[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-71243":3},{"id":4,"name":5,"fullName":6,"owner":5,"repo":5,"description":7,"homepage":8,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":9,"rankLanguage":9,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":22,"topics":24,"createdAt":9,"pushedAt":9,"updatedAt":39,"readmeContent":40,"aiSummary":41,"trendingCount":15,"starSnapshotCount":15,"syncStatus":42,"lastSyncTime":43,"discoverSource":44},71243,"dotenvx","dotenvx\u002Fdotenvx","a secure dotenv–from the creator of `dotenv`","https:\u002F\u002Fdotenvx.com\u002Fdocs",null,"JavaScript",5534,143,10,40,0,13,32,104,39,37.48,"BSD 3-Clause \"New\" or \"Revised\" License",false,"main",[25,26,27,28,5,29,30,31,32,33,34,35,36,37,38],"cli","configuration-file","curl","dotenv","end-to-end-encryption","env","environment-variables","homebrew","secret-management","secret-manager","secrets","secrets-management","security-tools","winget","2026-06-12 02:02:49","[![dotenvx](https:\u002F\u002Fdotenvx.com\u002Fbanner.png)](https:\u002F\u002Fdotenvx.com)\n\n*a secure dotenv*–from the creator of [`dotenv`](https:\u002F\u002Fgithub.com\u002Fmotdotla\u002Fdotenv).\n\n* run anywhere (cross-platform)\n* multi-environment\n* encrypted envs\n\n[Read the whitepaper](https:\u002F\u002Fdotenvx.com\u002Fdotenvx.pdf?v=README)\n\n&nbsp;\n\n\n### Quickstart [![npm version](https:\u002F\u002Fimg.shields.io\u002Fnpm\u002Fv\u002F@dotenvx\u002Fdotenvx.svg)](https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002F@dotenvx\u002Fdotenvx) [![downloads](https:\u002F\u002Fimg.shields.io\u002Fnpm\u002Fdw\u002F@dotenvx\u002Fdotenvx)](https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002F@dotenvx\u002Fdotenvx) [![test suite](https:\u002F\u002Fimg.shields.io\u002Fendpoint?url=https:\u002F\u002Fgist.githubusercontent.com\u002Fmotdotenv\u002Fbb76445765a9731e7d824a6efdf53524\u002Fraw\u002FdotenvxTestCount.json)](https:\u002F\u002Fgithub.com\u002Fdotenvx\u002Fdotenvx\u002Ftree\u002Fmain\u002Ftests) \n\nInstall and use it in code just like `dotenv`.\n\n```sh\nnpm install @dotenvx\u002Fdotenvx --save\n```\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config()\n\u002F\u002F or import '@dotenvx\u002Fdotenvx\u002Fconfig' \u002F\u002F for esm\n\nconsole.log(`Hello ${process.env.HELLO}`)\n```\n\n&nbsp;\n\nor install globally - *unlocks dotenv for any language, framework, or platform!*\n\n\u003Cdetails>\u003Csummary>with npm 🌍\u003C\u002Fsummary>\u003Cbr>\n\n```sh\nnpm i -g @dotenvx\u002Fdotenvx\ndotenvx encrypt\n```\n\n[![npm installs](https:\u002F\u002Fimg.shields.io\u002Fnpm\u002Fdt\u002F@dotenvx\u002Fdotenvx)](https:\u002F\u002Fnpmjs.com\u002F@dotenvx\u002Fdotenvx)\n\n&nbsp;\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>with curl 🌐\u003C\u002Fsummary>\u003Cbr>\n\n```sh\ncurl -sfS https:\u002F\u002Fdotenvx.sh | sh\ndotenvx encrypt\n```\n\n[![curl installs](https:\u002F\u002Fimg.shields.io\u002Fendpoint?url=https:\u002F\u002Fdotenvx.sh\u002Fstats\u002Fcurl&label=curl%20installs)](https:\u002F\u002Fgithub.com\u002Fdotenvx\u002Fdotenvx.sh\u002Fblob\u002Fmain\u002Finstall.sh)\n\n&nbsp;\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\u003Csummary>with brew 🍺\u003C\u002Fsummary>\u003Cbr>\n\n```sh\nbrew install dotenvx\u002Fbrew\u002Fdotenvx\ndotenvx encrypt\n```\n\n[![brew installs](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fdownloads\u002Fdotenvx\u002Fdotenvx\u002Ftotal?label=brew%20installs)](https:\u002F\u002Fgithub.com\u002Fdotenvx\u002Fhomebrew-brew\u002Fblob\u002Fmain\u002FFormula\u002Fdotenvx.rb)\n\n&nbsp;\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\u003Csummary>with docker 🐳\u003C\u002Fsummary>\u003Cbr>\n\n```sh\ndocker run -it --rm -v $(pwd):\u002Fapp dotenv\u002Fdotenvx encrypt\n```\n\n[![docker pulls](https:\u002F\u002Fimg.shields.io\u002Fdocker\u002Fpulls\u002Fdotenv\u002Fdotenvx)](https:\u002F\u002Fhub.docker.com\u002Fr\u002Fdotenv\u002Fdotenvx)\n\n&nbsp;\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\u003Csummary>with github releases 🐙\u003C\u002Fsummary>\u003Cbr>\n\n```sh\ncurl -L -o dotenvx.tar.gz \"https:\u002F\u002Fgithub.com\u002Fdotenvx\u002Fdotenvx\u002Freleases\u002Flatest\u002Fdownload\u002Fdotenvx-$(uname -s)-$(uname -m).tar.gz\"\ntar -xzf dotenvx.tar.gz\n.\u002Fdotenvx encrypt\n```\n\n[![github releases](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fdownloads\u002Fdotenvx\u002Fdotenvx\u002Ftotal)](https:\u002F\u002Fgithub.com\u002Fdotenvx\u002Fdotenvx\u002Freleases)\n\n&nbsp;\n\n\u003C\u002Fdetails>\n\n\n\u003Cdetails>\u003Csummary>or windows 🪟\u003C\u002Fsummary>\u003Cbr>\n\n```sh\nwinget install dotenvx\ndotenvx encrypt\n```\n\n\u003C\u002Fdetails>\n\n&nbsp;\n\n## Run Anywhere\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ node index.js\nHello undefined # without dotenvx\n\n$ dotenvx run -- node index.js\nHello Dotenvx # with dotenvx\n> :-D\n```\n\nsee [extended quickstart guide](https:\u002F\u002Fdotenvx.com\u002Fdocs\u002Fquickstart)\n\nMore examples\n\n\u003Cdetails>\u003Csummary>TypeScript 📘\u003C\u002Fsummary>\u003Cbr>\n\n```json\n\u002F\u002F package.json\n{\n  \"type\": \"module\",\n  \"dependencies\": {\n    \"chalk\": \"^5.3.0\"\n  }\n}\n```\n\n```js\n\u002F\u002F index.ts\nimport chalk from 'chalk'\nconsole.log(chalk.blue(`Hello ${process.env.HELLO}`))\n```\n\n```sh\n$ npm install\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx run -- npx tsx index.ts\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Cloudflare Workers ⛅️\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ dotenvx encrypt -f .env.txt\n```\n\n```js\n\u002F\u002F src\u002Findex.js\nimport envSrc from '..\u002F.env.txt'\nimport dotenvx from '@dotenvx\u002Fdotenvx'\n\nconst config = dotenvx.config({ envs: [{ type: 'env', value: envSrc, privateKeyName: 'DOTENV_PRIVATE_KEY' }] })\nconst envx = config.parsed\n\nexport default {\n  async fetch(request, env, ctx) {\n    return new Response(`Hello ${envx.HELLO}`)\n  }\n}\n```\n```json\n\"scripts\": {\n  \"deploy\": \"wrangler deploy\",\n  \"dev\": \"wrangler dev --var $(dotenvx keypair -f .env.txt --format=colon)\",\n  \"start\": \"wrangler dev --var $(dotenvx keypair -f .env.txt --format=colon)\",\n}\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Deno 🦕\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"console.log('Hello ' + Deno.env.get('HELLO'))\" > index.ts\n\n$ deno run --allow-env index.ts\nHello undefined\n\n$ dotenvx run -- deno run --allow-env index.ts\nHello Dotenvx\n```\n\n> [!WARNING]\n> Some of you are attempting to use the npm module directly with `deno run`. Don't, because deno currently has incomplete support for these encryption ciphers.\n>\n> ```\n> $ deno run -A npm:@dotenvx\u002Fdotenvx encrypt\n> Unknown cipher\n> ```\n> \n> Instead, use `dotenvx` as designed, by installing the cli as a binary - via curl, brew, etc.