.env vs database for API keys

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/node
#Security #Password #secret-distribution #Pass #DevOps

Our great sponsors
  • SonarLint - Clean code begins in your IDE with SonarLint
  • Scout APM - Less time debugging, more time building
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • pass-import

    A pass extension for importing data from most of the existing password manager.

    My personal preference here is .env or .envrc files that use something like gnu password store in a subshell e.g. export FOO=$(pass my/database/creds) where those creds are pgp encrypted with my keys and possibly other peers' keys.

  • sops

    Simple and flexible tool for managing secrets

    check out https://github.com/mozilla/sops

  • SonarLint

    Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts