op-js VS enpass-cli

To get started with the 1Password CLI, visit the official 1Password CLI documentation. Here, you'll find installation guides, usage examples, and how to integrate it with various tools and workflows, including Git and SSH authentication.

1Password CLI: Automate administrative tasks, securely provision secrets across development environments, and use biometrics to authenticate in the terminal.

1Password CLI is great, having a single source for managing access keys and being able to use fingerprint ID on a Mac is such a cool feature. The AWS plugin works great, but if you want to use AWS through a third party (in this case Terraform), I failed to get it to work.

I know it's not FOSS but 1Password does have a decently fully-featured CLI client

https://developer.1password.com/docs/cli/

I used to be anti hosted password managers, but I was recommended using 1password and their CLI client to manage my passwords.

When a customer emails me to request access, all I have to do is copy their username from the email they sent me, then I press ⌃-⌥-⌘-A, and it's done! This automation uses Keyboard Maestro, the GitHub API, and 1Password CLI.

The 1Password CLI. You can find the installation docs here.

VS Code extensions run in a Node environment, and we wanted to interact with the new CLI. So we built and open-sourced an entirely new package for doing exactly this: op-js. It wraps the CLI with a simple-to-use JavaScript interface and ships with TypeScript declarations, making 60+ commands, including those that support biometrics unlock, available to your Node-based application.

Enpass has a CLI client and it's MIT-licensed.

https://github.com/hazcod/enpass-cli

In my opinion, Enpass has the best balance of privacy, open-source, offline-first, etc. It's essentially a proprietary UI over a sqlite/SQLCipher database (fully open source CLI available: https://github.com/hazcod/enpass-cli).

It can - but needn't - be sync'd any number of ways (iCloud, Dropbox, Google Drive, OneDrive, WebDAV), if that's what you like. Because it has WebDAV sync support, you can use it with ownCloud or NextCloud without much fuss, and not have to trust a third party at all.

When this first hit the news I started planning my migration. I settled on Enpass https://www.enpass.io/ . The main client is closed source but the password file is an encrypted SQLite database and is readable by open source tools (written in Go https://github.com/hazcod/enpass-cli).

The UI isn't quite as polished as 1Password but it's pretty good, and more consistent/discoverable IMHO.

For cloud-based, I think BitWarden is the obvious consensus. For local-first, I settled on Enpass. It's closed source and proprietary but the format is decently documented and they provided help in making an open-source database reader https://github.com/hazcod/enpass-cli

Now my passwords are somewhere I control, in a format I can read with open source tools, and sync is done by Dropbox/maestral. It's like being back on classic 1Password but slightly more stable and slightly less polished in the UI.

My open-source implementation of an Enpass command line client could use some love! https://github.com/HazCod/enpass-cli