{"id":18842677,"url":"https://github.com/dotenv-org/dotenv-vault-core","last_synced_at":"2025-10-10T00:33:43.689Z","repository":{"id":61613623,"uuid":"553214968","full_name":"dotenv-org/dotenv-vault-core","owner":"dotenv-org","description":"DEPRECATED: Use motdotla/dotenv which added support for .env.vault May 30, 2023.","archived":false,"fork":false,"pushed_at":"2023-05-30T18:57:08.000Z","size":352,"stargazers_count":9,"open_issues_count":2,"forks_count":4,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-27T21:12:48.510Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://github.com/motdotla/dotenv","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dotenv-org.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-17T22:33:18.000Z","updated_at":"2024-06-27T22:32:38.000Z","dependencies_parsed_at":"2024-06-18T19:54:11.461Z","dependency_job_id":"355ecde7-6f21-41a7-8556-d3497a280d6b","html_url":"https://github.com/dotenv-org/dotenv-vault-core","commit_stats":{"total_commits":26,"total_committers":2,"mean_commits":13.0,"dds":0.07692307692307687,"last_synced_commit":"72e72196c647657de52e4dbc2e837c56c3c6b01d"},"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault-core","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault-core/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault-core/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault-core/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dotenv-org","download_url":"https://codeload.github.com/dotenv-org/dotenv-vault-core/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248839435,"owners_count":21169816,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-08T02:55:26.899Z","updated_at":"2025-10-10T00:33:38.653Z","avatar_url":"https://github.com/dotenv-org.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"**THIS LIBRARY IS DEPRECATED. USE [dotenv \u003e= 16.1.0](https://github.com/motdotla/dotenv) instead. It added first-class support for decrypting .env.vault files as of May 30, 2023.**\n\n# dotenv-vault-core [![NPM version](https://img.shields.io/npm/v/dotenv-vault-core.svg?style=flat-square)](https://www.npmjs.com/package/dotenv-vault-core)\n\n\u003cimg src=\"https://raw.githubusercontent.com/motdotla/dotenv/master/dotenv.svg\" alt=\"dotenv-vault\" align=\"right\" width=\"200\" /\u003e\n\nExtends the proven \u0026 trusted foundation of [dotenv](https://github.com/motdotla/dotenv), with a `.env.vault` file.\n\nThe extended standard lets you sync your `.env` files – quickly \u0026 securely. Stop sharing them over insecure channels like Slack and email, and never lose an important `.env` file again.\n\nYou need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.\n\n**[Create your account](https://dotenv.org/signup)**\n\n## Install\n\n```bash\n# install locally (recommended)\nnpm install dotenv-vault-core --save\n```\n\nOr installing with yarn? `yarn add dotenv-vault-core`\n\n## Usage\n\n### `.env`\n\nBasic usage works just like [dotenv](https://github.com/motdotla/dotenv).\n\nCreate a .env file in the root of your project:\n\n```dosini\nS3_BUCKET=YOURS3BUCKET\nSECRET_KEY=YOURSECRETKEYGOESHERE\n```\n\nAs early as possible in your application, import and configure dotenv:\n\n```javascript\nrequire('dotenv-vault-core').config()\nconsole.log(process.env) // remove this after you've confirmed it is working\n```\n\nThat's it. `process.env` now has the keys and values you defined in your `.env` file:\n\n\n```javascript\nrequire('dotenv-vault-core').config()\n\n...\n\ns3.getBucketCors({Bucket: process.env.S3_BUCKET}, function(err, data) {})\n```\n\n### `.env.vault`\n\nExtended usage uses a `.env.vault` file that allows you to sync your secrets across machines, team members, and environments.\n\nUsage is similar to git. In the same directory as your `.env` file, run the command:\n\n```shell\nnpx dotenv-vault new\n```\n\nFollow those instructions and then run:\n\n```shell\n$ npx dotenv-vault login\n```\n\nThen run push and pull:\n\n```shell\n$ npx dotenv-vault push\n$ npx dotenv-vault pull\n```\n\nThat's it!