EnvSync

Managing environment variables across a team is one of those problems that every developer runs into but nobody has a clean solution for. You either end up sharing .env files over Slack, emailing credentials around, or setting up a paid secrets manager. envsync solves this by turning GitHub — something your team already uses — into a secure secrets vault. envsync encrypts your .env file locally using age encryption before it ever leaves your machine. The encrypted file is then pushed to a private GitHub Gist tied to your account. When a teammate needs the environment variables, they run a single command and the file is pulled and decrypted on their machine. No plaintext credentials ever touch GitHub, and no third-party service is involved. The tool handles GitHub authentication through the OAuth device flow, meaning you never have to manually create or paste tokens — you just approve access in your browser and envsync handles the rest. Your authentication token is stored securely in your system keychain rather than in a plain text file. The workflow is designed to be as frictionless as possible. Pushing your environment is a single command, pulling it is a single command, and the encryption and decryption happen automatically in the background. It also includes a key sharing feature that lets you copy your encryption key to the clipboard so you can share it securely with teammates through your channel of choice. envsync is available for both Python and Node.js users, so it fits into any team's workflow regardless of their tech stack.