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Bun 🥟\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Test\" > .env.test\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ bun index.js\nHello undefined\n\n$ dotenvx run -f .env.test -- bun index.js\nHello Test\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Python 🐍\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo 'import os;print(\"Hello \" + os.getenv(\"HELLO\", \"\"))' > index.py\n\n$ dotenvx run -- python3 index.py\nHello Dotenvx\n```\n\nsee [extended python guide](https:\u002F\u002Fdotenvx.com\u002Fdocs\u002Fquickstart)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>PHP 🐘\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo '\u003C?php echo \"Hello {$_SERVER[\"HELLO\"]}\\n\";' > index.php\n\n$ dotenvx run -- php index.php\nHello Dotenvx\n```\n\nsee [extended php guide](https:\u002F\u002Fdotenvx.com\u002Fdocs\u002Fquickstart)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Ruby 💎\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo 'puts \"Hello #{ENV[\"HELLO\"]}\"' > index.rb\n\n$ dotenvx run -- ruby index.rb\nHello Dotenvx\n```\n\nsee [extended ruby guide](https:\u002F\u002Fdotenvx.com\u002Fdocs\u002Fquickstart)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Go 🐹\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo 'package main; import (\"fmt\"; \"os\"); func main() { fmt.Printf(\"Hello %s\\n\", os.Getenv(\"HELLO\")) }' > main.go\n\n$ dotenvx run -- go run main.go\nHello Dotenvx\n```\n\nsee [extended go guide](https:\u002F\u002Fdotenvx.com\u002Fdocs\u002Fquickstart)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Rust 🦀\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo 'fn main() {let hello = std::env::var(\"HELLO\").unwrap_or(\"\".to_string());println!(\"Hello {hello}\");}' > src\u002Fmain.rs\n\n$ dotenvx run -- cargo run\nHello Dotenvx\n```\n\nsee [extended rust guide](https:\u002F\u002Fdotenvx.com\u002Fdocs\u002Fquickstart)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Java ☕️\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo 'public class Index { public static void main(String[] args) { System.out.println(\"Hello \" + System.getenv(\"HELLO\")); } }' > index.java\n\n$ dotenvx run -- java index.java\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Clojure 🌿\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo '(println \"Hello\" (System\u002Fgetenv \"HELLO\"))' > index.clj\n\n$ dotenvx run -- clojure -M index.clj\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Kotlin 📐\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo 'fun main() { val hello = System.getenv(\"HELLO\") ?: \"\"; println(\"Hello $hello\") }' > index.kt\n$ kotlinc index.kt -include-runtime -d index.jar\n\n$ dotenvx run -- java -jar index.jar\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>.NET 🔵\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ dotnet new console -n HelloWorld -o HelloWorld\n$ cd HelloWorld\n$ echo \"HELLO=Dotenvx\" | Out-File -FilePath .env -Encoding utf8\n$ echo 'Console.WriteLine($\"Hello {Environment.GetEnvironmentVariable(\"HELLO\")}\");' > Program.cs\n\n$ dotenvx run -- dotnet run\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Bash 🖥️\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx run --quiet -- sh -c 'echo Hello $HELLO'\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Fish 🐠\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx run --quiet -- sh -c 'echo Hello $HELLO'\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Cron ⏰\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n# run every day at 8am\n0 8 * * * dotenvx run -- \u002Fpath\u002Fto\u002Fmyscript.sh\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Frameworks ▲\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ dotenvx run -- next dev\n$ dotenvx run -- npm start\n$ dotenvx run -- bin\u002Frails s\n$ dotenvx run -- php artisan serve\n```\n\nsee [framework guides](https:\u002F\u002Fdotenvx.com\u002Fdocs#frameworks)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Docker 🐳\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ docker run -it --rm -v $(pwd):\u002Fapp dotenv\u002Fdotenvx run -- node index.js\n```\n\nOr in any image:\n\n```Containerfile\nFROM node:latest\nRUN echo \"HELLO=Dotenvx\" > .env && echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\nRUN curl -fsS https:\u002F\u002Fdotenvx.sh\u002Finstall.sh | sh\nCMD [\"\u002Fusr\u002Flocal\u002Fbin\u002Fdotenvx\", \"run\", \"--\", \"echo\", \"Hello $HELLO\"]\n```\n\nsee [docker guide](https:\u002F\u002Fdotenvx.com\u002Fdocs\u002Fplatforms\u002Fdocker)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>CI\u002FCDs 🐙\u003C\u002Fsummary>\u003Cbr>\n\n```yaml\nname: build\non: [push]\njobs:\n  build:\n    runs-on: ubuntu-latest\n    steps:\n    - uses: actions\u002Fcheckout@v3\n    - uses: actions\u002Fsetup-node@v3\n      with:\n        node-version: 16\n    - run: curl -fsS https:\u002F\u002Fdotenvx.sh\u002Finstall.sh | sh\n    - run: dotenvx run -- node build.js\n      env:\n        DOTENV_KEY: ${{ secrets.DOTENV_KEY }}\n```\n\nsee [github actions guide](https:\u002F\u002Fdotenvx.com\u002Fdocs\u002Fcis\u002Fgithub-actions)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Platforms\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n# heroku\nheroku buildpacks:add https:\u002F\u002Fgithub.com\u002Fdotenvx\u002Fheroku-buildpack-dotenvx\n\n# docker\nRUN curl -fsS https:\u002F\u002Fdotenvx.sh | sh\n\n# vercel\nnpm install @dotenvx\u002Fdotenvx --save\n```\n\nsee [platform guides](https:\u002F\u002Fdotenvx.com\u002Fdocs#platforms)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Process Managers\u003C\u002Fsummary>\u003Cbr>\n\n```js\n\u002F\u002F pm2\n\"scripts\": {\n  \"start\": \"dotenvx run -- pm2-runtime start ecosystem.config.js --env production\"\n},\n```\n\nsee [process manager guides](https:\u002F\u002Fdotenvx.com\u002Fdocs#process-managers)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>npx\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n# alternatively use npx\n$ npx @dotenvx\u002Fdotenvx run -- node index.js\n$ npx @dotenvx\u002Fdotenvx run -- next dev\n$ npx @dotenvx\u002Fdotenvx run -- npm start\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>npm\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ npm install @dotenvx\u002Fdotenvx --save\n```\n\n```json\n{\n  \"scripts\": {\n    \"start\": \".\u002Fnode_modules\u002F.bin\u002Fdotenvx run -- node index.js\"\n  },\n  \"dependencies\": {\n    \"@dotenvx\u002Fdotenvx\": \"^0.5.0\"\n  }\n}\n```\n\n```sh\n$ npm run start\n\n> start\n> .\u002Fnode_modules\u002F.bin\u002Fdotenvx run -- node index.js\n\n[dotenvx@1.X.X] injecting env (1) from .env.production\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>asdf\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n# use dotenvx with asdf\n$ asdf plugin add dotenvx\n$ asdf install dotenvx latest\n```\n\nthank you [@jgburet](https:\u002F\u002Fgithub.com\u002Fjgburet\u002Fasdf-dotenvx) of Paris 🇫🇷\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Git\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n# use as a git submodule\n$ git dotenvx run -- node index.js\n$ git dotenvx run -- next dev\n$ git dotenvx run -- npm start\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Variable Expansion\u003C\u002Fsummary>\u003Cbr>\n\nReference and expand variables already on your machine for use in your .env file.\n\n```ini\n# .env\nUSERNAME=\"username\"\nDATABASE_URL=\"postgres:\u002F\u002F${USERNAME}@localhost\u002Fmy_database\"\n```\n```js\n\u002F\u002F index.js\nconsole.log('DATABASE_URL', process.env.DATABASE_URL)\n```\n```sh\n$ dotenvx run --debug -- node index.js\n[dotenvx@0.14.1] injecting env (2) from .env\nDATABASE_URL postgres:\u002F\u002Fusername@localhost\u002Fmy_database\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>Command Substitution\u003C\u002Fsummary>\u003Cbr>\n\nAdd the output of a command to one of your variables in your .env file.