{"id":31260003,"url":"https://github.com/mamedul/secure-cm","last_synced_at":"2026-05-19T07:34:03.841Z","repository":{"id":313703270,"uuid":"1052334081","full_name":"mamedul/secure-cm","owner":"mamedul","description":"\"Secure Config Manager\" will include the core application logic, comprehensive documentation, and all the necessary files for open-source collaboration and high visibility on search engines.","archived":false,"fork":false,"pushed_at":"2025-09-07T22:29:27.000Z","size":973,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-10-28T12:32:56.284Z","etag":null,"topics":["config","configuration","decryption","dotenv","encryption","env","secrets","security","yaml"],"latest_commit_sha":null,"homepage":"https://mamedul.github.io/secure-cm/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mamedul.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-07T21:58:01.000Z","updated_at":"2025-09-07T22:29:30.000Z","dependencies_parsed_at":"2025-09-08T00:18:26.436Z","dependency_job_id":"39d94945-e562-4ab2-84a7-40fd90bfb4df","html_url":"https://github.com/mamedul/secure-cm","commit_stats":null,"previous_names":["mamedul/secure-cm"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/mamedul/secure-cm","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mamedul%2Fsecure-cm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mamedul%2Fsecure-cm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mamedul%2Fsecure-cm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mamedul%2Fsecure-cm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mamedul","download_url":"https://codeload.github.com/mamedul/secure-cm/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mamedul%2Fsecure-cm/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33206320,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-19T07:16:55.748Z","status":"ssl_error","status_checked_at":"2026-05-19T07:16:54.366Z","response_time":58,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["config","configuration","decryption","dotenv","encryption","env","secrets","security","yaml"],"created_at":"2025-09-23T08:46:23.821Z","updated_at":"2026-05-19T07:34:03.829Z","avatar_url":"https://github.com/mamedul.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Secure-CM\n\n**A simple and powerful package to manage your application secrets safely.**\n\nSecure-CM loads configurations from `.env`, `.yaml`, or `.json` files, automatically encrypts sensitive keys before saving, and decrypts them on load. It is designed for modern development workflows, especially for SaaS products and multi-environment deployments that require a clear separation of configuration and secrets.\n\n![Secure-CM](https://raw.githubusercontent.com/mamedul/secure-cm/main/secure-cm-banner.jpg)\n\n\n## Features\n\n*   **Multi-Format Support**: Load configurations from `.env`, `.yaml`, or `.json` files.\n    \n*   **Automatic Encryption**: Sensitive values are automatically encrypted using AES-256-CBC.\n    \n*   **Environment-Specific Configs**: Manage separate configurations for `development`, `production`, `staging`, etc.\n    \n*   **Easy to Use**: Simple, intuitive API for loading, getting, setting, and saving configurations.\n    \n*   **Version Control Friendly**: Store encrypted configuration files safely in your version control system.\n    \n\n## Use Cases\n\n*   **SaaS Products**: Manage different database credentials, API keys, and feature flags for multiple tenants or environments.\n    \n*   **Multi-Environment Deployments**: Keep your `production`, `staging`, and `development` configurations separate and secure.\n    \n*   **Open Source Projects**: Allow contributors to use a template configuration without exposing sensitive project keys.\n    \n\n## Installation\n\n```bash\nnpm install secure-cm\n```\n\n## Quick Start\n\n1.  **Create a configuration file.**\n    \n    Create a `config` directory in your project root. Inside, create a file for your environment, e.g., `development.json`.\n    \n    **./config/development.json**\n    \n    ```json\n    {\n      \"DB_HOST\": \"localhost\",\n      \"DB_USER\": \"root\",\n      \"DB_PASS\": \"my-secret-password\",\n      \"API_KEY\": \"another-secret-key\"\n    }\n    ```\n    \n2.  **Initialize the manager and load your config.**\n    \n    You'll need a 32-character secret key for encryption. You can store this in a secure place like your hosting environment's secret manager or an environment variable.\n    \n    ```js\n    const SecureCM = require('secure-cm');\n    \n    // WARNING: Do not hardcode your secret key in production. \n    // Use an environment variable or a secret management service.\n    const secretKey = process.env.CONFIG_SECRET_KEY || 'a-secure-32-character-secret-key';\n    \n    const configManager = new SecureCM({\n        env: 'development',\n        secretKey: secretKey,\n        configDir: './config' // Optional, defaults to ./config\n    });\n    \n    // Specify which keys are sensitive and should be encrypted\n    configManager.load(['DB_PASS', 'API_KEY']);\n    \n    // Access your configuration\n    console.log('DB Host:', configManager.get('DB_HOST')); // 'localhost'\n    console.log('DB Password:', configManager.get('DB_PASS')); // 'my-secret-password' (decrypted)\n    ```\n    \n3.  **Save an encrypted version of your config.**\n    \n    Run this once to create an encrypted version of your config file. You can then safely commit this file to version control.\n    \n    ```\n    // This will encrypt 'DB_PASS' and 'API_KEY' and save a new file.\n    configManager.save('json'); \n    ```\n    \n    Your `development.json` will now look like this:\n    \n    **./config/development.json**\n    \n    ```json\n    {\n      \"DB_HOST\": \"localhost\",\n      \"DB_USER\": \"root\",\n      \"DB_PASS\": \"iv_hex:encrypted_password_hex\",\n      \"API_KEY\": \"iv_hex:encrypted_key_hex\"\n    }\n    ```\n    \n    Now, you can safely commit this file. The original plain-text values are never exposed.\n    \n\n## API Reference\n\n### `new SecureCM(options)`\n\nCreates a new instance.\n\n*   `options` `\u003cObject\u003e`\n    \n    *   `env` `\u003cstring\u003e` The current environment (e.g., `'production'`). **Default:** `'development'`.\n        \n    *   `configDir` `\u003cstring\u003e` The directory where config files are located. **Default:** `'./config'`.\n        \n    *   `secretKey` `\u003cstring\u003e` **Required**. A 32-character string used for encryption and decryption.\n        \n\n### `.load(sensitiveKeys)`\n\nLoads the configuration file for the specified environment.\n\n*   `sensitiveKeys` `\u003cstring[]\u003e` An array of keys within the configuration that should be treated as sensitive and decrypted upon loading.\n    \n\n### `.get(key)`\n\nRetrieves a configuration value.\n\n*   `key` `\u003cstring\u003e` The key of the value to retrieve.\n    \n\n### `.set(key, value)`\n\nSets a configuration value in memory.\n\n*   `key` `\u003cstring\u003e` The key of the value to set.\n    \n*   `value` `\u003cany\u003e` The value to set.\n    \n\n### `.save(format)`\n\nEncrypts sensitive keys and saves the entire configuration to a new file.\n\n*   `format` `\u003cstring\u003e` The format to save the file in (`'json'`, `'yaml'`, or `'env'`). **Default:** `'json'`.\n    \n\n## Contributing\n\nContributions are welcome! Please read our [CONTRIBUTING.md](CONTRIBUTING.md \"null\") for details on our code of conduct and the process for submitting pull requests.\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE \"null\") file for details.\n\n## Author\n\nThis packages codes was created by [**Mamedul Islam**](https://mamedul.github.io/ \"null\") and open for contribute.\n\n_As a passionate **web developer** with experience in creating interactive and user-friendly web components. Currently *available for freelance projects* or full-time opportunities._\n\n_Helping businesses grow their online presence with custom web solutions. Specializing in **WordPress**, **WooCommerce**, **NodeJS**, and **Shopify**. Building modern, responsive, and high-performance scalable websites with custom made plugins, codes, customizations._\n\n\n## Changelog\n\nPlease see the [CHANGELOG.md](CHANGELOG.md \"null\") file.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmamedul%2Fsecure-cm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmamedul%2Fsecure-cm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmamedul%2Fsecure-cm/lists"}