npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@ndusunday/envsync

v1.0.3

Published

Sync environment variables across your team — CLI tool

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

ndusundayndusunday

Keywords

envdotenvsyncclidevopsenvironment-variables

Readme

@ndusunday/envsync

CLI tool for EnvSync — sync environment variables securely across your team.

Variables are encrypted with AES-256-GCM before leaving your machine. The server stores only ciphertext — plaintext secrets are never persisted.

Installation

# Global install (recommended)
npm install -g @ndusunday/envsync

# One-liner installer
curl -sSfL https://raw.githubusercontent.com/SunnyBe/envsync/main/install.sh | bash

# Run without installing
npx @ndusunday/envsync --help

Requires Node.js ≥ 18

Once installed, the command is simply envsync regardless of how you installed it.

Getting started

1. Get an API token

Sign up at the EnvSync dashboard to receive an API token, or run a self-hosted instance.

2. Log in

envsync login --token YOUR_API_TOKEN

The CLI defaults to the hosted API at:

https://envsync-backend-production.up.railway.app

If you self-host EnvSync, point to your instance:

envsync login --token YOUR_API_TOKEN --api-url https://your-envsync.example.com

Your token is stored locally at ~/.envsync/config.json. It is never sent anywhere except to the configured API URL.

3. Create or find your project ID

# List all your projects
envsync project list

# Or create a new one
envsync project create my-app

4. Push variables

From a directory containing a .env file:

envsync push --project <project-id> --env development

5. Pull variables

envsync pull --project <project-id> --env development

This writes (or overwrites) a .env file in the current directory.

Commands

envsync login

envsync login --token <token> [--api-url <url>]

| Option | Required | Description | | ----------- | -------- | ------------------------------------------------------ | | --token | Yes | Your API token | | --api-url | No | API base URL (defaults to the public EnvSync instance) |

envsync logout

Removes your locally stored token (~/.envsync/config.json).

envsync whoami

Shows your current login status, configured API URL, and masked token.

envsync push

envsync push --project <name|id> --env <environment> [--file <path>]

Reads variables from a .env file and uploads them to EnvSync.

| Option | Required | Description | | ----------- | -------- | ----------------------------------------------------------------- | | --project | Yes | Project name or ID (from envsync project list or the dashboard) | | --env | Yes | Target environment: development, staging, or production | | --file | No | Path to the .env file (default: .env in current directory) |

envsync pull

envsync pull --project <name|id> --env <environment> [--file <path>]

Downloads variables from EnvSync and writes them to a .env file.

| Option | Required | Description | | ----------- | -------- | ------------------------------------------------------------- | | --project | Yes | Project name or ID | | --env | Yes | Source environment: development, staging, or production | | --file | No | Output path (default: .env in current directory) |

envsync project

Manage projects from the terminal.

envsync project list                              # List all your projects
envsync project create <name>                     # Create a new project
envsync project get <name|id>                     # Show project details
envsync project update <name|id> --name <name>    # Rename a project
envsync project delete <name|id>                  # Delete a project

envsync help [command]

Show help for a specific command:

envsync help push
envsync help project
envsync --help

envsync --version / -V

Print the installed version.

Value quoting

The CLI automatically quotes .env values that contain spaces, #, ", or newlines when writing the output file, ensuring they round-trip correctly on the next push.

Security notes

  • Your API token is stored in ~/.envsync/config.json on disk. Protect this file as you would any credential.
  • Encryption is handled server-side using AES-256-GCM; the server stores only iv:ciphertext:authTag.
  • API tokens are stored as SHA-256 hashes on the server — the plaintext token is never persisted after registration.
  • Always add .env to your .gitignore.

License

MIT