keyshare-cli

Keyshare CLI

Command-line interface for secure key sharing.

Installation

Global Installation

npm install -g keyshare-cli

Local Development

npm install
npm link

Using npx (No Installation)

npx keyshare-cli init
npx keyshare-cli fetch

Configuration

Set the API URL via environment variable:

export KEYSHARE_API_URL=https://keyshare.yourcompany.com

Or create a .env file:

KEYSHARE_API_URL=https://keyshare.yourcompany.com

Commands

keyshare init

Create a new share and get a share code.

Options:

• --api-url <url> - API server URL
• --from-file <path> - Read secret from file
• --ttl <minutes> - Time-to-live in minutes
• --qr - Display QR code
• --no-clipboard - Don't copy to clipboard
• --no-confirm - Skip confirmation prompts

Examples:

# Interactive mode
keyshare init

# From file
keyshare init --from-file ./api-key.txt

# Custom TTL
keyshare init --ttl 5

# With QR code
keyshare init --qr

# Custom API URL
keyshare init --api-url https://keyshare.company.com

Output:

✓ Share created successfully!

Share code (give this to your colleague):
  AB12XY9Q

Expires: 10/4/2025, 9:23:32 AM
TTL: 10 minutes

✓ Code copied to clipboard

keyshare fetch

Retrieve a secret using a share code.

Options:

• --api-url <url> - API server URL
• --code <code> - Share code
• --env-file <path> - Environment file path (default: .env)
• --var-name <name> - Variable name (default: API_KEY)
• --no-write - Don't write to file, just display
• --overwrite - Overwrite existing variable
• --no-confirm - Skip confirmation prompts

Examples:

# Interactive mode
keyshare fetch

# With code
keyshare fetch --code AB12XY9Q

# Custom env file
keyshare fetch --env-file .env.local

# Custom variable name
keyshare fetch --var-name DATABASE_URL

# Just display (don't write)
keyshare fetch --no-write

# Overwrite existing
keyshare fetch --overwrite

Output:

✓ Share retrieved successfully!

✓ Secret written to /path/to/.env
  Variable: API_KEY
  Backup created
  Permissions: 600 (owner read/write only)

keyshare revoke

Revoke a share before it's used.

Options:

• --code <code> - Share code to revoke (required)
• --api-url <url> - API server URL
• --no-confirm - Skip confirmation prompts

Examples:

# Revoke a share
keyshare revoke --code AB12XY9Q

# Skip confirmation
keyshare revoke --code AB12XY9Q --no-confirm

Features

Secure Env File Writing

• Creates .env file with 600 permissions (owner read/write only)
• Backs up existing file before modification
• Prevents accidental overwrites
• Validates variable names

Clipboard Support

• Automatically copies share codes to clipboard
• Works on macOS, Linux, and Windows
• Can be disabled with --no-clipboard

QR Code Display

• Generate QR codes for easy mobile sharing
• Enable with --qr flag

Error Handling

Clear, user-friendly error messages:

• Invalid share codes
• Expired shares
• Already used shares
• Rate limiting
• Network errors

Testing

npm test

Run tests in watch mode:

npm run test:watch

Development

Project Structure

cli/
├── bin/
│   └── cli.js          # Executable entry point
├── src/
│   ├── index.js        # Command definitions
│   ├── apiClient.js    # API communication
│   └── envWriter.js    # Env file management
└── test/
    └── envWriter.test.js

Adding New Commands

• Edit src/index.js
• Add command using Commander.js
• Implement command logic
• Add tests
• Update documentation

Publishing

# Update version
npm version patch  # or minor, major

# Publish to npm
npm publish

# Test installation
npm install -g keyshare-cli

License

MIT