{"id":13484974,"url":"https://github.com/dotenv-org/dotenv-vault","last_synced_at":"2025-05-13T23:06:27.931Z","repository":{"id":37033147,"uuid":"469636079","full_name":"dotenv-org/dotenv-vault","owner":"dotenv-org","description":"sync .env filesβ€”from the creator of `dotenv`.","archived":false,"fork":false,"pushed_at":"2024-12-04T00:47:08.000Z","size":3025,"stargazers_count":1206,"open_issues_count":56,"forks_count":35,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-05-11T11:19:15.545Z","etag":null,"topics":["dotenv","env","secrets"],"latest_commit_sha":null,"homepage":"https://www.dotenv.org","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dotenv-org.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-14T08:08:01.000Z","updated_at":"2025-05-07T06:41:12.000Z","dependencies_parsed_at":"2023-12-06T08:46:48.693Z","dependency_job_id":"f43f93a3-3919-42c2-a3c6-2daa671b2eb7","html_url":"https://github.com/dotenv-org/dotenv-vault","commit_stats":{"total_commits":655,"total_committers":5,"mean_commits":131.0,"dds":0.1145038167938931,"last_synced_commit":"59adc78ce76b581eb03ab8114663e1f3e1b31852"},"previous_names":[],"tags_count":89,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dotenv-org","download_url":"https://codeload.github.com/dotenv-org/dotenv-vault/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254040832,"owners_count":22004617,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dotenv","env","secrets"],"created_at":"2024-07-31T17:01:41.179Z","updated_at":"2025-05-13T23:06:22.919Z","avatar_url":"https://github.com/dotenv-org.png","language":"TypeScript","funding_links":[],"categories":["Typescript","TypeScript","others"],"sub_categories":[],"readme":"![dotenv.org](https://dotenv.org/banner.png)\n\n`dotenv-vault` is a cli to *sync .env files across machines, environments, and team members*.\n\n[![NPM Version](https://img.shields.io/npm/v/dotenv-vault.svg?style=flat-square)](https://npmjs.org/package/dotenv-vault)\n\n## 🌱 Install\n\nIt works with a single command. Run `npx dotenv-vault@latest push`.\n\n```sh\nnpx dotenv-vault@latest push\n```\n```\nremote: Securely pushing (.env)... done\nremote: Securely pushed development (.env)\nremote: Securely built vault (.env.vault)\n```\n\nThat's it. You securely synced your `.env` file. Next, tell your teammate to run `npx dotenv-vault@latest pull`\n\n```sh\nnpx dotenv-vault@latest pull\n```\n\nNice!\n\nSee further [usage](#%EF%B8%8F-usage) and [commands](#-commands).\n\n---\n\n#### Other Ways to Install\n\nDon't want to use [npx](https://docs.npmjs.com/cli/v7/commands/npx)? Install a number of other ways.\n\n\u003cp\u003e\u003cimg alt=\"apple icon\" src=\"https://api.iconify.design/mdi/apple.svg\" width=\"20\" /\u003e Install via \u003ca href=\"https://github.com/dotenv-org/homebrew-brew\"\u003eHomebrew\u003c/a\u003e\u003c/p\u003e\n\n```bash\n$ brew install dotenv-org/brew/dotenv-vault\n$ dotenv-vault help\n```\n\n\u003cp\u003e\u003cimg alt=\"windows icon\" src=\"https://api.iconify.design/mdi/windows.svg\" width=\"20\" /\u003e Install on \u003ca href=\"https://dotenv-vault-assets.dotenv.org\"\u003eWindows\u003c/a\u003e\u003c/p\u003e\n\n* [32-bit installer](https://dotenv-vault-assets.dotenv.org/channels/stable/dotenv-vault-x86.exe)\n* [64-bit installer](https://dotenv-vault-assets.dotenv.org/channels/stable/dotenv-vault-x64.exe)\n\n\u003cp\u003e\u003cimg alt=\"docker icon\" src=\"https://api.iconify.design/mdi/docker.svg\" width=\"20\" /\u003e Install and run commands via \u003ca href=\"https://hub.docker.com/r/dotenv/dotenv-vault\"\u003eDocker\u003c/a\u003e\u003c/p\u003e\n\n```bash\n$ docker run -w $(pwd) -v $(pwd):$(pwd) -it dotenv/dotenv-vault help\n```\n\n\u003ca href=\"https://www.dotenv.org/install/\"\u003eLearn more about installation\u003c/a\u003e\n\n## πŸ—οΈ Usage\n\nWhen you make a change to your `.env` file, push it up.