npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

Iโ€™ve always been into building performant and accessible sites, but lately Iโ€™ve been taking it extremely seriously. So much so that Iโ€™ve been building a tool to help me optimize and monitor the sites that I build to make sure that Iโ€™m making an attempt to offer the best experience to those who visit them. If youโ€™re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, ๐Ÿ‘‹, Iโ€™m Ryan Hefnerย  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If youโ€™re interested in other things Iโ€™m working on, follow me on Twitter or check out the open source projects Iโ€™ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soonโ€“ish.

Open Software & Tools

This site wouldnโ€™t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you ๐Ÿ™

ยฉ 2024 โ€“ย Pkg Stats / Ryan Hefner

envienc

v2.3.0

Published

๐Ÿ” Encrypt dotenv, YAML and Hpp values keeping the rest of file intact

Downloads

20

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

imcatwhocodeimcatwhocode

Keywords

Readme

envienc

Envienc is a command-line tool for encrypting dotenv, YAML and .h/.hpp files, while keeping keys, comments, and overall structure untouched.

It encrypts only the values, leaving the rest of the file intact.

Installation

You need to have Node.js installed on your system. Then, run the following commands:

# Install envienc globally
npm install -g envienc

# ... or use npx to run it without installing
npx envienc

# ... or install it to your project and run it from there
cd your-project
npm install --save-dev envienc
npx envienc

Quick start

# First, let's init a new project.
# This will create a .enviencrc file in your project root.
# Using "-g" flag, you can specify globs for dotenv and YAML files.
npx envienc init -g ".env" -g ".env.*" -g "deployments/*.yml"

# Then, add unencrypted files to .gitignore if applicable.
# This will prevent you from accidentally committing unencrypted files.
# Make sure that globs in .gitignore wouldn't match encrypted files with ".envienc" suffix

# Now you can encrypt your files.
npx envienc encrypt

# When you need to decrypt your files, run
npx envienc decrypt

# Help is here anytime you need it
npx envienc --help

Exceptions

You can skip specific configuration entries from being encrypted.

Use @envienc no-encrypt comment:

For dotenv

# @envienc no-encrypt
PUBLIC_INFO=This variable wouldn't be encrypted

# But this one would
MY_SECRET=hellokitty

For YAML

nested:
  - item1:
      # Flag below would prevent encryption of entire "item1" entry
      # @envienc no-encrypt
      key1: value1
      key2: value2
      subitems:
        - subitem1
        - subitem2
  # "item2" will be encrypted as expected
  - item2:
      keyA: valueA
      keyB: valueB

colors:
  red: '#FF0000'
  green: '#00FF00'
  # Flag below would prevent encryption only of "blue" entry
  blue: '#0000FF' # @envienc no-encrypt
  random:
    rgb: [
        128,
        # Flag below would prevent encryption only of "255" value
        255, # @envienc no-encrypt
        64,
      ]
    hex: '#FFFFFF'

# Entire "branding" entry will be kept unencrypted
# @envienc no-encrypt
branding:
  logo_uri: 'https://example.com/logo.png'
  name: 'My App'
  description: 'My App is a great app'

For .H/.HPP

// Will be encrypted
#define SECURE_STUFF "my_sweetest_secret"

// Will not be encrypted
#define NON_SECURE_STUFF /* @envienc no-encrypt */ "not_secret_at_all"

Log

Envienc uses pino for logging. By default, output is prettified using pino-pretty package. If you want to output logs in default JSON format, set LOG_JSON environment variable to true.

# This will output logs in Pino's default JSON format
LOG_JSON=true npx envienc encrypt

Encryption

Under the hood, envienc uses the AES-256-GCM algorithm to encrypt the values.

  • To produce the encryption key, it uses the PBKDF2 algorithm with 600,000 iterations.
  • Salt for PBKDF2 is generated using Node's built-in CSPRNG via the crypto.randomBytes() method. Salt is unique per project and stored in .enviencrc configuration file.
  • Each encrypted value has its own unique IV and auth tag stored with ciphertext.

Password input

You can provide the password in several ways. The order of precedence is as follows:

  1. Using the --password option. Please, don't ever do this in production.
  2. Using the ENVIENC_PASSWORD environment variable.
  3. Using the interactive prompt when encrypting or decrypting.