Encrypting
Learn how Dotenvx encryption keeps secrets safe in source control.
Dotenvx encrypts secret values in .env files while keeping the file readable, reviewable, and safe to commit.
Start with a plaintext .env file.
# .env
HELLO="Dotenvx"
Run dotenvx encrypt.
$ dotenvx encrypt
◈ encrypted (.env)The values become ciphertext, the keys stay readable, and a public encryption key is added to the file.
# .env
DOTENV_PUBLIC_KEY="03954ac90bc5a05fa3e9c5e6c7c6464335a3f91770424b5769f5501478b27d4906"
HELLO="encrypted:BEJXNoNDHv/2zCy9vppyfRw+AtSzWsT6uLTOYcL+tGefTasmOQX7jr42EQBx3+XwHCQxcpmWxkU7R9mPYfjbjNgFiIOpkGox66gGG6LOFF9tzHjy8nDhXuF8JcnFSBHVRNS3IekOIPA="