{"id":18369263,"url":"https://github.com/envkey/envkey-node","last_synced_at":"2025-07-26T22:35:34.221Z","repository":{"id":54717922,"uuid":"99136379","full_name":"envkey/envkey-node","owner":"envkey","description":"EnvKey's official Node.js client library","archived":false,"fork":false,"pushed_at":"2022-03-10T21:23:40.000Z","size":221568,"stargazers_count":49,"open_issues_count":1,"forks_count":10,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-22T04:03:30.954Z","etag":null,"topics":["configuration","configuration-management","developer-tools","devops","devops-tools","encryption","javascript","nodejs","secret-management","secrets","security","security-tools"],"latest_commit_sha":null,"homepage":"https://www.envkey.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/envkey.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-08-02T16:05:56.000Z","updated_at":"2023-01-24T17:15:35.000Z","dependencies_parsed_at":"2022-08-14T00:40:52.467Z","dependency_job_id":null,"html_url":"https://github.com/envkey/envkey-node","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/envkey%2Fenvkey-node","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/envkey%2Fenvkey-node/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/envkey%2Fenvkey-node/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/envkey%2Fenvkey-node/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/envkey","download_url":"https://codeload.github.com/envkey/envkey-node/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247522481,"owners_count":20952558,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["configuration","configuration-management","developer-tools","devops","devops-tools","encryption","javascript","nodejs","secret-management","secrets","security","security-tools"],"created_at":"2024-11-05T23:28:54.966Z","updated_at":"2025-04-06T17:32:02.251Z","avatar_url":"https://github.com/envkey.png","language":"JavaScript","readme":"# envkey npm package\n\nIntegrate [EnvKey](https://www.envkey.com) with your Node.js projects to keep api keys, credentials, and other configuration securely and automatically in sync for developers and servers.\n\n# v2\n\nNow that [EnvKey v2](https://v2.envkey.com) has been released, you can find version 2 of this package in [a subdirectory of the EnvKey v2 monorepo](https://github.com/envkey/envkey/tree/main/public/sdks/languages-and-frameworks/node). Using v2 requires an EnvKey v2 organization (it won't work with ENVKEYs generated in a v1 org).\n\n[Here's a guide on migrating from v1 to v2.](https://docs-v2.envkey.com/docs/migrating-from-v1)\n\nTo continue using version 1 of this package, make sure you specify `@\"^1.x\"` when installing with npm (or in your package.json) so that you don't accidentally install v2.\n\n## Installation\n\n```bash\nnpm install envkey@\"^1.x\" --save\n```\n\nThen at the entry point of your application:\n\n```javascript\n// main.js\nrequire('envkey')\n```\n\nOr if you prefer ES6+ imports:\n\n```javascript\n// main.js\nimport 'envkey'\n```\n\n## Usage\n\nGenerate an `ENVKEY` in the [EnvKey App](https://github.com/envkey/envkey-app). Then set `ENVKEY=...`, either in a gitignored `.env` file in the root of your project (in development) or in an environment variable (on servers).\n\nNow all your EnvKey variables will be available on `process.env`.\n\n### Errors\n\nThe package will throw an error if an `ENVKEY` is missing or invalid.\n\n### Example\n\nAssume you have `STRIPE_SECRET_KEY` set to `sk_test_2a33b045e998d2ef60c7861d2ac22ea8` for the `development` environment in the EnvKey App. You generate a local development `ENVKEY`.\n\nIn your project's **gitignored** `.env` file:\n\n```bash\n# .env\nENVKEY=GsL8zC74DWchdpvssa9z-nk7humd7hJmAqNoA\n```\n\nIn `lib/stripe.js`:\n\n```javascript\nvar stripe = require('stripe')(process.env.STRIPE_SECRET_KEY);\n```\n\nNow `STRIPE_SECRET_KEY` will stay automatically in sync for all the developers on your team.\n\nFor a server, generate a server `ENVKEY` in the EnvKey App, then set the `ENVKEY` as an environment variable instead of putting it in a `.env` file.\n\nNow your servers will stay in sync as well. If you need to rotate your `STRIPE_SECRET_KEY`, you can do it in a few seconds in the EnvKey App, restart your servers, and you're good to go. All your team's developers and all your servers will have the new value.\n\n### Overriding Vars\n\nThe envkey package will not overwrite existing environment variables or additional variables set in a `.env` file. This can be convenient for customizing environments that otherwise share the same configuration. You can also use [sub-environments](https://blog.envkey.com/development-staging-production-and-beyond-85f26f65edd6) in the EnvKey App for this purpose.