Auto-build your encrypted .env.vault file on each environment change.
It can become a chore to run npx dotenv-vault build
each time you are ready to deploy new secret changes. Let GitHub do it for you with this automation add-on.
Billing teams will be happy. We’ve added:
Added Rust support to dotenv-vscode.
Updated to 0.20.0.
Dotenv VSCode now has syntax, auto-cloaking, auto-completion, and in-code secret peeking for the following languages:
Added support for rotating DOTENV_KEY in dotenv-vault-rails.
Update to 0.10.0 or greater to support key rotation in Ruby and Rails.
Now, npx dotenv-vault build
regenerates itself only if there are changes.
This increases security and improves DX.
It improves security by minimizing the chance of a nonce collision - which would expose your DOTENV_KEY. (Please note this is still incredibly rare. You would have to rebuild your .env.vault file a few billion times before this might occur. Nonetheless, we prefer to minimize the possibility.)
It improves DX because it follows the principle of least surprise. You will see your .env.vault file change only after you’ve changed your values.
python-dotenv-vault has extended support for:
These changes put python-dotenv-vault at parity with dotenv-vault-core.
Decryption support for .env.vault files has been added to Python. If you’re using Flask, Django, FastAPI, or plain ol’ Python, you can use Dotenv Vault with it.
Check it out at python-dotenv-vault and tell your Python friends.
Rotate your DOTENV_KEY with the following command:
$ npx dotenv-vault rotatekey production
Then:
See docs for more information. Supported for NodeJS library. Ruby and Python support coming soon.
We added a handful of new integrations. What should we add next?
We swapped our honeypot spam protection mechanism for Cloudflare Turnstile. It is more reliable at catching spam and the experience is still good – no annoying captchas identifying traffic signs.
We have updated our /docs site. It’s built with Jekyll. This way we’ve been able to make it public on GitHub – making it easy to edit.
Integrate Everywhere™ is our new approach to integrations. It works everywhere you can deploy your code. No more brittle integrations coordinating API calls. Instead, build and encrypt your local .env.vault file, commit it to code, and deploy. There’s nothing else like it.
$ npx dotenv-vault build
$ git commit -am "Add .env.vault"
$ git push