729c22381fd838139c49
  - URL_CIPHER=31fe6850775707846d5c8aa56a5d9c84

Options for CLI encoding

$ env-cipher --option <VALUE> <path-to-.env-file>

| Option | What does it do | Defaults | | ------ | ------ | ------ | | --secretFile | use a file content as encrytion key (default) | ./ssl/cert.pem | | --secret | alternativly use a secret key or passphrase for encryption | <empty> | | --algo | encryption algorithm | aes256 | | --suffix | suffix which will be attached to variable name | _CIPHER | | --encoding | encoding of .env file | utf8 |

To decrypt a .env-cipher file and print values to stdout run:

$ npm run decrypt

Usage in your Node.js App

$ npm install env-cipher

Place secret file (or certificate) into ./ssl.

const { envDecipher } = require('env-cipher');
const decrypted = envDecipher();

process.env = {
    ...process.env,
    ...decrypted
}

Options for decrytion

are the same as in CLI as object parameter except encoding:

const { envDecipher } = require('env-cipher');
const decrypted = envDecipher({
    'secretFile': './ssl/cert.pem',
    //'secret': 'mysecret'
    'algo': 'aes256',
    'suffix': '_CIPHER'
});

Dependencies

Env-cipher uses these open source projects to work properly:

License

MIT