\n\n```ini\n# .env\nDATABASE_URL=\"postgres:\u002F\u002F$(whoami)@localhost\u002Fmy_database\"\n```\n```js\n\u002F\u002F index.js\nconsole.log('DATABASE_URL', process.env.DATABASE_URL)\n```\n```sh\n$ dotenvx run --debug -- node index.js\n[dotenvx@0.14.1] injecting env (1) from .env\nDATABASE_URL postgres:\u002F\u002Fyourusername@localhost\u002Fmy_database\n```\n\n\u003C\u002Fdetails>\n\n\n&nbsp;\n\n## Multiple Environments\n\n> Create a `.env.production` file and use `-f` to load it. It's straightforward, yet flexible.\n```sh\n$ echo \"HELLO=production\" > .env.production\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -f .env.production -- node index.js\n[dotenvx@1.X.X] injecting env (1) from .env.production\nHello production\n> ^^\n```\n\nMore examples\n\n\u003Cdetails>\u003Csummary>multiple `.env` files\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=local\" > .env.local\n\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx run -f .env.local -f .env -- node index.js\n[dotenvx@1.X.X] injecting env (1) from .env.local,.env\nHello local\n```\n\nNote subsequent files do NOT override pre-existing variables defined in previous files or env. This follows historic principle. For example, above `local` wins – from the first file.\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\u003Csummary>`--overload` flag\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=local\" > .env.local\n\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx run -f .env.local -f .env --overload -- node index.js\n[dotenvx@1.X.X] injecting env (1) from .env.local,.env\nHello Dotenvx\n```\n\nNote that with `--overload` subsequent files DO override pre-existing variables defined in previous files.\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`--verbose` flag\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=production\" > .env.production\n\n$ dotenvx run -f .env.production --verbose -- node index.js\n[dotenvx][verbose] injecting env from \u002Fpath\u002Fto\u002F.env.production\n[dotenvx][verbose] HELLO set\n[dotenvx@1.X.X] injecting env (1) from .env.production\nHello production\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`--debug` flag\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=production\" > .env.production\n\n$ dotenvx run -f .env.production --debug -- node index.js\n[dotenvx][debug] configuring options\n[dotenvx][debug] {\"envFile\":[\".env.production\"]}\n[dotenvx][verbose] injecting env from \u002Fpath\u002Fto\u002F.env.production\n[dotenvx][debug] reading env from \u002Fpath\u002Fto\u002F.env.production\n[dotenvx][debug] parsing env from \u002Fpath\u002Fto\u002F.env.production\n[dotenvx][debug] {\"HELLO\":\"production\"}\n[dotenvx][debug] writing env from \u002Fpath\u002Fto\u002F.env.production\n[dotenvx][verbose] HELLO set\n[dotenvx][debug] HELLO set to production\n[dotenvx@1.X.X] injecting env (1) from .env.production\nHello production\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`--quiet` flag\u003C\u002Fsummary>\u003Cbr>\n\nUse `--quiet` to suppress all output (except errors).\n\n```sh\n$ echo \"HELLO=production\" > .env.production\n\n$ dotenvx run -f .env.production --quiet -- node index.js\nHello production\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`--log-level` flag\u003C\u002Fsummary>\u003Cbr>\n\nSet `--log-level` to whatever you wish. For example, to suppress warnings (risky), set log level to `error`:\n\n```sh\n$ echo \"HELLO=production\" > .env.production\n\n$ dotenvx run -f .env.production --log-level=error -- node index.js\nHello production\n```\n\nAvailable log levels are `error, warn, info, verbose, debug, silly`\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`--convention` flag\u003C\u002Fsummary>\u003Cbr>\n\nLoad envs using [Next.js' convention](https:\u002F\u002Fnextjs.org\u002Fdocs\u002Fpages\u002Fbuilding-your-application\u002Fconfiguring\u002Fenvironment-variables#environment-variable-load-order) or [dotenv-flow convention](https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002Fdotenv-flow). Set `--convention` to `nextjs` or `flow`:\n\n```sh\n$ echo \"HELLO=development local\" > .env.development.local\n$ echo \"HELLO=local\" > .env.local\n$ echo \"HELLO=development\" > .env.development\n$ echo \"HELLO=env\" > .env\n\n$ dotenvx run --convention=nextjs -- node index.js\nHello development local\n\n$ dotenvx run --convention=flow -- node index.js\nHello development local\n```\n\n(more conventions available upon request)\n\n\u003C\u002Fdetails>\n\n&nbsp;\n\n## Encryption\n\n> Add encryption to your `.env` files with a single command. Use `dotenvx encrypt`.\n\n```sh\n$ dotenvx encrypt\n◈ encrypted (.env)\n```\n\n[![encrypted .env](https:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F46dfe1a7-a027-4d80-9207-789eccc325dc)](https:\u002F\u002Fdotenvx.com)\n\n> A `DOTENV_PUBLIC_KEY` (encryption key) and a `DOTENV_PRIVATE_KEY` (decryption key) are generated using the same public-key cryptography as [Bitcoin](https:\u002F\u002Fen.bitcoin.it\u002Fwiki\u002FSecp256k1).\n\nMore examples\n\n\u003Cdetails>\u003Csummary>`.env`\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenvx encrypt\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -- node index.js\n[dotenvx@1.X.X] injecting env (2) from .env\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`.env.production`\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Production\" > .env.production\n$ dotenvx encrypt -f .env.production\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ DOTENV_PRIVATE_KEY_PRODUCTION=\"\u003C.env.production private key>\" dotenvx run -- node index.js\n[dotenvx@1.X.X] injecting env (2) from .env.production\nHello Production\n```\n\nNote the `DOTENV_PRIVATE_KEY_PRODUCTION` ends with `_PRODUCTION`. This instructs `dotenvx run` to load the `.env.production` file.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`.env.ci`\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Ci\" > .env.ci\n$ dotenvx encrypt -f .env.ci\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ DOTENV_PRIVATE_KEY_CI=\"\u003C.env.ci private key>\" dotenvx run -- node index.js\n[dotenvx@1.X.X] injecting env (2) from .env.ci\nHello Ci\n```\n\nNote the `DOTENV_PRIVATE_KEY_CI` ends with `_CI`. This instructs `dotenvx run` to load the `.env.ci` file. See the pattern?\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>combine multiple encrypted .env files\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ dotenvx set HELLO Dotenvx -f .env\n$ dotenvx set HELLO Production -f .env.production\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ DOTENV_PRIVATE_KEY=\"\u003C.env private key>\" DOTENV_PRIVATE_KEY_PRODUCTION=\"\u003C.env.production private key>\" dotenvx run -- node index.js\n[dotenvx@1.X.X] injecting env (3) from .env, .env.production\nHello Dotenvx\n```\n\nNote the `DOTENV_PRIVATE_KEY` instructs `dotenvx run` to load the `.env` file and the `DOTENV_PRIVATE_KEY_PRODUCTION` instructs it to load the `.env.production` file. See the pattern?\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>combine multiple encrypted .env files for monorepo\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ mkdir app1\n$ mkdir app2\n$ dotenvx set HELLO app1 -f app1\u002F.env.ci\n$ dotenvx set HELLO app2 -f app2\u002F.env.ci\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ DOTENV_PRIVATE_KEY_CI=\"\u003Capp1\u002Fprivat ci key>,\u003Capp2\u002Fprivate ci key>\" dotenvx run -f app1\u002F.env.ci -f app2\u002F.env.ci -- node index.js\n[dotenvx@1.X.X] injecting env (2) from app1\u002F.env.ci,app2\u002F.env.ci\nHello app1\n\n$ DOTENV_PRIVATE_KEY_CI=\"\u003Capp1\u002Fprivat ci key>,\u003Capp2\u002Fprivate ci key>\" dotenvx run -f app1\u002F.env.ci -f app2\u002F.env.ci --overload -- node index.js\n[dotenvx@1.X.X] injecting env (2) from app1\u002F.env.ci,app2\u002F.env.ci\nHello app2\n```\n\nNote the `DOTENV_PRIVATE_KEY_CI` (and any `DOTENV_PRIVATE_KEY*`) can take multiple private keys by simply comma separating them.