\n\nYou just synced your `.env` file. Commit your `.env.vault` file to code, and tell your teammates to run `npx dotenv-vault pull`.\n\n### Custom Path (Monorepos)\n\nIf you need to specify a custom path, for example in a monorepo, you can specify a `path` param in the `config()` call. \n\n```\nrequire('dotenv-vault-core').config('apps/some-app/.env.vault')\n```\n\n## Multiple Environments\n\nRun the command:\n\n```shell\n$ npx dotenv-vault open production\n```\n\nIt will open up an interface to manage your production environment variables.\n\n## Build \u0026 Deploy Anywhere\n\nBuild your encrypted `.env.vault`:\n\n```shell\n$ npx dotenv-vault build\n```\n\nSafely commit and push your changes:\n\n```shell\n$ git commit -am \"Updated .env.vault\"\n$ git push\n```\n\nObtain your `DOTENV_KEY`:\n\n```shell\n$ npx dotenv-vault keys\n```\n\nSet `DOTENV_KEY` on your infrastructure. For example, on Heroku:\n\n```shell\n$ heroku config:set DOTENV_KEY=\"dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=production\"\n```\n\nAll set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.\n\nMade a change to your production envs? Run `npx dotenv-vault build`, commit that safely to code, and deploy. It's simple and safe like that.\n\n## Dotenv.org\n\n**[Create your account](https://dotenv.org/signup)**\n\nYou need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.\n\n![](https://api.checklyhq.com/v1/badges/checks/c2fee99a-38e7-414e-89b8-9766ceeb1927?style=flat\u0026theme=dark\u0026responseTime=true)\n![](https://api.checklyhq.com/v1/badges/checks/4f557967-1ed1-486a-b762-39a63781d752?style=flat\u0026theme=dark\u0026responseTime=true)\n\u003cbr\u003e\n![](https://api.checklyhq.com/v1/badges/checks/804eb6fa-6599-4688-a649-7ff3c39a64b9?style=flat\u0026theme=dark\u0026responseTime=true)\n![](https://api.checklyhq.com/v1/badges/checks/6a94504e-e936-4f07-bc0b-e08fee2734b3?style=flat\u0026theme=dark\u0026responseTime=true)\n\u003cbr\u003e\n![](https://api.checklyhq.com/v1/badges/checks/06ac4f4e-3e0e-4501-9987-580b4d2a6b06?style=flat\u0026theme=dark\u0026responseTime=true)\n![](https://api.checklyhq.com/v1/badges/checks/0ffc1e55-7ef0-4c2c-8acc-b6311871f41c?style=flat\u0026theme=dark\u0026responseTime=true)\n\nVisit [health.dotenv.org](https://health.dotenv.org) for more information.\n\n## FAQ\n\n#### What happens if `DOTENV_KEY` is not set?\n\nDotenv Vault gracefully falls back to [dotenv](https://github.com/motdotla/dotenv) when `DOTENV_KEY` is not set. This is the default for development so that you can focus on editing your `.env` file and save the `build` command until you are ready to deploy those environment variables changes.\n\n#### Should I commit my `.env` file?\n\nNo. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.\n\n#### Should I commit my `.env.vault` file?\n\nYes. It is safe and necessary to do so. It contains your encrypted envs, and your vault identifier.\n\n#### What happens if my `.env.vault` is missing?\n\nDotenv Vault gracefully falls back to [dotenv](https://github.com/motdotla/dotenv) when `.env.vault` is missing. You will receive a warning that it is missing.\n\n#### Can I share the `DOTENV_KEY`?\n\nNo. It is the key that unlocks your encrypted environment variables. Be very careful who you share this key with. Do not let it leak.\n\n## Contributing\n\n1. Fork it\n2. Create your feature branch (`git checkout -b my-new-feature`)\n3. Commit your changes (`git commit -am 'Added some feature'`)\n4. Push to the branch (`git push origin my-new-feature`)\n5. Create new Pull Request\n\n## Changelog\n\nSee [CHANGELOG.md](CHANGELOG.md)\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotenv-org%2Fdotenv-vault-core","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdotenv-org%2Fdotenv-vault-core","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotenv-org%2Fdotenv-vault-core/lists"}