Secure your .env file with a password/ Secret SALT and use it in your project. Encrypt / decrypt your .env files. Hide your environment variables from the world. You can set that Secret salt as System Env using AWS task defination, or directly using your cloud service provider to enhance the overall app security. Hide your environment variables.
npm install -g env-hide
Usage: env-hide -k YOUR_SECRET_KEY
Options:
-k, --key YOUR_SECURITY_SALT (required)
-o, --operation encrypt/decrypt (required)
-h, --help output usage information
-p, --path file path (optional)
-a, --algo algorith to use, default: 'aes-256-ctr' (optional)
-f, --file output decrypted file? true/false (optional)
env-hide -o encrypt -k YOUR_SECRET_KEY
env-hide -o decrypt -k YOUR_SECRET_KEY -f true
const envHide = require('env-hide');
envHide.encrypt({ key: SECRET_KEY_SALT});const envHide = require('env-hide');
const envs = envHide.decrypt({ key: SECRET_KEY_SALT});
console.log(envs);| Parameter | Type | Description |
|---|---|---|
key |
string |
secret_key, default: null, required:true |
algo |
string |
algo to decrypt: aes-256-ctr |
enc |
string |
enc file name , default: .env.enc |
addToProcess |
boolean |
automatically add to process.env, default: true |
realOutput |
boolean |
return actual output(decrypted) of encrpted file, default: false |
outputDecryptFile |
boolean |
automatically create original .env file back, default: false |
| Parameter | Type | Description |
|---|---|---|
key |
string |
secret_key, default: null, required:true |
algo |
string |
algo to decrypt: aes-256-ctr |
env |
string |
env file to encrypt , default: .env |
output |
boolean |
return encryted output, default: false |
- Get original .env:
env-hide -o decrypt -k YOUR_SECRET_KEY -f true - Update or Add new Env Variables to your decrypted .env file
- Encrypt original .env :
env-hide -o encrypt -k YOUR_SECRET_KEY - DELETE the .env file