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`--stdout`\u003C\u002Fsummary>\u003Cbr>\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenvx encrypt --stdout\n$ dotenvx encrypt --stdout > .env.encrypted\n```\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\u003Csummary>other curves\u003C\u002Fsummary>\u003Cbr>\n\n> `secp256k1` is a well-known and battle tested curve, in use with Bitcoin and other cryptocurrencies, but we are open to adding support for more curves.\n> \n> If your organization's compliance department requires [NIST approved curves](https:\u002F\u002Fcsrc.nist.gov\u002Fprojects\u002Felliptic-curve-cryptography) or other curves like `curve25519`, please reach out at [security@dotenvx.com](mailto:security@dotenvx.com).\n\n\u003C\u002Fdetails>\n\n&nbsp;\n\n## Advanced\n\n> Become a `dotenvx` power user.\n>\n\n### CLI 📟\n\nAdvanced CLI commands.\n\n\u003Cdetails>\u003Csummary>`run` - Variable Expansion\u003C\u002Fsummary>\u003Cbr>\n\nReference and expand variables already on your machine for use in your .env file.\n\n```ini\n# .env\nUSERNAME=\"username\"\nDATABASE_URL=\"postgres:\u002F\u002F${USERNAME}@localhost\u002Fmy_database\"\n```\n```js\n\u002F\u002F index.js\nconsole.log('DATABASE_URL', process.env.DATABASE_URL)\n```\n```sh\n$ dotenvx run --debug -- node index.js\n[dotenvx@1.X.X] injecting env (2) from .env\nDATABASE_URL postgres:\u002F\u002Fusername@localhost\u002Fmy_database\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run` - Default Values\u003C\u002Fsummary>\u003Cbr>\n\nUse default values when environment variables are unset or empty.\n\n```ini\n# .env\n# Default value syntax: use value if set, otherwise use default\nDATABASE_HOST=${DB_HOST:-localhost}\nDATABASE_PORT=${DB_PORT:-5432}\n\n# Alternative syntax (no colon): use value if set, otherwise use default\nAPI_URL=${API_BASE_URL-https:\u002F\u002Fapi.example.com}\n```\n```js\n\u002F\u002F index.js\nconsole.log('DATABASE_HOST', process.env.DATABASE_HOST)\nconsole.log('DATABASE_PORT', process.env.DATABASE_PORT)\nconsole.log('API_URL', process.env.API_URL)\n```\n```sh\n$ dotenvx run --debug -- node index.js\n[dotenvx@1.X.X] injecting env (3) from .env\nDATABASE_HOST localhost\nDATABASE_PORT 5432\nAPI_URL https:\u002F\u002Fapi.example.com\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run` - Alternate Values\u003C\u002Fsummary>\u003Cbr>\n\nUse alternate values when environment variables are set and non-empty.\n\n```ini\n# .env\nNODE_ENV=production\n\n# Alternate value syntax: use alternate if set and non-empty, otherwise empty\nDEBUG_MODE=${NODE_ENV:+false}\nLOG_LEVEL=${NODE_ENV:+error}\n\n# Alternative syntax (no colon): use alternate if set, otherwise empty  \nCACHE_ENABLED=${NODE_ENV+true}\n```\n```js\n\u002F\u002F index.js\nconsole.log('NODE_ENV', process.env.NODE_ENV)\nconsole.log('DEBUG_MODE', process.env.DEBUG_MODE)\nconsole.log('LOG_LEVEL', process.env.LOG_LEVEL)\nconsole.log('CACHE_ENABLED', process.env.CACHE_ENABLED)\n```\n```sh\n$ dotenvx run --debug -- node index.js\n[dotenvx@1.X.X] injecting env (4) from .env\nNODE_ENV production\nDEBUG_MODE false\nLOG_LEVEL error\nCACHE_ENABLED true\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run` - Interpolation Syntax Summary (Variable Expansion, Default\u002FAlternate Values)\u003C\u002Fsummary>\u003Cbr>\n\nComplete reference for variable interpolation patterns supported by dotenvx:\n\n```ini\n# .env\nDEFINED_VAR=hello\nEMPTY_VAR=\n# UNDEFINED_VAR is not set\n\n# Default value syntax - use variable if set\u002Fnon-empty, otherwise use default\nTEST1=${DEFINED_VAR:-fallback}     # Result: \"hello\"\nTEST2=${EMPTY_VAR:-fallback}       # Result: \"fallback\"  \nTEST3=${UNDEFINED_VAR:-fallback}   # Result: \"fallback\"\n\n# Default value syntax (no colon) - use variable if set, otherwise use default\nTEST4=${DEFINED_VAR-fallback}      # Result: \"hello\"\nTEST5=${EMPTY_VAR-fallback}        # Result: \"\" (empty, but set)\nTEST6=${UNDEFINED_VAR-fallback}    # Result: \"fallback\"\n\n# Alternate value syntax - use alternate if variable is set\u002Fnon-empty, otherwise empty\nTEST7=${DEFINED_VAR:+alternate}    # Result: \"alternate\"\nTEST8=${EMPTY_VAR:+alternate}      # Result: \"\" (empty)\nTEST9=${UNDEFINED_VAR:+alternate}  # Result: \"\" (empty)\n\n# Alternate value syntax (no colon) - use alternate if variable is set, otherwise empty  \nTEST10=${DEFINED_VAR+alternate}    # Result: \"alternate\"\nTEST11=${EMPTY_VAR+alternate}      # Result: \"alternate\" (empty but set)\nTEST12=${UNDEFINED_VAR+alternate}  # Result: \"\" (empty)\n```\n\n**Key differences:**\n- `:-` vs `-`: The colon makes empty values trigger the fallback\n- `:+` vs `+`: The colon makes empty values not trigger the alternate  \n- Default syntax (`-`): Use variable value or fallback\n- Alternate syntax (`+`): Use alternate value or empty string\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run` - Command Substitution\u003C\u002Fsummary>\u003Cbr>\n\nAdd the output of a command to one of your variables in your .env file.\n\n```ini\n# .env\nDATABASE_URL=\"postgres:\u002F\u002F$(whoami)@localhost\u002Fmy_database\"\n```\n```js\n\u002F\u002F index.js\nconsole.log('DATABASE_URL', process.env.DATABASE_URL)\n```\n```sh\n$ dotenvx run --debug -- node index.js\n[dotenvx@1.X.X] injecting env (1) from .env\nDATABASE_URL postgres:\u002F\u002Fyourusername@localhost\u002Fmy_database\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run` - Shell Expansion\u003C\u002Fsummary>\u003Cbr>\n\nPrevent your shell from expanding inline `$VARIABLES` before dotenvx has a chance to inject it. Use a subshell.\n\n```sh\n$ dotenvx run --env=\"HELLO=Dotenvx\" -- sh -c 'echo Hello $HELLO'\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run` - Multiline\u003C\u002Fsummary>\u003Cbr>\n\nDotenvx supports multiline values. This is particularly useful in conjunction with Docker - which [does not support multiline values](https:\u002F\u002Fstackoverflow.com\u002Fquestions\u002F50299617\u002Fset-multiline-environment-variable-with-dockerfile\u002F79578348#79578348).\n\n```ini\n# .env\nMULTILINE_PEM=\"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNl1tL3QjKp3DZWM0T3u\nLgGJQwu9WqyzHKZ6WIA5T+7zPjO1L8l3S8k8YzBrfH4mqWOD1GBI8Yjq2L1ac3Y\u002F\nbTdfHN8CmQr2iDJC0C6zY8YV93oZB3x0zC\u002FLPbRYpF8f6OqX1lZj5vo2zJZy4fI\u002F\nkKcI5jHYc8VJq+KCuRZrvn+3V+KuL9tF9v8ZgjF2PZbU+LsCy5Yqg1M8f5Jp5f6V\nu4QuUoobAgMBAAE=\n-----END PUBLIC KEY-----\"\n```\n\n```js\n\u002F\u002F index.js\nconsole.log('MULTILINE_PEM', process.env.MULTILINE_PEM)\n```\n\n```sh\n$ dotenvx run -- node index.js\nMULTILINE_PEM -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNl1tL3QjKp3DZWM0T3u\nLgGJQwu9WqyzHKZ6WIA5T+7zPjO1L8l3S8k8YzBrfH4mqWOD1GBI8Yjq2L1ac3Y\u002F\nbTdfHN8CmQr2iDJC0C6zY8YV93oZB3x0zC\u002FLPbRYpF8f6OqX1lZj5vo2zJZy4fI\u002F\nkKcI5jHYc8VJq+KCuRZrvn+3V+KuL9tF9v8ZgjF2PZbU+LsCy5Yqg1M8f5Jp5f6V\nu4QuUoobAgMBAAE=\n-----END PUBLIC KEY-----\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run` - Contextual Help\u003C\u002Fsummary>\u003Cbr>\n\nUnlike other dotenv libraries, dotenvx attempts to unblock you with contextual help.