From Dotenv to Dotenvx: Next Generation Config Management

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • mise

    dev tools, env vars, task runner

    Yes, also definitely a big vote for Mise.

    I’ve switched recently from asdf for managing language & tool versions and the ergonomics are much nicer (eg one command vs having to manually install plugins, etc., more logical commands) It’s also noticeably faster.

    Regarding the env vars features, a couple of relevant Mise issues around people trying to integrate env var secrets using SOPS, 1Password, etc.

    - https://github.com/jdx/mise/issues/1617

    - https://github.com/jdx/mise/issues/1359

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • dotenv

    Loads environment variables from .env for nodejs projects.

    I think dotenv would be fine as long as it doesn't raise exceptions if no .env file is found, i.e. if it works just as a helper for local dev and as a no-op for production

    I notice the dotenv docs are recommending dotenvx now in places: https://www.npmjs.com/package/dotenv#-manage-multiple-enviro...

  • Foreman

    Manage Procfile-based applications

    I always used foreman [0] which I found to be superior to dotenv in every way. Even superior to this new dotenvx

    [0] https://github.com/ddollar/foreman

  • foreman

    an application that automates the lifecycle of servers (by theforeman)

    Not to be confused with the larger foreman[0] also written in ruby.

    [0] https://theforeman.org

  • rot

    Secure Secrets Management for the Modern Sysadmin

    https://rotx.dev can also be used for a local password safe, and it supports environment variables injection into various scripts or workflows.

    (author of rot)

  • securestore-rs

    A simple, encrypted, git-friendly, file-backed secrets manager for rust

    We’ve been pushing for committing encrypted secrets for many years now, and have written an open source spec and implementation in multiple languages: https://github.com/neosmart/securestore-rs

  • sops

    Simple and flexible tool for managing secrets

    There's also sops: https://github.com/getsops/sops

    I've used it at two jobs now over about 5 years and have had zero issues.

  • console

    Application secrets and configuration management for developers. (by phasehq)

    I don't think this is the best approach. I am building https://phase.dev which lets you import secrets (.env), encrypt secrets (end-to-end encrypted with keys you control), sync them to other services/platforms (think AWS, GitHub, Kubernetes), and inject them into applications at runtime (e.g., phase run node index.js).

    Source: https://github.com/phasehq/console

  • punktum

    dotenv implementation in Rust

    Anyway, I hope they don't do command interpolation on top of that (like Ruby dotenv does), because then you can inject code via environment variables (like in the Ruby version).

    I recently looked into various dotenv implementations just for fun. They're all different. No unified syntax at all. A lot don't do proper parsing either, but just use some regular expressions (like this one), which means they just skip over what doesn't matches. I started to document all the quirks I could find and wrote my own dotenv dialect just for fun. Nobody use it! Anyway, here it is: https://github.com/panzi/punktum

    I've also tried to write a parser compatible to JavaScript dotenv (no x) in C++: https://github.com/panzi/cpp-dotenv

  • cpp-dotenv

    C++ re-implementation of JavaScript dotenv

    Anyway, I hope they don't do command interpolation on top of that (like Ruby dotenv does), because then you can inject code via environment variables (like in the Ruby version).

    I recently looked into various dotenv implementations just for fun. They're all different. No unified syntax at all. A lot don't do proper parsing either, but just use some regular expressions (like this one), which means they just skip over what doesn't matches. I started to document all the quirks I could find and wrote my own dotenv dialect just for fun. Nobody use it! Anyway, here it is: https://github.com/panzi/punktum

    I've also tried to write a parser compatible to JavaScript dotenv (no x) in C++: https://github.com/panzi/cpp-dotenv

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • SecureStore VS dotenv-vault - a user suggested alternative

    2 projects | 4 Nov 2023
  • appsettings.json secrets for local and for deployments

    3 projects | /r/dotnet | 14 Jun 2023
  • Maybe We Can Have Nice Things

    5 projects | /r/rust | 18 Feb 2021
  • Intentionally Leaking AWS Keys

    2 projects | news.ycombinator.com | 19 Jan 2021
  • Kubescape : Comprehensive Kubernetes Security from Development to Runtime

    1 project | dev.to | 16 Sep 2024

Did you konow that Rust is
the 5th most popular programming language
based on number of metions?