env files. It addresses the need to keep sensitive configuration data out of source code by encrypting secrets before they leave the local machine, using AES-256-GCM encryption. The platform is suitable for both solo developers and teams, providing a migration path that requires minimal configuration changes—users simply swap their dotenv import for vaultdotenv, and their code continues to work as before.
The tool is delivered as a CLI, installable via npm, with authentication managed through a dashboard account. Once set up, users can initialize projects, push encrypted secrets to the remote vault, and manage environment variables from a web dashboard. Notably, secrets are encrypted locally, and the vault server never sees plaintext values. Each device connected to a project receives a unique device key, allowing for granular control and the ability to revoke access on a per-device basis without rotating all secrets. API requests are secured with time-stamped HMAC signatures, avoiding the use of bearer tokens.
vaultdotenv supports hot reloading, so changes made in the dashboard propagate to running processes within seconds, eliminating the need for redeploys or restarts. The tool also features an encrypted local cache, ensuring applications can still access secrets even if the vault is temporarily unreachable. js and Python environments, vaultdotenv provides watch functionality with customizable polling intervals and onChange callbacks, allowing applications to respond dynamically to updated secrets. Version history, team member invitations, device approvals, and secret rotation are all managed through the dashboard.
Pricing is structured with a free tier that includes up to 10 secrets, 2 environments, 1 project, and 2 devices, with community support. Paid plans are available for solo developers and teams, offering expanded limits, hot reload, version history, audit logs, and priority support. There are no per-seat charges or request metering, and users can start with a free trial for paid plans. The service is built in Australia.
vaultdotenv is an Other infrastructure product. It secures environment variables by encrypting them remotely while allowing local access with a master key. vaultdotenv is an open-source project aimed at python developers. The project is open source (MIT). The product ships for the web and the command line.
vaultdotenv contributors builds and maintains vaultdotenv, and the product first shipped in 2026. Among its 4 catalogued features are environment variable management, remote encryption, and master key support.
Latest indexed changes and source events
Other apps tracked under the same category.