\n\nFor example, when missing a custom .env file:\n\n```sh\n$ dotenvx run -f .env.missing -- echo $HELLO\n[MISSING_ENV_FILE] missing file (\u002FUsers\u002Fscottmotte\u002FCode\u002Fdotenvx\u002Fplayground\u002Fapr-16\u002F.env.missing). fix: [echo \"HELLO=Dotenvx\" > .env.missing]\n```\n\nor when missing a KEY:\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenvx get GOODBYE\n[MISSING_KEY] missing key (GOODBYE)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run` - multiple `-f` flags\u003C\u002Fsummary>\u003Cbr>\n\nCompose multiple `.env` files for environment variables loading, as you need.\n\n```sh\n$ echo \"HELLO=local\" > .env.local\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -f .env.local -f .env -- node index.js\n[dotenvx@1.X.X] injecting env (1) from .env.local, .env\nHello local\n```\n\nNote subsequent files do NOT override pre-existing variables defined in previous files or env. This follows historic principle. For example, above `local` wins – from the first file.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --env HELLO=String`\u003C\u002Fsummary>\u003Cbr>\n\nSet environment variables as a simple `KEY=value` string pair.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run --env HELLO=String -f .env -- node index.js\n[dotenvx@1.X.X] injecting env (1) from .env, and --env flag\nHello String\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --overload`\u003C\u002Fsummary>\u003Cbr>\n\nOverride existing env variables. These can be variables already on your machine or variables loaded as files consecutively. The last variable seen will 'win'.\n\n```sh\n$ echo \"HELLO=local\" > .env.local\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -f .env.local -f .env --overload -- node index.js\n[dotenvx@1.X.X] injecting env (1) from .env.local, .env\nHello Dotenvx\n```\n\nNote that with `--overload` subsequent files DO override pre-existing variables defined in previous files.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run` - Environment Variable Precedence (Container\u002FCloud Deployments)\u003C\u002Fsummary>\u003Cbr>\n\nWhen deploying applications in containers or cloud environments, you often need to override specific environment variables at runtime without modifying committed `.env` files. By default, dotenvx follows the historic dotenv principle: **environment variables already present take precedence over `.env` files**.\n\n```sh\n# .env.prod contains: MODEL_REGISTRY=registry.company.com\u002Fmodels\u002Fv1\n$ echo \"MODEL_REGISTRY=registry.company.com\u002Fmodels\u002Fv1\" > .env.prod\n$ echo \"console.log('MODEL_REGISTRY:', process.env.MODEL_REGISTRY)\" > app.js\n\n# Without environment variable set - uses .env.prod value\n$ dotenvx run -f .env.prod -- node app.js\nMODEL_REGISTRY: registry.company.com\u002Fmodels\u002Fv1\n\n# With environment variable set (e.g., via Azure Container Service) - environment variable takes precedence\n$ MODEL_REGISTRY=registry.azure.com\u002Fmodels\u002Fv2 dotenvx run -f .env.prod -- node app.js\nMODEL_REGISTRY: registry.azure.com\u002Fmodels\u002Fv2\n\n# To force .env.prod to override environment variables, use --overload\n$ MODEL_REGISTRY=registry.azure.com\u002Fmodels\u002Fv2 dotenvx run -f .env.prod --overload -- node app.js\nMODEL_REGISTRY: registry.company.com\u002Fmodels\u002Fv1\n```\n\n**For container deployments:** Set environment variables through your cloud provider's UI\u002Fconfiguration (Azure Container Service, AWS ECS, etc.) to override specific values from committed `.env` files without rebuilding your application.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`DOTENV_PRIVATE_KEY=key run`\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt your encrypted `.env` by setting `DOTENV_PRIVATE_KEY` before `dotenvx run`.\n\n```sh\n$ touch .env\n$ dotenvx set HELLO encrypted\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n# check your .env.keys files for your privateKey\n$ DOTENV_PRIVATE_KEY=\"122...0b8\" dotenvx run -- node index.js\n[dotenvx@1.X.X] injecting env (2) from .env\nHello encrypted\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`DOTENV_PRIVATE_KEY_PRODUCTION=key run`\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt your encrypted `.env.production` by setting `DOTENV_PRIVATE_KEY_PRODUCTION` before `dotenvx run`. Alternatively, this can be already set on your server or cloud provider.\n\n```sh\n$ touch .env.production\n$ dotenvx set HELLO \"production encrypted\" -f .env.production\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n# check .env.keys for your privateKey\n$ DOTENV_PRIVATE_KEY_PRODUCTION=\"122...0b8\" dotenvx run -- node index.js\n[dotenvx@1.X.X] injecting env (2) from .env.production\nHello production encrypted\n```\n\nNote the `DOTENV_PRIVATE_KEY_PRODUCTION` ends with `_PRODUCTION`. This instructs dotenvx run to load the `.env.production` file.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`DOTENV_PRIVATE_KEY_CI=key dotenvx run`\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt your encrypted `.env.ci` by setting `DOTENV_PRIVATE_KEY_CI` before `dotenvx run`. Alternatively, this can be already set on your server or cloud provider.\n\n```sh\n$ touch .env.ci\n$ dotenvx set HELLO \"ci encrypted\" -f .env.ci\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n# check .env.keys for your privateKey\n$ DOTENV_PRIVATE_KEY_CI=\"122...0b8\" dotenvx run -- node index.js\n[dotenvx@1.X.X] injecting env (2) from .env.ci\nHello ci encrypted\n```\n\nNote the `DOTENV_PRIVATE_KEY_CI` ends with `_CI`. This instructs dotenvx run to load the `.env.ci` file. See the pattern?\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`DOTENV_PRIVATE_KEY=key DOTENV_PRIVATE_KEY_PRODUCTION=key run` - Combine Multiple\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt your encrypted `.env` and `.env.production` files by setting `DOTENV_PRIVATE_KEY` and `DOTENV_PRIVATE_KEY_PRODUCTION` before `dotenvx run`. \n\n```sh\n$ touch .env\n$ touch .env.production\n$ dotenvx set HELLO encrypted\n$ dotenvx set HELLO \"production encrypted\" -f .env.production\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n# check .env.keys for your privateKeys\n$ DOTENV_PRIVATE_KEY=\"122...0b8\" DOTENV_PRIVATE_KEY_PRODUCTION=\"122...0b8\" dotenvx run -- node index.js\n[dotenvx@1.X.X] injecting env (3) from .env, .env.production\nHello encrypted\n\n$ DOTENV_PRIVATE_KEY_PRODUCTION=\"122...0b8\" DOTENV_PRIVATE_KEY=\"122...0b8\" dotenvx run -- node index.js\n[dotenvx@1.X.X] injecting env (3) from .env.production, .env\nHello production encrypted\n```\n\nCompose any encrypted files you want this way. As long as a `DOTENV_PRIVATE_KEY_${environment}` is set, the values from `.env.${environment}` will be decrypted at runtime.