staticrypt icon indicating copy to clipboard operation
staticrypt copied to clipboard

Published 20 hours ago verified publisher icon robinmoisson

[Request] Encrypt with passphrase stored as an environment variable

Open ed-ponce opened this issue 3 years ago • 1 comments

Hello! I’m loving this package and I’m using it in several private repos; though, it would be great if I could implement it in public projects without giving away the security through package.json.

Would it be possible to encrypt using passphrases stored in the .env file or Netlify’s environment variables?

ed-ponce avatar Sep 14 '22 04:09 ed-ponce

Hey @patrulea that's a neat idea - I won't have time to work on this for a few weeks, I'll try to get to in October. Thanks for the suggestion.

robinmoisson avatar Sep 14 '22 07:09 robinmoisson

This is now possible through the v2.3 release and this commit https://github.com/robinmoisson/staticrypt/commit/ba24ae42c05f02526a20911a75b54cc3089cb97b.

You can set STATICRYPT_PASSWORD to your password as an env variable or in a .env file, and if you do you don't need to pass the passphrase parameter to the staticrypt command.

Feels a bit clunky to make the second positional argument disappear, v3 will get the password through -p <password> and should be more intuitive but in the meantime this should already work.

Closing this issue, let me know if you have any issue with that solution!

robinmoisson avatar Nov 21 '22 21:11 robinmoisson