\n\n```bash\n$ npx dotenv-vault@latest push\n```\n\nCommit your `.env.vault` file safely to code.\n\n```bash\n$ git add .env.vault\n$ git commit -am \"Add .env.vault\"\n$ git push\n```\n\nNow your teammate can pull the latest `.env` changes.\n\n```bash\n$ git pull\n$ npx dotenv-vault@latest pull\n```\n\nThat's it!\n\n\u003ca href=\"https://www.dotenv.org/docs/quickstart?r=1\"\u003eLearn more about usage\u003c/a\u003e\n\n## πŸš€ Deploying\n\nStop scattering your production secrets across multiple third-parties and tools. Instead, use an encrypted `.env.vault` file.\n\nGenerate your encrypted `.env.vault` file.\n\n```bash\n$ npx dotenv-vault@latest build\n```\n\nFetch your production `DOTENV_KEY`.\n\n```bash\n$ npx dotenv-vault@latest keys production\nremote: Listing .env.vault decryption keys... done\ndotenv://:key_1234…@dotenv.org/vault/.env.vault?environment=production\n```\n\nSet `DOTENV_KEY` on your server.\n\n```bash\n# heroku example\nheroku config:set DOTENV_KEY=dotenv://:key_1234…@dotenv.org/vault/.env.vault?environment=production\n```\n\nCommit your `.env.vault` file safely to code and deploy.\n\n```bash\n$ git add .env.vault\n$ git commit -am \"Update .env.vault\"\n$ git push\n$ git push heroku main # heroku example\n```\n\nThat's it! On deploy, your `.env.vault` file will be decrypted and its secrets injected as environment variables – just in time.\n\n\u003ca href=\"https://www.dotenv.org/docs/quickstart?r=1\"\u003eLearn more about deploying\u003c/a\u003e\n\n## 🌴 Manage Multiple Environments\n\nAfter you've pushed your `.env` file, dotenv-vault automatically sets up multiple environments. Manage multiple environments with the included UI. [learn more](/docs/tutorials/environments)\n\n```\n$ npx dotenv-vault@latest open production\n```\n\nThat's it! Manage your ci, staging, and production secrets from there.\n\nWould you also like to pull your production `.env` to your machine? Run the command:\n\n```\n$ npx dotenv-vault@latest pull production\n```\n\nℹ️ **πŸ” Vault Managed vs πŸ’» Locally Managed**: The above example, for brevity's sake, used the πŸ” Vault Managed solution to manage your `.env.vault` file. You can instead use the πŸ’» Locally Managed solution. [See the faq further below](#how-do-i-use--locally-managed-dotenv-vault). Our vision is that other platforms and orchestration tools adopt the `.env.vault` standard as they did the `.env` standard. We don't expect to be the only ones providing tooling to manage and generate `.env.vault` files.\n\n\u003ca href=\"https://www.dotenv.org/docs/tutorials/environments?r=1\"\u003eLearn more about environments\u003c/a\u003e\n\n## πŸ“š Examples\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/platforms/vercel\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/vercel.svg\" alt=\"Vercel\", width=\"20\" /\u003e\n Vercel\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/platforms/heroku\"\u003e\n \u003cimg src=\"https://api.iconify.design/skill-icons/heroku.svg\" alt=\"Heroku\", width=\"20\" /\u003e\n Heroku\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/cis/github-actions\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/github.svg\" alt=\"GitHub\", width=\"20\" /\u003e\n GitHub Actions\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/gitlab-ci\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/gitlab.svg\" alt=\"GitLab\", width=\"20\" /\u003e\n GitLab CI/CD\n \u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/platforms/netlify\"\u003e\n \u003cimg src=\"https://api.iconify.design/skill-icons/netlify-light.svg\" alt=\"Netlify\", width=\"20\" /\u003e\n Netlify\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/platforms/docker\"\u003e\n \u003cimg src=\"https://api.iconify.design/skill-icons/docker.svg\" alt=\"Docker\", width=\"20\" /\u003e\n Docker\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/express/docker-compose\"\u003e\n \u003cimg src=\"https://api.iconify.design/skill-icons/docker.svg\" alt=\"Docker Compose\", width=\"20\" /\u003e\n Docker Compose\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/cis/circleci\"\u003e\n \u003cimg src=\"https://api.iconify.design/logos/circleci.svg\" alt=\"CircleCI\", width=\"20\" /\u003e\n CircleCI\n \u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/serverless/aws-lambda\"\u003e\n \u003cimg src=\"https://api.iconify.design/logos/serverless.svg\" alt=\"Serverless\", width=\"20\" /\u003e\n Serverless\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/railway\"\u003e\n \u003cimg src=\"https://api.iconify.design/simple-icons/railway.svg\" alt=\"Railway\", width=\"20\" /\u003e\n Railway\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/render\"\u003e\n \u003cimg src=\"https://api.iconify.design/simple-icons/render.svg\" alt=\"Render\", width=\"20\" /\u003e\n Render\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/travis-ci\"\u003e\n \u003cimg src=\"https://api.iconify.design/simple-icons/travisci.svg\" alt=\"Travis CI\", width=\"20\" /\u003e\n Travis CI\n \u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/cis/google-cloud-build\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/googlecloud.svg\" alt=\"Google Cloud\", width=\"20\" /\u003e\n Google Cloud\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/platforms/fly\"\u003e\n \u003cimg src=\"https://api.iconify.design/logos/fly-icon.svg\" alt=\"Fly.io\", width=\"20\" /\u003e\n Fly.io\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/addons/slack\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/slack.svg\" alt=\"dotenv-vault + Slack\", width=\"20\" /\u003e\n Slack\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/buddy\"\u003e\n \u003cimg src=\"https://api.iconify.design/logos/buddy.svg\" alt=\"Buddy\", width=\"20\" /\u003e\n Buddy\n \u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/cloud66\"\u003e\n \u003cimg src=\"https://api.iconify.design/simple-icons/cloud66.svg\" alt=\"Cloud66\", width=\"20\" /\u003e\n Cloud66\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/digital-ocean\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/digitalocean.svg\" alt=\"Digital Ocean\", width=\"20\" /\u003e\n Digital Ocean\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/dagger\"\u003e\n \u003cimg src=\"https://dagger.io/img/logo-alt-2.svg\" alt=\"Dagger\", width=\"20\" /\u003e\n Dagger\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/bitbucket\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/bitbucket.svg\" alt=\"Bitbucket\", width=\"20\" /\u003e\n Bitbucket\n \u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/nodejs.svg\" alt=\"Node.js\", width=\"20\" /\u003e\n Node.js\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/express\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/express.svg\" alt=\"Express\", width=\"20\" /\u003e\n Express\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/nextjs\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/nextjs.svg\" alt=\"NextJS\", width=\"20\" /\u003e\n NextJS\n \u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/remix\"\u003e\n \u003cimg src=\"https://api.iconify.design/skill-icons/remix-dark.svg\" alt=\"Remix\", width=\"20\" /\u003e\n Remix\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/astro/netlify\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/astro.svg\" alt=\"Astro\", width=\"20\" /\u003e\n Astro\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/rails\"\u003e\n \u003cimg