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --verbose`\u003C\u002Fsummary>\u003Cbr>\n\nSet log level to `verbose`. ([log levels](https:\u002F\u002Fdocs.npmjs.com\u002Fcli\u002Fv8\u002Fusing-npm\u002Flogging#setting-log-levels))\n\n```sh\n$ echo \"HELLO=production\" > .env.production\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -f .env.production --verbose -- node index.js\nloading env from .env.production (\u002Fpath\u002Fto\u002F.env.production)\nHELLO set\n[dotenvx@1.X.X] injecting env (1) from .env.production\nHello production\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --debug`\u003C\u002Fsummary>\u003Cbr>\n\nSet log level to `debug`. ([log levels](https:\u002F\u002Fdocs.npmjs.com\u002Fcli\u002Fv8\u002Fusing-npm\u002Flogging#setting-log-levels))\n\n```sh\n$ echo \"HELLO=production\" > .env.production\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -f .env.production --debug -- node index.js\nprocess command [node index.js]\noptions: {\"env\":[],\"envFile\":[\".env.production\"]}\nloading env from .env.production (\u002Fpath\u002Fto\u002F.env.production)\n{\"HELLO\":\"production\"}\nHELLO set\nHELLO set to production\n[dotenvx@1.X.X] injecting env (1) from .env.production\nexecuting process command [node index.js]\nexpanding process command to [\u002Fopt\u002Fhomebrew\u002Fbin\u002Fnode index.js]\nHello production\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --quiet`\u003C\u002Fsummary>\u003Cbr>\n\nUse `--quiet` to suppress all output (except errors). ([log levels](https:\u002F\u002Fdocs.npmjs.com\u002Fcli\u002Fv8\u002Fusing-npm\u002Flogging#setting-log-levels))\n\n```sh\n$ echo \"HELLO=production\" > .env.production\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -f .env.production --quiet -- node index.js\nHello production\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --log-level`\u003C\u002Fsummary>\u003Cbr>\n\nSet `--log-level` to whatever you wish. For example, to suppress warnings (risky), set log level to `error`:\n\n```sh\n$ echo \"HELLO=production\" > .env.production\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -f .env.production --log-level=error -- node index.js\nHello production\n```\n\nAvailable log levels are `error, warn, info, verbose, debug, silly` ([source](https:\u002F\u002Fdocs.npmjs.com\u002Fcli\u002Fv8\u002Fusing-npm\u002Flogging#setting-log-levels))\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --strict`\u003C\u002Fsummary>\u003Cbr>\n\nExit with code `1` if any errors are encountered - like a missing .env file or decryption failure.\n\n```sh\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -f .env.missing --strict -- node index.js\n[MISSING_ENV_FILE] missing file (\u002Fpath\u002Fto\u002F.env.missing). fix: [echo \"HELLO=Dotenvx\" > .env.missing]\n```\n\nThis can be useful in `ci` scripts where you want to fail the ci if your `.env` file could not be decrypted at runtime.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --ignore`\u003C\u002Fsummary>\u003Cbr>\n\nIgnore errors like `MISSING_ENV_FILE`.\n\n```sh\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run -f .env.missing --ignore=MISSING_ENV_FILE -- node index.js\n...\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --convention=nextjs`\u003C\u002Fsummary>\u003Cbr>\n\nLoad envs using [Next.js' convention](https:\u002F\u002Fnextjs.org\u002Fdocs\u002Fpages\u002Fbuilding-your-application\u002Fconfiguring\u002Fenvironment-variables#environment-variable-load-order). Set `--convention` to `nextjs`:\n\n```sh\n$ echo \"HELLO=development local\" > .env.development.local\n$ echo \"HELLO=local\" > .env.local\n$ echo \"HELLO=development\" > .env.development\n$ echo \"HELLO=env\" > .env\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx run --convention=nextjs -- node index.js\n[dotenvx@1.X.X] injecting env (1) from .env.development.local, .env.local, .env.development, .env\nHello development local\n```\n\n(more conventions available upon request)\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --convention=flow`\u003C\u002Fsummary>\u003Cbr>\n\nLoad envs using [dotenv-flow's convention](https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002Fdotenv-flow). Set `--convention` to `flow`:\n\n```sh\n$ echo \"HELLO=development local\" > .env.development.local\n$ echo \"HELLO=development\" > .env.development\n$ echo \"HELLO=local\" > .env.local\n$ echo \"HELLO=env\" > .env\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ NODE_ENV=development dotenvx run --convention=flow -- node index.js \n[dotenvx@1.X.X] injecting env (1) from .env.development.local, .env.development, .env.local, .env\nHello development local\n```\n\nFurther, we recommend using `DOTENV_ENV` over `NODE_ENV`– as `dotenvx` works everywhere, not just node.\n\n```sh\n$ DOTENV_ENV=development dotenvx run --convention=flow -- node index.js \n[dotenvx@1.X.X] injecting env (1) from .env.development.local, .env.development, .env.local, .env\nHello development local\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run -fk`\u003C\u002Fsummary>\u003Cbr>\n\nSpecify path to `.env.keys`. This is useful with monorepos.\n\n```sh\n$ mkdir -p apps\u002Fapp1\n$ touch apps\u002Fapp1\u002F.env\n$ dotenvx set HELLO Dotenvx -fk .env.keys -f apps\u002Fapp1\u002F.env\n\n$ dotenvx run -fk .env.keys -f apps\u002Fapp1\u002F.env -- yourcommand\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`run --no-ops`\u003C\u002Fsummary>\u003Cbr>\n\nTurn off [Dotenvx Ops](https:\u002F\u002Fdotenvx.com\u002Fops) features.\n\n```sh\n$ dotenvx run --no-ops -- yourcommand\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get KEY`\u003C\u002Fsummary>\u003Cbr>\n\nReturn a single environment variable's value.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx get HELLO\nWorld\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get KEY -f`\u003C\u002Fsummary>\u003Cbr>\n\nReturn a single environment variable's value from a specific `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"HELLO=production\" > .env.production\n\n$ dotenvx get HELLO -f .env.production\nproduction\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get KEY -fk`\u003C\u002Fsummary>\u003Cbr>\n\nSpecify path to `.env.keys`. This is useful with monorepos.\n\n```sh\n$ mkdir -p apps\u002Fapp1\n$ touch apps\u002Fapp1\u002F.env\n$ dotenvx set HELLO Dotenvx -fk .env.keys -f apps\u002Fapp1\u002F.env\n\n$ dotenvx get HELLO -fk .env.keys -f apps\u002Fapp1\u002F.env\nworld\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get KEY --env`\u003C\u002Fsummary>\u003Cbr>\n\nReturn a single environment variable's value from a `--env` string.\n\n```sh\n$ dotenvx get HELLO --env HELLO=String -f .env.production\nString\n```\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\u003Csummary>`get KEY --overload`\u003C\u002Fsummary>\u003Cbr>\n\nReturn a single environment variable's value where each found value is overloaded.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"HELLO=production\" > .env.production\n\n$ dotenvx get HELLO -f .env.production --env HELLO=String -f .env --overload\nWorld\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get KEY --strict`\u003C\u002Fsummary>\u003Cbr>\n\nExit with code `1` if any errors are encountered - like a missing key, missing .env file, or decryption failure.\n\n```sh\n$ dotenvx get DOES_NOT_EXIST --strict\n[MISSING_KEY] missing key (DOES_NOT_EXIST)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get KEY --convention=nextjs`\u003C\u002Fsummary>\u003Cbr>\n\nReturn a single environment variable's value using [Next.js' convention](https:\u002F\u002Fnextjs.org\u002Fdocs\u002Fpages\u002Fbuilding-your-application\u002Fconfiguring\u002Fenvironment-variables#environment-variable-load-order). Set `--convention` to `nextjs`:\n\n```sh\n$ echo \"HELLO=development local\" > .env.development.local\n$ echo \"HELLO=local\" > .env.local\n$ echo \"HELLO=development\" > .env.development\n$ echo \"HELLO=env\" > .env\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ dotenvx get HELLO --convention=nextjs\ndevelopment local\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get KEY --convention=flow`\u003C\u002Fsummary>\u003Cbr>\n\nReturn a single environment variable's value using [dotenv-flow's convention](https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002Fdotenv-flow). Set `--convention` to `flow`:\n\n```sh\n$ echo \"HELLO=development local\" > .env.development.local\n$ echo \"HELLO=development\" > .env.development\n$ echo \"HELLO=local\" > .env.local\n$ echo \"HELLO=env\" > .env\n$ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n$ NODE_ENV=development dotenvx get HELLO --convention=flow\ndevelopment local\n```\n\nFurther, we recommend using `DOTENV_ENV` over `NODE_ENV`– as `dotenvx` works everywhere, not just node.