Secure Your Environment Variables

Military-grade AES-256-GCM encryption for .env files. Zero dependencies. Production ready.

Get Started Documentation

Quick Start

# Install

npm install @oxog/env-lock

# Generate encryption key

npx env-lock generate-key

# Encrypt your .env file

npx env-lock encrypt --key YOUR_KEY

# Use in your app

require('@oxog/env-lock').config();

Why env-lock?

Everything you need to keep your secrets safe

Military-Grade Security

AES-256-GCM authenticated encryption with 256-bit keys

Zero Dependencies

Only native Node.js modules. Minimal attack surface.

Drop-in Replacement

Same API as dotenv. Just call config() and go.

Git-Safe

Commit encrypted .env.lock safely to version control

Production Tested

171 tests, 99.57% coverage, 100% success rate

CI/CD Ready

Works seamlessly with GitHub Actions, Docker, K8s

How It Works

1

Generate a secure encryption key

Create a cryptographically secure 256-bit key using our CLI tool

2

Encrypt your .env file

Transform your plaintext secrets into an encrypted .env.lock file

3

Commit .env.lock to git

Safely version control your encrypted environment variables

4

Deploy with confidence

Pass the encryption key via environment variable. Your app decrypts automatically.

Ready to secure your secrets?

Get started in less than 5 minutes

Read the Docs View Examples