npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

envilder

v0.7.3

Published

A CLI that securely centralizes your environment variables from AWS SSM as a single source of truth

Downloads

2,104

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

macalbertmacalbert

Keywords

envdotenvawsssmparameter-storeclienvironmentsecretsautomationconfigaws-clidevopsci-cdsecureenvfilegithub-actionsgithub-actionactions

Readme

🗝️ Envilder ☁️

Why centralize environment variables?

Envilder is a CLI tool for .env automation, AWS SSM secrets management, and secure environment variable sync. Generating and maintaining consistent .env files is a real pain point for any development team. From outdated secrets to insecure practices, the risks are tangible. Envilder eliminates these pitfalls by centralizing and automating secret management across real-world environments (dev, test, production) in a simple, secure, and efficient way. Use Envilder to automate .env files, sync secrets with AWS Parameter Store, and streamline onboarding and CI/CD workflows.

❗ What Envilder solves

  • Desync between environments (dev, prod)
  • Secrets not properly propagated across team members
  • CI/CD pipeline failures due to outdated or missing .env files
  • Slow and manual onboarding processes
  • Security risks from sharing secrets via Slack, email, or other channels
  • Insecure .env practices and manual secret sharing

✅ How Envilder makes life easier

  • 🛡️ Centralizes secrets in AWS Parameter Store
  • ⚙️ Generates .env files automatically for every environment
  • 🔄 Applies changes idempotently and instantly
  • 🔐 Improves security: no need to share secrets manually; everything is managed via AWS SSM
  • 👥 Simplifies onboarding and internal rotations
  • 🚀 Enables cloud-native, infrastructure-as-code secret management
  • 🤖 Perfect for DevOps, CI/CD, and team sync

📚 Table of Contents

⚙️ Features

  • 🔒 Strict access control — IAM policies define access to secrets across stages (dev, staging, prod)
  • 📊 Auditable — All reads/writes are logged in AWS CloudTrail
  • 🧩 Single source of truth — No more Notion, emails or copy/paste of envs
  • 🔁 Idempotent sync — Only what’s in your map gets updated. Nothing else is touched
  • 🧱 Zero infrastructure — Fully based on native AWS SSM. No Lambdas, no servers, no fuss

🧱 Feature Status

  • 🤖 GitHub ActionIntegrate directly in CI/CD workflows
  • 📤 Push & Pull — Bidirectional sync between local .env and AWS SSM
  • 🎯 AWS Profile support — Use --profile flag for multi-account setups

💾 Installation

🛠 Requirements:

  • Node.js v20+ (cloud-native compatible)
  • AWS CLI installed and configured
  • IAM user/role with ssm:GetParameter, ssm:PutParameter
pnpm add -g envilder

💡 New to AWS SSM? AWS Systems Manager Parameter Store provides secure storage for configuration data and secrets:

🤖 GitHub Action

Use Envilder directly in your CI/CD workflows with our official GitHub Action:

- name: Configure AWS Credentials
  uses: aws-actions/configure-aws-credentials@v5
  with:
    role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
    aws-region: us-east-1

- name: Pull secrets from AWS SSM
  uses: macalbert/envilder/[email protected]
  with:
    map-file: param-map.json
    env-file: .env

📖 View full GitHub Action documentation

🚀 Quick Start

🎥 Video Demonstration

Watch how easy it is to automate your .env management in less than 1 minute:

Watch the video

🏁 Get Started (3 steps)

After configuring the AWS CLI and ensuring you have the necessary permissions to create SSM parameters, you can begin pushing your first environment variables.

  1. Create a mapping file:

    {
  "DB_PASSWORD": "/my-app/db/password"
}

  2. Push a secret to AWS SSM:

    envilder --push --key=DB_PASSWORD --value=12345 --ssm-path=/my-app/db/password

Once your secrets are stored in AWS, you can easily generate or synchronize your local .env files:

  1. Generate your .env file from AWS SSM:

    envilder --map=param-map.json --envfile=.env

Your secrets are now managed and versioned from AWS SSM. Add .env to your .gitignore for security. Envilder is designed for automation, onboarding, and secure cloud-native workflows.

📚 Quick Links

🛠️ How it works

graph LR
    A["Mapping File<br/>(param-map.json)"] --> B[Envilder]:::core
    C["Environment File<br/> '.env' or --key"] --> B
    D["AWS Credentials"]:::aws --> B
    E["AWS SSM"]:::aws --> B
    B --> F["Pull/Push Secrets 💾"]

    classDef aws fill:#ffcc66,color:#000000,stroke:#333,stroke-width:1.5px;
    classDef core fill:#1f3b57,color:#fff,stroke:#ccc,stroke-width:2px;
  1. Create a new .env file like 'ENV_VAR=12345'
  2. Define mappings in a JSON file : {"ENV_VAR": "ssm/path"}
  3. Run Envilder: --push to upload, or --map + --envfile to generate
  4. Envilder syncs secrets securely with AWS SSM Parameter Store using your AWS credentials
  5. Result: your secrets are always up-to-date, secure, and ready for any environment

Frequently Asked Questions (FAQ)

Q: What is Envilder?
A: Envilder is a CLI tool for automating .env and secret management using AWS SSM Parameter Store.

Q: How does Envilder improve security?
A: Secrets are never stored in code or shared via chat/email. All secrets are managed and synced securely via AWS SSM.

Q: Can I use Envilder in CI/CD pipelines?
A: Yes! Envilder is designed for automation and works seamlessly in CI/CD workflows.

Q: Does Envilder support multiple AWS profiles?
A: Yes, you can use the --profile flag to select different AWS credentials.

Q: What environments does Envilder support?
A: Any environment supported by AWS SSM—dev, test, staging, production, etc.

Q: Is Envilder open source?
A: Yes, licensed under MIT.

🏁 Roadmap

We're continuously improving Envilder based on community feedback. Upcoming features include:

  • 🔌 Multi-backend support (Azure Key Vault, HashiCorp Vault, etc.)
  • 🔍 Check/sync mode for drift detection
  • 🧠 Auto-discovery for bulk parameter fetching

👉 View full roadmap with priorities

🤝 Contributing

All help is welcome — PRs, issues, ideas!

📜 License

MIT © Marçal Albert
See LICENSE | CHANGELOG | Security Policy