\n\n```sh\n$ DOTENV_ENV=development dotenvx get HELLO --convention=flow\ndevelopment local\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get` (json)\u003C\u002Fsummary>\u003Cbr>\n\nReturn a json response of all key\u002Fvalue pairs in a `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx get\n{\"HELLO\":\"Dotenvx\"}\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get --format shell`\u003C\u002Fsummary>\u003Cbr>\n\nReturn a shell formatted response of all key\u002Fvalue pairs in a `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"KEY=value\" >> .env\n\n$ dotenvx get --format shell\nHELLO=Dotenvx KEY=value\n```\n\nThis can be useful when combined with `env` on the command line.\n\n```\n$ echo \"console.log('Hello ' + process.env.KEY + ' ' + process.env.HELLO)\" > index.js\n$ env $(dotenvx get --format=shell) node index.js\nHello value World\n```\n\nor with `export`.\n\n```\n$ echo \"console.log('Hello ' + process.env.KEY + ' ' + process.env.HELLO)\" > index.js\n$ export $(dotenvx get --format=shell)\n$ node index.js\nHello value World\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get --format eval`\u003C\u002Fsummary>\u003Cbr>\n\nReturn an `eval`-ready shell formatted response of all key\u002Fvalue pairs in a `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"KEY=value\" >> .env\n\n$ dotenvx get --format eval\nHELLO=\"Dotenvx\"\nKEY=\"value\"\n```\n\nNote that this exports newlines and quoted strings.\n\nThis can be useful for more complex .env values (spaces, escaped characters, quotes, etc) combined with `eval` on the command line.\n\n```sh\n$ echo \"console.log('Hello ' + process.env.KEY + ' ' + process.env.HELLO)\" > index.js\n$ eval $(dotenvx get --format=eval) node index.js\nHello value World\n```\n\nBe careful with `eval` as it allows for arbitrary execution of commands. Prefer `dotenvx run --` but in some cases `eval` is a sharp knife that is useful to have.\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\u003Csummary>`get --all`\u003C\u002Fsummary>\u003Cbr>\n\nReturn preset machine envs as well.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx get --all\n{\"PWD\":\"\u002Fsome\u002Ffile\u002Fpath\",\"USER\":\"username\",\"LIBRARY_PATH\":\"\u002Fusr\u002Flocal\u002Flib\", ..., \"HELLO\":\"Dotenvx\"}\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get --all --pretty-print`\u003C\u002Fsummary>\u003Cbr>\n\nMake the output more readable - pretty print it.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx get --all --pretty-print\n{\n  \"PWD\": \"\u002Fsome\u002Ffilepath\",\n  \"USER\": \"username\",\n  \"LIBRARY_PATH\": \"\u002Fusr\u002Flocal\u002Flib\",\n  ...,\n  \"HELLO\": \"Dotenvx\"\n}\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`set KEY value`\u003C\u002Fsummary>\u003Cbr>\n\nSet an encrypted key\u002Fvalue (on by default).\n\n```sh\n$ touch .env\n\n$ dotenvx set HELLO Dotenvx\nset HELLO with encryption (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`set KEY value -f`\u003C\u002Fsummary>\u003Cbr>\n\nSet an (encrypted) key\u002Fvalue for another `.env` file.\n\n```sh\n$ touch .env.production\n\n$ dotenvx set HELLO production -f .env.production\nset HELLO with encryption (.env.production)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`set KEY value -fk`\u003C\u002Fsummary>\u003Cbr>\n\nSpecify path to `.env.keys`. This is useful with monorepos.\n\n```sh\n$ mkdir -p apps\u002Fapp1\n$ touch apps\u002Fapp1\u002F.env\n\n$ dotenvx set HELLO Dotenvx -fk .env.keys -f apps\u002Fapp1\u002F.env\nset HELLO with encryption (.env)\n```\n\nPut it to use.\n\n```sh\n$ dotenvx get -fk .env.keys -f apps\u002Fapp1\u002F.env\n```\n\nUse it with a relative path.\n\n```sh\n$ cd apps\u002Fapp1\n$ dotenvx get -fk ..\u002F..\u002F.env.keys -f .env\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`set KEY \"value with spaces\"`\u003C\u002Fsummary>\u003Cbr>\n\nSet a value containing spaces.\n\n```sh\n$ touch .env.ci\n\n$ dotenvx set HELLO \"my ci\" -f .env.ci\nset HELLO with encryption (.env.ci)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`set KEY -- \"- + * ÷\"`\u003C\u002Fsummary>\u003Cbr>\n\nIf your value starts with a dash (`-`), then place two dashes instructing the cli that there are no more flag arguments.\n\n```sh\n$ touch .env.ci\n\n$ dotenvx set HELLO -f .env.ci -- \"- + * ÷\"\nset HELLO with encryption (.env.ci)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`set KEY value --plain`\u003C\u002Fsummary>\u003Cbr>\n\nSet a plaintext key\u002Fvalue.\n\n```sh\n$ touch .env\n\n$ dotenvx set HELLO Dotenvx --plain\nset HELLO (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`encrypt`\u003C\u002Fsummary>\u003Cbr>\n\nEncrypt the contents of a `.env` file to an encrypted `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx encrypt\n◈ encrypted (.env) + local key (.env.keys)\n⮕  next run [dotenvx ext gitignore --pattern .env.keys] to gitignore .env.keys\n⮕  next run [DOTENV_PRIVATE_KEY='122...0b8' dotenvx run -- yourcommand] to test decryption locally\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`encrypt -f`\u003C\u002Fsummary>\u003Cbr>\n\nEncrypt the contents of a specified `.env` file to an encrypted `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"HELLO=Production\" > .env.production\n\n$ dotenvx encrypt -f .env.production\n◈ encrypted (.env.production) + local key (.env.keys)\n⮕  next run [dotenvx ext gitignore --pattern .env.keys] to gitignore .env.keys\n⮕  next run [DOTENV_PRIVATE_KEY='bff...bc4' dotenvx run -- yourcommand] to test decryption locally\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`encrypt --no-ops`\u003C\u002Fsummary>\u003Cbr>\n\nTurn off [Dotenvx Ops](https:\u002F\u002Fdotenvx.com\u002Fops) features for encrypt.\n\n```sh\n$ dotenvx encrypt --no-ops\n◈ encrypted (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`encrypt -fk`\u003C\u002Fsummary>\u003Cbr>\n\nSpecify path to `.env.keys`. This is useful with monorepos.\n\n```sh\n$ mkdir -p apps\u002Fapp1\n$ echo \"HELLO=Dotenvx\" > apps\u002Fapp1\u002F.env\n\n$ dotenvx encrypt -fk .env.keys -f apps\u002Fapp1\u002F.env\n◈ encrypted (apps\u002Fapp1\u002F.env)\n```\n\nPut it to use.\n\n```sh\n$ dotenvx run -fk .env.keys -f apps\u002Fapp1\u002F.env\n```\n\nUse with a relative path.\n\n```sh\n$ cd apps\u002Fapp1\n$ dotenvx run -fk ..\u002F..\u002F.env.keys -f .env\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`encrypt -k`\u003C\u002Fsummary>\u003Cbr>\n\nSpecify the key(s) to encrypt by passing `--key`.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHELLO2=Universe\" > .env\n\n$ dotenvx encrypt -k HELLO2\n◈ encrypted (.env)\n```\n\nEven specify a glob pattern.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n\n$ dotenvx encrypt -k \"HE*\"\n◈ encrypted (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`encrypt -ek`\u003C\u002Fsummary>\u003Cbr>\n\nSpecify the key(s) to NOT encrypt by passing `--exclude-key`.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHELLO2=Universe\" > .env\n\n$ dotenvx encrypt -ek HELLO\n◈ encrypted (.env)\n```\n\nEven specify a glob pattern.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n\n$ dotenvx encrypt -ek \"HO*\"\n◈ encrypted (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`encrypt --stdout`\u003C\u002Fsummary>\u003Cbr>\n\nEncrypt the contents of a `.env` file and send to stdout.