npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

env-all

v0.1.3

Published

Cross-project environment variable manager — store API keys once, use everywhere

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

gyperelmangyperelman

Keywords

envenvironmentdotenvapi-keysglobal

Readme

env-all

Store your API keys once. Use them in every project.

Tired of copying the same OPENAI_API_KEY into every new project's .env? env-all keeps all your keys in one place (~/.env-global/.env) and lets you pull them into any project with a single command.

npm install -g env-all

Quick Start

With Claude Code Skill

mkdir -p ~/.claude/skills/env
cp skill.md ~/.claude/skills/env/SKILL.md

Then type /env in Claude Code in any project. Claude will install env-all, scan your project for required env vars, and pull them from your global store automatically.

With the browser UI

npm install -g env-all
envall init
envall ui

This opens a split-screen editor with your global key store on the left and the current project's .env on the right. Add keys, copy values between sides, and manage everything visually.

CLI only

npm install -g env-all
envall init

# Add keys from the terminal (hidden input, not saved to shell history)
envall set OPENAI_API_KEY
envall set STRIPE_SECRET_KEY

# In any project, pull what you need
cd ~/my-project
envall pull OPENAI_API_KEY STRIPE_SECRET_KEY

env-all adds .env to your .gitignore automatically.

Why

  • One source of truth. Stop maintaining the same keys across 15 projects.
  • Rename on pull. envall pull OPENAI_API_KEY:VITE_OPENAI_API_KEY handles framework prefixes.
  • AI-friendly. AI coding assistants can scan your project, generate a .env-pull.json mapping, and pull keys automatically -- without ever seeing the actual values.
  • Zero dependencies. Just commander for CLI parsing. No runtime overhead in your projects.
  • Browser UI. envall ui opens a split-screen editor showing your global keys alongside the current project's .env.

Commands

| Command | Description | |---------|-------------| | envall init | Create ~/.env-global/ directory | | envall set KEY | Store a key (prompts for hidden input) | | envall set KEY=VALUE | Store a key (value in shell history) | | envall get KEY | Show a key (masked). Add --unmask for raw value | | envall list | List all keys with masked values | | envall rm KEY | Remove a key | | envall open | Open ~/.env-global/.env in your editor | | envall pull KEY [...] | Pull keys into project .env | | envall pull file.json | Pull keys defined in a JSON mapping file | | envall pull -i | Interactively pick keys to pull | | envall status | Show sync status for current project | | envall ui | Browser-based key manager |

All commands support --profile <name> for multiple environments (dev, staging, prod).

Pulling Keys

Basic

envall pull OPENAI_API_KEY DATABASE_URL

Rename on pull

When your framework needs a prefix:

envall pull OPENAI_API_KEY:VITE_OPENAI_API_KEY
envall pull OPENAI_API_KEY:NEXT_PUBLIC_OPENAI_API_KEY

The same global key can map to multiple project keys:

envall pull OPENAI_API_KEY OPENAI_API_KEY:VITE_OPENAI_API_KEY

Pull from a JSON mapping file

For projects with many keys or framework-specific prefixes, define a .env-pull.json once and reuse it:

{
  "mappings": {
    "OPENAI_API_KEY": "OPENAI_API_KEY",
    "VITE_OPENAI_API_KEY": "OPENAI_API_KEY",
    "NEXT_PUBLIC_STRIPE_KEY": "STRIPE_SECRET_KEY",
    "DATABASE_URL": "DATABASE_URL"
  }
}
envall pull .env-pull.json

The left side is the key name your project expects, the right side is the key name in your global store. This lets you map one global key to multiple project keys with different names (e.g. framework prefixes like VITE_, NEXT_PUBLIC_).

Commit .env-pull.json to your repo so teammates (and AI assistants) can run envall pull .env-pull.json to set up their .env in one step.

Let your AI coding agent generate it

AI coding assistants like Claude Code can create .env-pull.json automatically. The agent:

  1. Scans your project source for process.env.*, import.meta.env.*, SDK imports, and config files
  2. Reads ~/.env-global/.env.available (key names only -- never the actual values)
  3. Writes a .env-pull.json mapping project needs to your available global keys
  4. Runs envall pull .env-pull.json --skip

The agent never sees your secrets. See the AI Assistant Integration section below for setup details.

Conflict handling

When a key already exists in your project .env with a different value, env-all prompts you:

Conflict: OPENAI_API_KEY
  Local:  sk-old...
  Global: sk-new...
  [s]kip / [o]verwrite / [S]kip all / [O]verwrite all:

Or skip the prompt with --overwrite or --skip.

Profiles

Keep separate key sets for different environments:

envall set STRIPE_KEY --profile=prod
envall set STRIPE_KEY --profile=dev

envall pull STRIPE_KEY --profile=prod
envall list --profile=dev

Each profile is stored as ~/.env-global/.env.<name>.

Browser UI

envall ui

Opens a split-screen editor in your browser with your global store on the left and the current project's .env on the right. Copy values to clipboard and paste where needed -- the same flow as copying keys from an API provider dashboard.

AI Assistant Integration

env-all is designed so AI coding assistants (Claude Code, Cursor, etc.) can set up project env vars without ever reading your actual keys.

How it works

  1. ~/.env-global/.env.available contains only key names (no values), auto-generated from your store.
  2. The AI reads .env.available to see what keys you have.
  3. The AI reads your project code to determine what keys it needs.
  4. The AI writes a .env-pull.json mapping and runs envall pull .env-pull.json.
  5. The AI never sees ~/.env-global/.env or any actual values.

Claude Code skill

envall init offers to install the skill automatically. To install manually:

mkdir -p ~/.claude/skills/env
cp skill.md ~/.claude/skills/env/SKILL.md

Then run /env in any project to have Claude scan your code, generate a .env-pull.json mapping, and pull keys automatically.

Every time you modify the store (set, rm, open), env-all regenerates ~/.env-global/.env.available. This file contains one key name per line:

OPENAI_API_KEY
STRIPE_SECRET_KEY
DATABASE_URL

No values. This file is safe for AI assistants to read.

It's also regenerated at the start of pull and status, so manual edits to ~/.env-global/.env are always picked up.

  • ~/.env-global/.env is created with chmod 600 (owner read/write only).
  • envall set KEY prompts for hidden input -- the value never appears in shell history.
  • envall set KEY=VALUE warns you about shell history exposure.
  • envall get shows masked values by default. --unmask is required for raw output.
  • envall list always masks values.
  • envall pull output only shows key names, never values.
  • envall ui binds to 127.0.0.1 only, with a one-time auth token in the URL.
  • Profile names are validated to prevent path traversal.
  • .env is added to .gitignore automatically on pull.

env-all stores keys unencrypted, the same as any .env file. It is designed for local development, not production secret management.

License

MIT