src=\"https://api.iconify.design/logos/rails.svg\" alt=\"Rails\", width=\"20\" /\u003e\n Rails\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/ruby\"\u003e\n \u003cimg src=\"https://api.iconify.design/logos/ruby.svg\" alt=\"Ruby\", width=\"20\" /\u003e\n Ruby\n \u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/sinatra/heroku\"\u003e\n \u003cimg src=\"https://api.iconify.design/logos/sinatra.svg\" alt=\"Sinatra\", width=\"20\" /\u003e\n Sinatra\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/flask/heroku\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/flask.svg\" alt=\"Flask\", width=\"20\" /\u003e\n Flask\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/python\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/python.svg\" alt=\"Python\", width=\"20\" /\u003e\n Python\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/integrations/supabase/nodejs?r=1\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/supabase.svg\" alt=\"Supabase\", width=\"20\" /\u003e\n Supabase\n \u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/languages/nodejs/pulumi\"\u003e\n \u003cimg src=\"https://api.iconify.design/vscode-icons/file-type-pulumi.svg\" alt=\"Pulumi\", width=\"20\" /\u003e\n Pulumi\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/angular/vercel\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/angular.svg\" alt=\"Angular\", width=\"20\" /\u003e\n Angular\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/nuxtjs\"\u003e\n \u003cimg src=\"https://api.iconify.design/logos/nuxt-icon.svg\" alt=\"Nuxt\", width=\"20\" /\u003e\n Nuxt\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"left\" valign=\"middle\"\u003e\n \u003ca href=\"https://www.dotenv.org/docs/frameworks/vite/vercel\"\u003e\n \u003cimg src=\"https://api.iconify.design/devicon/vite.svg\" alt=\"Vite\", width=\"20\" /\u003e\n Vite\n \u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n\u003ca href=\"https://www.dotenv.org/docs/\"\u003eSee more integration guides\u003c/a\u003e\n\n## πŸ“– Commands\n\n```\n$ npx dotenv-vault@latest help\n```\n\n* [new](#new)\n* [login](#login)\n* [logout](#logout)\n* [push](#push)\n* [pull](#pull)\n* [open](#open)\n* [whoami](#whoami)\n* [build](#build)\n* [keys](#keys)\n* [rotatekey](#rotatekey)\n* [decrypt](#decrypt)\n* [versions](#versions)\n* [local](#local-build)\n * [local build](#local-build) \n * [local decrypt](#local-decrypt) \n * [local keys](#local-keys) \n\n### `new`\n\nCreate your project at Dotenv Vault.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest new\n```\n\n##### ARGUMENTS\n\n*[DOTENV_VAULT]*\n\nSet .env.vault identifier. Defaults to generated value.\n\n```\n$ npx dotenv-vault@latest new vlt_6beaae5…\nlocal: Adding .env.vault (DOTENV_VAULT)... done\nlocal: Added to .env.vault (DOTENV_VAULT=vlt_6beaa...)\n```\n\n##### FLAGS\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n---\n\n### `login`\n\nLog in to dotenv-vault.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest login\n```\n\n##### ARGUMENTS\n\n*[DOTENV_ME]*\n\nSet .env.me identifier. Defaults to generated value.\n\n```\n$ npx dotenv-vault@latest login me_00c7fa…\n```\n\n##### FLAGS\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n```\n$ npx dotenv-vault@latest login -y\n```\n\n---\n\n### `logout`\n\nLog out of dotenv-vault.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest logout\n```\n\n##### FLAGS\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n```\n$ npx dotenv-vault@latest logout -y\n```\n\n---\n\n### `push`\n\nPush `.env` securely.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest push\n```\n\n##### ARGUMENTS\n\n*[ENVIRONMENT]*\n\nSet environment to push to. Defaults to development\n\n```\n$ npx dotenv-vault@latest push production\n```\n\n*[FILENAME]*\n\nSet input filename. Defaults to .env for development and .env.