npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@bora-technologies/env-vault

v0.0.14

Published

Secure environment variable management with encryption and sharing

Downloads

1,369

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

praneelborapraneelbora

Keywords

envenvironmentvariablessecretsvaultdotenvcliencryptionsecurity

Readme

env-vault

Secure environment variable management with encryption and sharing capabilities.

Prerequisites

  • Node.js 18+

Installation

npm install -g @bora-technologies/env-vault

Quick Start

# 1. Initialize your vault with a master password
env-vault init

# 2. Initialize env-vault in a project directory
cd your-project
env-vault init-repo .env

# 3. Get decrypted secrets
env-vault get

# 4. Share with a teammate (they need to run env-vault init first)
env-vault share . <their-public-key>

Commands

Core Commands

| Command | Description | |---------|-------------| | init | Initialize a new vault with a master password | | identity | Show your public key (share this to receive secrets) | | init-repo [envFile] | Initialize .env-vault in current project directory | | get [repo] [file] | Get decrypted secrets for a repository | | add <repo> [file] | Add or update secrets for a repository | | list | List all repositories | | rm <repo> | Remove a repository | | edit <repo> | Edit secrets in your default editor |

Sharing Commands

| Command | Description | |---------|-------------| | share <repo> <pubkey> | Share a repository with a public key | | revoke <repo> <fingerprint> | Revoke access to a repository | | recipients <repo> | List recipients who have access |

Git Sync Commands

| Command | Description | |---------|-------------| | sync | Sync vault with remote git repository | | clone <git-url> | Clone an existing vault from git | | migrate | Migrate repos from central vault to per-project storage |

How It Works

env-vault uses public-key cryptography to securely store and share environment variables:

  1. Initialization: Creates a unique X25519 keypair for your device
  2. Encryption: Secrets are encrypted with AES-256-GCM using a random data encryption key (DEK)
  3. Key Wrapping: The DEK is wrapped (encrypted) for each recipient's public key
  4. Sharing: To share, you wrap the DEK for the recipient's public key
  5. Storage: Encrypted secrets can be committed to git safely
┌─────────────────────────────────────────────────────────┐
│                    .env-vault/                          │
├─────────────────────────────────────────────────────────┤
│  secrets.enc      - AES-256-GCM encrypted secrets       │
│  recipients.json  - Wrapped DEKs for each recipient     │
└─────────────────────────────────────────────────────────┘

Workflow Example

Team Setup

# Alice (project owner)
env-vault init                    # Create identity
env-vault init-repo .env          # Encrypt project secrets
git add .env-vault/ && git commit -m "Add encrypted secrets"
git push

# Bob (teammate)
env-vault init                    # Create his own identity
env-vault identity                # Shows his public key
# Send public key to Alice

# Alice shares with Bob
env-vault share . <bob-public-key>
git add .env-vault/ && git commit -m "Share with Bob"
git push

# Bob can now decrypt
git pull
env-vault get                     # Outputs decrypted secrets
env-vault get .env                # Writes to .env file

Security

  • End-to-end encryption: Secrets are encrypted locally before storage
  • Zero-knowledge: Private keys never leave your device
  • Proven cryptography: X25519 + AES-256-GCM + scrypt
  • No plaintext in git: Only encrypted data is committed
  • Per-device keys: Each device has its own keypair

File Locations

| Path | Description | |------|-------------| | ~/.env-vault/ | Central vault directory | | ~/.env-vault/identity/ | Your keypair (private.key is encrypted) | | ~/.env-vault/repos/ | Central repository storage | | ./.env-vault/ | Per-project encrypted secrets |

Troubleshooting

"Failed to unlock vault. Wrong password?"

  • Check that you're entering the correct master password
  • The password is case-sensitive

"Vault not initialized"

  • Run env-vault init to create your identity first

Installation fails

  • Ensure you have Node.js 18 or higher
  • Try: npm cache clean --force && npm install -g @bora-technologies/env-vault

License

MIT