{"id":20737993,"url":"https://github.com/stephencookdev/dotenv-sync","last_synced_at":"2025-06-13T04:38:13.036Z","repository":{"id":66062937,"uuid":"358747380","full_name":"stephencookdev/dotenv-sync","owner":"stephencookdev","description":null,"archived":false,"fork":false,"pushed_at":"2021-04-17T17:47:18.000Z","size":18,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-11T11:35:57.514Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stephencookdev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-04-17T00:08:09.000Z","updated_at":"2021-04-17T17:47:21.000Z","dependencies_parsed_at":"2023-03-26T02:02:16.326Z","dependency_job_id":null,"html_url":"https://github.com/stephencookdev/dotenv-sync","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/stephencookdev/dotenv-sync","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephencookdev%2Fdotenv-sync","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephencookdev%2Fdotenv-sync/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephencookdev%2Fdotenv-sync/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephencookdev%2Fdotenv-sync/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stephencookdev","download_url":"https://codeload.github.com/stephencookdev/dotenv-sync/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephencookdev%2Fdotenv-sync/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259582796,"owners_count":22880092,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-17T06:16:09.858Z","updated_at":"2025-06-13T04:38:13.016Z","avatar_url":"https://github.com/stephencookdev.png","language":"JavaScript","readme":"# dotenv-sync\n\nThis library is a layer on top of [dotenv](https://www.npmjs.com/package/dotenv), that lets you safely and easily share .env files with your team.\n\nIt works by encrypting all of your secret ENV vars using a private key, that can then be stored in 1Password, or LastPass etc.\n\n## Set up a project\n\n- `npm install dotenv-sync` to install it\n- `$(npm bin)/dotenv-sync --init` to initialise the project\n\nChange your existing code from:\n\n```js\nimport dotenv from \"dotenv\";\ndotenv.config();\n```\n\nto\n\n```js\nimport dotenv from \"dotenv-sync\";\ndotenv.config();\n```\n\n### What to commit\n\n**DO** commit:\n\n- `.env-encrypted` — this file is what keeps your team in sync. It's securely encrypted, and safe to commit publicly\n\nDo **NOT** commit:\n\n- `.env-unencrypted.env` — this file contains all of your secret keys. If you commit this, you might as well not use this library at all and just commit your `.env` directly.\n\nA sample `.gitignore` you might want to use is as follows:\n\n```bash\n# .gitignore\n*.env\n!.env-encrypted\n```\n\n### Custom error messaging\n\nWhen new teammates attempt to run your codebase, if they haven't created a `.env-unencrypted.env` file, then they will hit an error.\n\nIf you want to customise this error message, so your teammates know where to get the file from, you can create a `.dotenv-sync.missing-secret-key` message in your workspace.\n\nFor example:\n\n```bash\necho \"Check the shared 1Password, in the item titled 'space jam website'\" \u003e .dotenv-sync.missing-secret-key\n```\n\n## Bundle size\n\nIn production-mode, `dotenv-sync` defers entirely to `dotenv`, making it effectively zero in additional bundle size.\n\n## Security\n\n### Is this package secure?\n\nThis library encrypts your ENV vars using 256-bit AES.\n\nFor reference, this is the same encryption [that 1Password uses](https://1password.com/security). In other words, using this package is cryptographically as secure as storing all of your ENV vars directly in a 1Password vault.\n\n### Why not just commit the ENV vars to source?\n\nIf your repo is public, then this is obviously a bad idea, as anyone can e.g. log into your database.\n\nIf your repo is private, then this is still a bad idea. All it takes is one person to get hacked, and suddenly the hacker has access to all of your databases. By using this package, even if someone hacks their way to your source-code, they won't be able to decrypt your ENV vars.\n\n## Update ENV vars\n\nTo update ENV vars locally just for you, then you should just add to your `.env` file.\n\nTo update ENV vars for your team, you can:\n\n- modify the `.env-unencrypted.env` file\n- run $(npm bin)/dotenv-sync to update the `.env-encrypted` file\n- commit the new `.env-encrypted` file, and push this to source control\n\n## Using ENV vars\n\n### Priority\n\nAnything in your `.env` takes top priority, and will override anything else.\n\nFor example, in:\n\n```bash\n# .env\nTEST=hello\n\n# .env-unencrypted.env\nTEST=goodbye\n```\n\nthen `process.env.TEST === 'hello'`\n\n### Environment groups\n\nThe `.env-unencrypted.env` offers groups, as an optional feature. You can specify an active group with the `_ENV_GROUP_TARGET` environment variable.\n\nFor example, in:\n\n```bash\n# .env\n_ENV_GROUP_TARGET=Local\n\n# .env-unencrypted.env\n#~~~ Local\nTEST=hello\n\n#~~~ Development\nTEST=goodbye\n```\n\nthen `process.env.TEST === 'hello'`\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstephencookdev%2Fdotenv-sync","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstephencookdev%2Fdotenv-sync","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstephencookdev%2Fdotenv-sync/lists"}