{environment} for other environments\n\n```\n$ npx dotenv-vault@latest push production .env.production\n```\n\n##### FLAGS\n\n*-m, --dotenvMe*\n\nPass .env.me (DOTENV_ME) credential directly (rather than reading from .env.me file)\n\n```\n$ npx dotenv-vault@latest push --dotenvMe=me_b1831e…\n```\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n```\n$ npx dotenv-vault@latest push -y\n```\n\n---\n\n### `pull`\n\nPull `.env` securely.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest pull\n```\n\n##### ARGUMENTS\n\n*[ENVIRONMENT]*\n\nSet environment to pull from. Defaults to development\n\n```\n$ npx dotenv-vault@latest pull production\n```\n\n*[FILENAME]*\n\nSet output filename. Defaults to .env for development and .env.{environment} for other environments\n\n```\n$ npx dotenv-vault@latest pull production .env.production\n```\n\n##### FLAGS\n\n*-m, --dotenvMe*\n\nPass .env.me (DOTENV_ME) credential directly (rather than reading from .env.me file)\n\n```\n$ npx dotenv-vault@latest pull --dotenvMe=me_b1831e…\n```\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n```\n$ npx dotenv-vault@latest pull -y\n```\n\nIf you want to pull a specific version you can do so. For example,\n\n```\nnpx dotenv-vault@latest pull development@v14\n```\n\n---\n\n### `open`\n\nOpen project page.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest open\n```\n\n##### ARGUMENTS\n\n*[ENVIRONMENT]*\n\nSet environment to open to. Defaults to development.\n\n```\n$ npx dotenv-vault@latest open production\n```\n\n##### FLAGS\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n```\n$ npx dotenv-vault@latest open -y\n```\n\n---\n\n### `whoami`\n\nDisplay the current logged in user.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest whoami\n```\n\n##### FLAGS\n\n*-m, --dotenvMe*\n\nPass .env.me (DOTENV_ME) credential directly (rather than reading from .env.me file)\n\n```\n$ npx dotenv-vault@latest whoami dotenvMe=me_b1831e…\n```\n\n---\n\n### `build`\n\nBuild .env.vault file.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest build\n```\n\n##### FLAGS\n\n*-m, --dotenvMe*\n\nPass .env.me (DOTENV_ME) credential directly (rather than reading from .env.me file)\n\n```\n$ npx dotenv-vault@latest build dotenvMe=me_b1831e…\n```\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n```\n$ npx dotenv-vault@latest build -y\n```\n\n---\n\n### `keys`\n\nList .env.vault decryption keys.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest keys\n```\n\n##### ARGUMENTS\n\n*[ENVIRONMENT]*\n\nSet environment. Defaults to all.\n\n```\n$ npx dotenv-vault@latest keys production…\nremote: Listing .env.vault decryption keys... done\ndotenv://:key_899..@dotenv.org/vault/.env.vault?environment=production\n```\n\n##### FLAGS\n\n*-m, --dotenvMe*\n\nPass .env.me (DOTENV_ME) credential directly (rather than reading from .env.me file)\n\n```\n$ npx dotenv-vault@latest keys dotenvMe=me_b1831e…\n```\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n```\n$ npx dotenv-vault@latest keys -y\n```\n\n---\n\n### `rotatekey`\n\nRotate DOTENV_KEY.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest rotatekey production\n```\n\n##### FLAGS\n\n*-m, --dotenvMe*\n\nPass .env.me (DOTENV_ME) credential directly (rather than reading from .env.me file)\n\n```\n$ npx dotenv-vault@latest rotatekey dotenvMe=me_b1831e…\n```\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n```\n$ npx dotenv-vault@latest rotatekey -y\n```\n\n---\n\n### `decrypt`\n\nDecrypt .env.vault locally.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest decrypt dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=development\n```\n\n##### ARGUMENTS\n\n*[DOTENV_KEY]*\n\nSet `DOTENV_KEY` to decrypt .env.vault. Development key will decrypt development, production will decrypt production, and so on.