npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@moonbeam-nyc/lowkey

v1.7.2

Published

Sync secrets from local to cloud, and vice versa

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

moonbeam-nycmoonbeam-nyc

Keywords

awssecrets-managerenvenvironmentcli

Readme

lowkey · Unit & Integration Tests Docker: Build & Push

Sync secrets between any supported storage types with ease, and list available secrets across different storage systems.

Currently supports AWS Secrets Manager, Kubernetes secrets, env, and json.

Use Cases

Team environment sharing: Sync shared secrets from AWS Secrets Manager to local .env files.

lowkey copy \
  --input-type aws-secrets-manager \
  --input-name team-dev-secrets \
  --output-type env \
  --output-name .env.dev

Discovery and inspection: List & inspect available secrets across different storage types.

lowkey list --type aws-secrets-manager --region us-east-1
lowkey list --type kubernetes --namespace default
lowkey list --type env
lowkey list --type json --path ./config

lowkey inspect --type aws-secrets-manager --name dev-secrets
lowkey inspect --type kubernetes --name dev-secrets --namespace acme-corp 
lowkey inspect --type env --name .env.dev
lowkey inspect --type json --name dev.json

Frequent environment updates: Browse and edit environment variables with fuzzy search and live editing.

# Launch interactive secret browser to browse, edit, add, delete, and copy
# secrets across storage types
lowkey interactive
lowkey x

Requirements

  • Node.js >= 18

Installation

npm

npm install -g @moonbeam-nyc/lowkey

Docker

# Pull from GitHub Container Registry
docker pull ghcr.io/moonbeam-nyc/lowkey:latest

# Or use a specific version
docker pull ghcr.io/moonbeam-nyc/lowkey:v1.1.0

Usage

lowkey <command> [options]

Commands

lowkey copy --input-type <type> --input-name <name|path> --output-type <type> [options]

Copy Options

  • --input-type <type> - Input source type (required)
  • --input-name <name> - Input source name/path (required)
  • --region <region> - AWS region (or use AWS_REGION environment variable)
  • --namespace <namespace> - Kubernetes namespace (defaults to current context namespace)
  • --output-type <type> - Output format (required)
  • --output-name <file> - Output file path (default: stdout)
  • --stage <stage> - Secret version stage (default: AWSCURRENT)
  • -y, --yes - Auto-confirm prompts (e.g., secret creation)
  • --help, -h - Show help message

Copy Examples

# AWS Secrets Manager to env file
lowkey copy \
  --input-type aws-secrets-manager \
  --input-name my-secrets \
  --output-type env \
  --output-name .env

# Convert JSON to env format
lowkey copy \
  --input-type json \
  --input-name config.json \
  --output-type env \
  --output-name .env

# Upload to AWS Secrets Manager (auto-create if needed)
lowkey copy \
  --input-type env \
  --input-name .env \
  --output-type aws-secrets-manager \
  --output-name new-secret \
  --yes

# Copy from Kubernetes secret to env file
lowkey copy \
  --input-type kubernetes \
  --input-name my-k8s-secret \
  --namespace production \
  --output-type env \
  --output-name .env
lowkey list --type <type> [options]

List Options

  • --type <type> - Storage type to list (required)
  • --region <region> - AWS region (or use AWS_REGION environment variable)
  • --namespace <namespace> - Kubernetes namespace (defaults to current context namespace)
  • --path <path> - Directory path to search for files (default: current directory)
  • --help, -h - Show help message

List Examples

# List all AWS secrets in your account
lowkey list --type aws-secrets-manager --region us-east-1

# List .env files in current directory
lowkey list --type env

# List JSON configuration files in a specific directory
lowkey list --type json --path ./config

# List env files in a specific directory
lowkey list --type env --path ./environments

# List Kubernetes secrets in specific namespace
lowkey list --type kubernetes --namespace production
lowkey inspect --type <type> --name <name> [options]

Inspect Options

  • --type <type> - Storage type (required)
  • --name <name> - Secret name or file path (required)
  • --show-values - Show actual secret values (default: false, shows only keys)
  • --region <region> - AWS region (or use AWS_REGION environment variable)
  • --path <path> - Directory path to search for files (default: current directory)
  • --help, -h - Show help message

Inspect Examples

# Inspect AWS secret keys only
lowkey inspect --type aws-secrets-manager --name myapp-secrets

# Inspect AWS secret with values
lowkey inspect --type aws-secrets-manager --name myapp-secrets --show-values

# Inspect JSON file
lowkey inspect --type json --name config.json

# Inspect env file with values
lowkey inspect --type env --name .env.production --show-values
lowkey interactive [options]
lowkey x [options]  # Short alias

Interactive Features

  • Fuzzy searchable interface - Navigate with arrow keys, press / to search
  • Multi-format support - Browse AWS Secrets Manager, Kubernetes secrets, .env files, and JSON files
  • Live editing - Press e to edit secrets in your preferred editor ($EDITOR or vim)
  • Real-time updates - Changes are immediately saved to AWS or local files
  • Search preservation - Search queries are preserved when navigating between views
  • Breadcrumb navigation - Use ESC to go back, with preserved context

Interactive Options

  • --region <region> - AWS region (or use AWS_REGION environment variable)
  • --namespace <namespace> - Kubernetes namespace (defaults to current context namespace)
  • --path <path> - Directory path to search for files (default: current directory)
  • --help, -h - Show help message

Interactive Navigation

  • ↑↓ or j/k - Navigate items
  • Ctrl+U/D or Ctrl+B/F - Page up/down
  • / - Enter search mode (shows cursor in search field)
  • e - Edit selected secret (env/json/AWS/Kubernetes)
  • Ctrl+S - Copy secrets (from key browser)
  • Ctrl+V - Toggle showing values vs keys only
  • Enter - Select item
  • Esc - Go back or exit search mode
  • Ctrl+C - Exit

Interactive Examples

# Launch interactive mode
lowkey interactive

# Use short alias
lowkey x

# Specify AWS region for browsing AWS secrets
lowkey interactive --region us-west-2

# Browse files in specific directory
lowkey x --path ./config

Authentication

AWS Authentication

This tool uses the AWS SDK's default credential chain for AWS Secrets Manager. It's compatible with:

  • Environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
  • AWS profiles (~/.aws/credentials)
  • IAM roles
  • aws-vault

Ensure your AWS credentials have the appropriate permissions for the commands you want to use.

Kubernetes Authentication

This tool uses kubectl and your current Kubernetes context for accessing Kubernetes secrets. Ensure you have:

  • kubectl installed and configured
  • Valid kubeconfig with access to your cluster
  • Appropriate RBAC permissions for secrets (get, list, create, update, patch)

The tool will use your current kubectl context and namespace unless overridden with the --namespace option.

Docker Usage

For detailed Docker usage examples and volume mounting instructions, see DOCKER.md.

Development

For development setup, testing, and contribution guidelines, see DEVELOPMENT.md.

Quick Start

# Install dependencies and link globally
make dev-install
make dev-link

# Run tests
make test

# Build and test Docker image
make build
make test-build

Future Support

The architecture is designed to support additional source types (e.g., Google Secret Manager, HashiCorp Vault) and output formats in future versions.

License

MIT