Store your secret environment variables (API keys, AWS secrets etc.) with GPGME, and inject them into your current shell when needed.
# In your Gemfile
gem 'shellject'
And then execute:
$ bundle
Or install it yourself as:
$ gem install shellject
You may need to brew install gpgme on mac, or use your favourite package manager in linux
$ shellject setup
for instructions on how to set up the shell wrapper needed for injection, and, optionally, command-line completion.
$ cat my-secret-stuff.sh
>
export SECRET_APIKEY=abc123
export OTHER_VAR=stuff
2. Save the file contents as a shelljection:
$ shellject save --name stuff my-secret-stuff.sh
3. Test the shelljection:
$ shellject load stuff
echo $SECRET_APIKEY # "abc123"
echo $OTHER_VAR # "stuff"
4. REMOVE THE ORIGINAL FILE! 5. Now, you can securely load the environment variables whenever you wish:
$ shellject load stuff`
$ shellject --help
After checking out the repo, run bin/setup to install dependencies. Then, run bin/console for an interactive prompt that will allow you to experiment. Run bundle exec shellject to use the code located in this directory, ignoring other installed copies of this gem.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release to create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.
git checkout -b my-new-feature)git commit -am 'Add some feature')bundle exec rake)git push origin my-new-feature)FAQs
Unknown package
We found that shellject demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.
Security News
CISA’s 2025 draft SBOM guidance adds new fields like hashes, licenses, and tool metadata to make software inventories more actionable.
Security News
A clarification on our recent research investigating 60 malicious Ruby gems.