\n\n```\n$ npx dotenv-vault@latest decrypt dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=development\n```\n\n---\n\n### `versions`\n\nList version history.\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest versions\n```\n\n##### ARGUMENTS\n\n*[ENVIRONMENT]*\n\nSet environment to check versions against. Defaults to development.\n\n```\n$ npx dotenv-vault@latest versions production\n```\n\n##### FLAGS\n\n*-m, --dotenvMe*\n\nPass .env.me (DOTENV_ME) credential directly (rather than reading from .env.me file)\n\n```\n$ npx dotenv-vault@latest versions dotenvMe=me_b1831e…\n```\n\n*-y, --yes*\n\nAutomatic yes to prompts. Assume yes to all prompts and run non-interactively.\n\n```\n$ npx dotenv-vault@latest versions -y\n```\n\nIf you want to pull a specific version you can do so. For example,\n\n```\nnpx dotenv-vault@latest pull development@v14\n```\n\n---\n\n### `local build`\n\nBuild .env.vault from local only\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest local build\n```\n\nThis will encrypt the contents of your `.env` file and any `.env.ENVIRONMENT` files you have locally into your `.env.vault` file.\n\n### `local decrypt`\n\nDecrypt .env.vault from local only\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest local decrypt dotenv://:key_1234@dotenv.local/vault/.env.vault?environment=development\n```\n\n##### ARGUMENTS\n\n*[DOTENV_KEY]*\n\nSet `DOTENV_KEY` to decrypt .env.vault. Development key will decrypt development, production will decrypt production, and so on.\n\n```\n$ npx dotenv-vault@latest local decrypt dotenv://:key_1234@dotenv.local/vault/.env.vault?environment=development\n```\n\n### `local keys`\n\nList .env.vault local decryption keys from .env.keys file\n\nExample:\n\n```bash\n$ npx dotenv-vault@latest local keys\nlocal: Listing .env.vault decryption keys from .env.keys... done\n environment DOTENV_KEY\n ─────────── ────────────────────────────────────────────────────────────────────────────────────────────────────────\n develompent dotenv://:key_33ee..@dotenv.local/vault/.env.va…\n production dotenv://:key_7038..@dotenv.local/vault/.env.va…\n```\n\n##### ARGUMENTS\n\n*[ENVIRONMENT]*\n\nSet `ENVIRONMENT` to output a single environment's DOTENV_KEY.\n\n```\n$ npx dotenv-vault@latest local keys development…\nlocal: Listing .env.vault decryption keys from .env.keys... done\ndotenv://:key_a682c..@dotenv.local/vault/.env.vault?environment=development\n```\n\n## ❓ FAQ\n\n### Why is the `.env.vault` file not decrypting my environment variables successfully?\n\nFirst, make sure you are using `dotenv@16.1.0` or greater. (If you are using a different language make sure you have installed one of its [libraries](#what-languages-does-this-work-with).)\n\nSecond, test decryption is working locally.\n\n```bash\n$ npx dotenv-vault@latest decrypt dotenv://:key_1234..@dotenv.local/vault/.env.vault?environment=production\n# outputs environment variables\n```\n\nThird, test decryption on boot is working locally.\n\n```bash\n$ DOTENV_KEY='dotenv://:key_1234..@dotenv.local/vault/.env.vault?environment=production' npm start\n# boots your app with production envs\n```\n\n### Should I commit my `.env.vault` file?\n\nYes. It is safe and recommended to do so. DO commit your `.env.vault` file to code. DO NOT commit your `.env` file. The `.env.vault` file contains ciphertext generated using AES-256. AES-256 is trusted by the US Government to transmit top-secret information and has a brute-force timescale of about a billion years.\n\n### I accidentally leaked my `DOTENV_KEY`, what can I do? \n\nDoes that attacker also have access to your `.env.vault` file?