Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

cryenv

Package Overview
Dependencies
Maintainers
1
Versions
12
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cryenv

πŸ” Securely collect and manage missing .env variables via encrypted CLI surveys.

0.3.0
latest
Source
npmnpm
Version published
Weekly downloads
13
Maintainers
1
Weekly downloads
Β 
Created
Source

CryEnv πŸ” - Secure .env Surveys for Teams

NPM Version GitHub Stars License: MIT

Effortlessly collect & manage missing .env variables in a secure way.

πŸ”Ή What is CryEnv?

CryEnv is a CLI tool that helps teams securely collect missing environment variables by creating interactive encrypted surveys.

With CryEnv, you can:

  • Detect missing .env variables in your project.
  • Create encrypted surveys to request missing values.
  • Securely share a survey token with a team member.
  • Import responses back into your .env file.
  • Ensure only the creator can decrypt responses.

βœ… Fast.
πŸ” Secure.
πŸ› οΈ Easy to use.

πŸ”’ Security & Data Handling

CryEnv is designed with security and privacy in mind. Here’s how data is handled:

Questions (Unencrypted)

  • Questions are not encrypted and are stored in base64 format with zlib compression.
  • Do not include sensitive data in questions. Use them only to describe what information is needed.
  • Questions are used to guide the recipient and are not considered secret.

Answers (Encrypted)

  • Answers are fully encrypted using a combination of AES-256-CBC and RSA:
    • Compressed with zlib.
    • Encrypted with a randomly generated AES-256 key.
    • The AES key is encrypted using the creator’s RSA public key.
    • The final payload is encoded in base64 for easy sharing.
  • Only the survey creator can decrypt the answers using their private key.

Email Feature (Optional)

  • CryEnv can send survey links via email using node-fetch and a private server at webto.pro.
  • No sensitive data is sent or stored on the server. Only the encrypted survey token is transmitted.
  • Emails are used solely for convenience and are not required. You can share tokens manually.

Guarantees

  • No data is stored on external servers.
  • Emails are not saved or shared with third parties.
  • The email feature is optional and can be skipped if you prefer manual sharing.

πŸš€ Quick Start

No installation required! Just use npx:

npx cryenv

This will guide you through creating an encrypted survey for missing environment variables.

To fill a survey:

npx cryenv --fill YOUR_TOKEN

To import responses into your .env file:

npx cryenv --import YOUR_TOKEN --path=.env

πŸ” How It Works?

1️⃣ Create a survey with missing .env keys.
2️⃣ Share the generated token with a teammate.
3️⃣ The recipient fills the survey via CLI.
4️⃣ Responses are securely encrypted – only you can decrypt them.
5️⃣ Import the responses directly into your .env file.

πŸ”’ All data remains private & secure – even CryEnv cannot read the responses.

πŸ“¦ Installation (Optional)

You can install CryEnv globally:

npm install -g cryenv

Now you can use it without npx:

cryenv

πŸ› οΈ Commands & Usage

1️⃣ Detect missing .env variables

Automatically scan your .env.example or another file:

npx cryenv --env .env.example

This will create a survey with all missing variables.

2️⃣ Create a new survey

npx cryenv

You'll be guided through an interactive setup.

3️⃣ Fill a survey (as a recipient)

If someone shares a CryEnv token with you, fill it like this:

npx cryenv --fill YOUR_TOKEN

You'll be prompted to enter values.

4️⃣ Import responses into .env

npx cryenv --import YOUR_TOKEN --path=.env

This will decrypt responses and add them to your .env file.

5️⃣ Restore a saved survey

npx cryenv --restore FILE

Useful if you need to re-import or review responses.

πŸ” How CryEnv Ensures Security?

βœ” All responses are encrypted.
βœ” Only the survey creator can decrypt responses.
βœ” Survey tokens never expose raw data.
βœ” No external servers are used – works fully offline.

πŸ’‘ Example Workflow

Imagine you're working on a team project. Some environment variables are missing, and you need your teammate to fill them securely.

  • You create a survey and get a unique token:

    npx cryenv --env .env.example

  • You share the token with a teammate:

    npx cryenv --fill YOUR_TOKEN

  • They fill the survey without seeing other values.

  • You import their encrypted responses into .env:

    npx cryenv --import YOUR_TOKEN --path=.env

πŸŽ‰ Done! Your .env file is now complete – securely.

πŸ“œ License

CryEnv is licensed under the MIT License.
Β© 2025 Unbywyd.

πŸ”— Links

πŸ”Ή NPM: CryEnv on NPM
πŸ”Ή GitHub: CryEnv Repository
πŸ”Ή Issues: Report a bug

πŸš€ Secure, fast, and efficient .env management for teams!

Need more features? Open an issue or contribute on GitHub! 😊

Keywords

cli
env
dotenv
security
survey
encryption

FAQs

Package last updated on 15 Mar 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials

Research

Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials

Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.

By Kush PandyaΒ  - Β Sep 05, 2025
SocketSocket SOC 2 Logo

Product

About

Packages

Explore npm
Explore Cargo
Explore Go
Explore Maven
Explore NuGet
Explore PyPI
Explore Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚑️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.