zsh-secrets
Storing GPG encrypted environment variables (by chuwy)
envchain
Environment variables meet macOS Keychain and gnome-keyring <3 (by sorah)
| zsh-secrets | envchain | |
|---|---|---|
| 1 | 3 | |
| 6 | 1,149 | |
| - | - | |
| 0.0 | 3.6 | |
| almost 2 years ago | 28 days ago | |
| Shell | C | |
| Apache License 2.0 | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
zsh-secrets
Posts with mentions or reviews of zsh-secrets.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-06-13.
envchain
Posts with mentions or reviews of envchain.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-03-14.
-
How do you protect your secret keys in your local computer?
I use https://github.com/sorah/envchain. It stores your secrets in Keychain (macOS) or gnome-keyring.
-
Secretlint 6: masking API tokens in .bash_history and .zsh_history
Credentials are often stored as raw text in .config/ or ~/.aws. These can be found in 1Password Shell Plugins, op run, zenv, envchain, etc. to avoid storing raw tokens in files.
-
How to Handle Secrets on the Command Line
You have envchain to store secrets as ENV variables in your keyring and execute commands:
https://github.com/sorah/envchain
Not really something you would use for production web apps, I think envconsul covers that usecase:
https://github.com/hashicorp/envconsul
What are some alternatives?
When comparing zsh-secrets and envchain you can also consider the following projects:
envconsul - Launch a subprocess with environment variables using data from @HashiCorp Consul and Vault.
Mosh - Mobile Shell
sops - Simple and flexible tool for managing secrets
gosec - Go security checker
dotfiles - Home directory with an absurd amount of tweaks
platform-compat - Roslyn analyzer that finds usages of APIs that will throw PlatformNotSupportedException on certain platforms.
ShellCheck - ShellCheck, a static analysis tool for shell scripts
secretlint - Pluggable linting tool to prevent committing credential.