\n\n* No: good, the attacker cannot do any damage. They need both the `DOTENV_KEY` and `.env.vault` file to access your secrets. This extra layer of security sets the `.env.vault` file apart as a superior solution to other SecretOps solutions.\n* Yes: IMMEDIATELY start rotating your secrets at your third-party API providers. This scenario would be the same no matter what SecretOps solution you use.\n\nAfter completing the above, rotate your `DOTENV_KEY` using the [rotatekey](#rotatekey) command, rebuild your `.env.vault` file, and redeploy.\n\n### Is it safe to store my secrets with dotenv-vault?\n\nIt safer than scattering your secrets across multiple cloud providers. Those providers are focused on code deployment and server performance over secrets security.[1]\n\nDotenv Vault's singular focus is secrets security, and as a result we go to great lengths to make sure your secrets are safe. Afterall, we keep our secrets here too.[2]\n\n* [[1] CircleCI Breach](https://techcrunch.com/2023/01/05/circleci-breach/)\n* [[2] Security at Dotenv Vault](https://www.dotenv.org/security)\n\n### What languages does this work with?\n\nThe `.env.vault` file and its encryption algorithm is language-agnostic so technically it works with any language. We've built convenience libraries for it in a handful of languages and are adding more quickly.\n\n* [Go](https://github.com/dotenv-org/godotenvvault)\n* [Kotlin](https://github.com/dotenv-org/dotenv-vault-kotlin)\n* [NodeJS](https://github.com/motdotla/dotenv)\n* [PHP](https://github.com/dotenv-org/phpdotenv-vault)\n* [Python](https://github.com/dotenv-org/python-dotenv-vault)\n* [Ruby](https://github.com/dotenv-org/dotenv-vault-ruby)\n\n### How do I use πŸ’» Locally Managed dotenv-vault?\n\nThere are a series of **πŸ’» Locally Managed** commands available to you. Locally managed never makes a remote API call. It is completely managed on your machine.\n\n**πŸ” Vault Managed** adds conveniences like backing up your .env file, secure sharing across your team, access permissions, and version history.\n\n**πŸ’» Locally Managed** is a good choice for someone who would prefer to handle this coordination themselves and does not want to trust Dotenv Vault with their secrets. \n\n\u003ca href=\"https://www.youtube.com/watch?v=Ad7Wl8iC3Rs\"\u003e\n\u003cdiv align=\"right\"\u003e\n\u003cimg src=\"https://img.youtube.com/vi/Ad7Wl8iC3Rs/hqdefault.jpg\" alt=\"how to deploy with a .env.vault file video tutorial\" align=\"right\" width=\"330\" /\u003e\n\u003cimg src=\"https://simpleicons.vercel.app/youtube/ff0000\" alt=\"youtube/@dotenvorg\" align=\"right\" width=\"24\" /\u003e\n\u003c/div\u003e\n\u003c/a\u003e\n\nHere's how it works.\n\nGenerate your `.env.vault` file.\n\n```shell\n$ npx dotenv-vault@latest local build\n```\n\nThis creates two files:\n\n* `.env.vault` - encrypted contents of .env* file(s)\n* `.env.keys` - decryption key(s)\n\nBoot using `.env.vault`.\n\n```\n$ DOTENV_KEY=\u003ckey string from .env.keys\u003e npm start\n\n[dotenv@16.1.0][INFO] Loading env from encrypted .env.vault\n```\n\nGreat! Next, set the `DOTENV_KEY` on your server. For example in heroku:\n\n```shell\n$ heroku config:set DOTENV_KEY=\u003ckey string from .env.keys\u003e\n```\n\nCommit your `.env.vault` file safely to code and deploy.\n\nYour `.env.vault` is decrypted on boot, its environment variables injected, and your app works as expected.\n\nCongratulations, your secrets are now much safer than scattered across multiple servers and cloud providers!\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md)\n\n## Changelog\n\nSee [CHANGELOG.md](CHANGELOG.md)\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotenv-org%2Fdotenv-vault","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdotenv-org%2Fdotenv-vault","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotenv-org%2Fdotenv-vault/lists"}