\n\n### Working Offline\n\nThe envkey package caches your encrypted config in development so that you can still use it while offline. Your config will still be available (though possibly not up-to-date) the next time you lose your internet connection. If you do have a connection available, envkey will always load the latest config. Your cached encrypted config is stored in `$HOME/.envkey/cache`\n\nFor caching purposes, this package assumes you're in development mode if `process.env.NODE_ENV` is \"development\" or \"test\". If `process.env.NODE_ENV` is undefined, then it's assumed you're in development mode when a .env file exists in the root of your project.\n\n### Custom Loading\n\nIf you want more control over how/when envkey loads your config, you can import/require the loader module directly instead of the top-level package that autoloads.\n\nWith require:\n\n```javascript\nconst envkeyLoader = require('envkey/loader')\n\nenvkeyLoader.load({\n  dotEnvFile: \".staging.env\", // where to find the dotEnv file that contains your ENVKEY,\n  permitted: [\"KEY1\", \"KEY2\"] // whitelist of permitted vars (useful for client-side config) - defaults to permitting all if omitted\n})\n```\n\nOr with imports:\n\n```javascript\nimport {load as envkeyLoad} from 'envkey/loader'\n\nenvkeyLoad({ dotEnvFile: \".staging.env\" })\n``` \n\nYou can also load your config asynchronously by providing a callback to the load function:\n\n```javascript\nconst envkeyLoader = require('envkey/loader')\n\nenvkeyLoader.load({\n  dotEnvFile: \".staging.env\", // where to find the dotEnv file that contains your ENVKEY,\n  permitted: [\"KEY1\", \"KEY2\"] // whitelist of permitted vars (useful for client-side config) - defaults to permitting all if omitted\n}, function(err, res){\n  console.log(\"Config loaded\")\n  console.log(process.env.KEY1)\n})\n```\n\nFor even more flexibility, you can use the `fetch` method to return your config as simple json and do as you wish with it. As with `load`, it can be called synchronously or asynchronously.\n\n```javascript\nconst envkeyLoader = require('envkey/loader')\n\n// synchronous\nconst config = envkeyLoader.fetch({ \n  dotEnvFile: \".staging.env\",\n  permitted: [\"KEY1\", \"KEY2\"]\n})\nconsole.log(config.KEY1)\n\n// asynchronous\nenvkeyLoader.fetch({\n  dotEnvFile: \".staging.env\",\n  permitted: [\"KEY1\", \"KEY2\"]\n}, function(err, res){\n  console.log(res.KEY1)\n})\n```\n\n## Client-Side Config In The Browser\n\nSince EnvKey is for configuration in addition to secrets, it can be convenient to inject a portion of your EnvKey config into your client-side code. This should be done by whitelisting variables that are safe for the client (i.e. can be made public) and injecting them during your build process. EnvKey has a [webpack plugin](https://github.com/envkey/envkey-webpack-plugin) to help you do it right.\n\n## envkey-fetch binaries\n\nIf you look in the `ext` directory of this package, you'll find a number of `envkey-fetch` binaries for various platforms and architectures. These are output by the [envkey-fetch Go library](https://github.com/envkey/envkey-fetch). It contains EnvKey's core cross-platform fetching, decryption, verification, web of trust, redundancy, and caching logic. It is completely open source.\n\n## x509 error / ca-certificates\n\nOn a stripped down OS like Alpine Linux, you may get an `x509: certificate signed by unknown authority` error when `envkey-node` attempts to load your config. [envkey-fetch](https://github.com/envkey/envkey-fetch) attempts to handle this by including its own set of trusted CAs via [gocertifi](https://github.com/certifi/gocertifi), but if you're getting this error anyway, you can fix it by ensuring that the `ca-certificates` dependency is installed. On Alpine you'll want to run:\n```\napk add --no-cache ca-certificates\n```\n\n## Further Reading\n\nFor more on EnvKey in general:\n\nRead the [docs](https://docs.envkey.com).\n\nRead the [integration quickstart](https://docs.envkey.com/integration-quickstart.html).\n\nRead the [security and cryptography overview](https://security.envkey.com).\n\n## Need help? Have questions, feedback, or ideas?\n\nPost an [issue](https://github.com/envkey/envkey-ruby/issues) or email us: [support@envkey.com](mailto:support@envkey.com).\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fenvkey%2Fenvkey-node","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fenvkey%2Fenvkey-node","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fenvkey%2Fenvkey-node/lists"}