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenvx encrypt --stdout\n#\u002F-------------------[DOTENV_PUBLIC_KEY]--------------------\u002F\n#\u002F            public-key encryption for .env files          \u002F\n#\u002F       [how it works](https:\u002F\u002Fdotenvx.com\u002Fencryption)     \u002F\n#\u002F----------------------------------------------------------\u002F\nDOTENV_PUBLIC_KEY=\"034af93e93708b994c10f236c96ef88e47291066946cce2e8d98c9e02c741ced45\"\n# .env\nHELLO=\"encrypted:BDqDBibm4wsYqMpCjTQ6BsDHmMadg9K3dAt+Z9HPMfLEIRVz50hmLXPXRuDBXaJi\u002FLwWYEVUNiq0HISrslzQPaoyS8Lotg3gFWJTsNCdOWnqpjF2xNUX2RQiP05kAbEXM6MWVjDr\"\n```\n\nor send to a file:\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenvx encrypt --stdout > somefile.txt\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`decrypt`\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt the contents of an encrypted `.env` file to an unencrypted `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx decrypt\n◇ decrypted (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`decrypt -f`\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt the contents of a specified encrypted `.env` file to an unencrypted `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"HELLO=Production\" > .env.production\n\n$ dotenvx encrypt -f .env.production\n◈ encrypted (.env.production)\n$ dotenvx decrypt -f .env.production\n◇ decrypted (.env.production)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`decrypt -fk`\u003C\u002Fsummary>\u003Cbr>\n\nSpecify path to `.env.keys`. This is useful with monorepos.\n\n```sh\n$ mkdir -p apps\u002Fapp1\n$ echo \"HELLO=Dotenvx\" > apps\u002Fapp1\u002F.env\n\n$ dotenvx encrypt -fk .env.keys -f apps\u002Fapp1\u002F.env\n◈ encrypted (apps\u002Fapp1\u002F.env)\n$ dotenvx decrypt -fk .env.keys -f apps\u002Fapp1\u002F.env\n◇ decrypted (apps\u002Fapp1\u002F.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`decrypt -k`\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt the contents of a specified key inside an encrypted `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx decrypt -k HELLO\n◇ decrypted (.env)\n```\n\nEven specify a glob pattern.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx decrypt -k \"HE*\"\n◇ decrypted (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`decrypt -ek`\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt the contents inside an encrypted `.env` file except for an excluded key.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx decrypt -ek HOLA\n◇ decrypted (.env)\n```\n\nEven specify a glob pattern.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx decrypt -ek \"HO*\"\n◇ decrypted (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`decrypt --stdout`\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt the contents of an encrypted `.env` file and send to stdout.\n\n```sh\n$ dotenvx decrypt --stdout\n#\u002F-------------------[DOTENV_PUBLIC_KEY]--------------------\u002F\n#\u002F            public-key encryption for .env files          \u002F\n#\u002F       [how it works](https:\u002F\u002Fdotenvx.com\u002Fencryption)     \u002F\n#\u002F----------------------------------------------------------\u002F\nDOTENV_PUBLIC_KEY=\"034af93e93708b994c10f236c96ef88e47291066946cce2e8d98c9e02c741ced45\"\n# .env\nHELLO=\"Dotenvx\"\n```\n\nor send to a file:\n\n```sh\n$ dotenvx decrypt --stdout > somefile.txt\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`keypair`\u003C\u002Fsummary>\u003Cbr>\n\nPrint public\u002Fprivate keys for `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenvx encrypt\n\n$ dotenvx keypair\n{\"DOTENV_PUBLIC_KEY\":\"\u003CpublicKey>\",\"DOTENV_PRIVATE_KEY\":\"\u003CprivateKey>\"}\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`keypair -f`\u003C\u002Fsummary>\u003Cbr>\n\nPrint public\u002Fprivate keys for `.env.production` file.\n\n```sh\n$ echo \"HELLO=Production\" > .env.production\n$ dotenvx encrypt -f .env.production\n\n$ dotenvx keypair -f .env.production\n{\"DOTENV_PUBLIC_KEY_PRODUCTION\":\"\u003CpublicKey>\",\"DOTENV_PRIVATE_KEY_PRODUCTION\":\"\u003CprivateKey>\"}\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`keypair -fk`\u003C\u002Fsummary>\u003Cbr>\n\nSpecify path to `.env.keys`. This is useful for printing public\u002Fprivate keys for monorepos.\n\n```sh\n$ mkdir -p apps\u002Fapp1\n$ echo \"HELLO=Dotenvx\" > apps\u002Fapp1\u002F.env\n$ dotenvx encrypt -fk .env.keys -f apps\u002Fapp1\u002F.env\n\n$ dotenvx keypair -fk .env.keys -f apps\u002Fapp1\u002F.env\n{\"DOTENV_PUBLIC_KEY\":\"\u003CpublicKey>\",\"DOTENV_PRIVATE_KEY\":\"\u003CprivateKey>\"}\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`keypair DOTENV_PRIVATE_KEY`\u003C\u002Fsummary>\u003Cbr>\n\nPrint specific keypair for `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenvx encrypt\n\n$ dotenvx keypair DOTENV_PRIVATE_KEY\n\u003CprivateKey>\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`keypair --format shell`\u003C\u002Fsummary>\u003Cbr>\n\nPrint a shell formatted response of public\u002Fprivate keys.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenx encrypt\n\n$ dotenvx keypair --format shell\nDOTENV_PUBLIC_KEY=\u003CpublicKey> DOTENV_PRIVATE_KEY=\u003CprivateKey>\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ls`\u003C\u002Fsummary>\u003Cbr>\n\nPrint all `.env` files in a tree structure.\n\n```sh\n$ touch .env\n$ touch .env.production\n$ mkdir -p apps\u002Fbackend\n$ touch apps\u002Fbackend\u002F.env\n\n$ dotenvx ls\n├─ .env.production\n├─ .env\n└─ apps\n   └─ backend\n      └─ .env\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ls directory`\u003C\u002Fsummary>\u003Cbr>\n\nPrint all `.env` files inside a specified path to a directory.\n\n```sh\n$ touch .env\n$ touch .env.production\n$ mkdir -p apps\u002Fbackend\n$ touch apps\u002Fbackend\u002F.env\n\n$ dotenvx ls apps\u002Fbackend\n└─ .env\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ls -f`\u003C\u002Fsummary>\u003Cbr>\n\nGlob `.env` filenames matching a wildcard.\n\n```sh\n$ touch .env\n$ touch .env.production\n$ mkdir -p apps\u002Fbackend\n$ touch apps\u002Fbackend\u002F.env\n$ touch apps\u002Fbackend\u002F.env.prod\n\n$ dotenvx ls -f **\u002F.env.prod*\n├─ .env.production\n└─ apps\n   └─ backend\n      └─ .env.prod\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ls -ef`\u003C\u002Fsummary>\u003Cbr>\n\nGlob `.env` filenames excluding a wildcard.\n\n```sh\n$ touch .env\n$ touch .env.production\n$ mkdir -p apps\u002Fbackend\n$ touch apps\u002Fbackend\u002F.env\n$ touch apps\u002Fbackend\u002F.env.prod\n\n$ dotenvx ls -ef '**\u002F.env.prod*'\n├─ .env\n└─ apps\n   └─ backend\n      └─ .env\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`rotate`\u003C\u002Fsummary>\u003Cbr>\n\nRotate public\u002Fprivate keys for `.env` file and re-encrypt all encrypted values.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx rotate\n⟳ rotated (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`rotate -f`\u003C\u002Fsummary>\u003Cbr>\n\nRotate public\u002Fprivate keys for a specified encrypted `.env` file and re-encrypt all encrypted values.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"HELLO=Production\" > .env.production\n\n$ dotenvx encrypt -f .env.production\n◈ encrypted (.env.production)\n$ dotenvx rotate -f .env.production\n⟳ rotated (.env.production)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`rotate -fk`\u003C\u002Fsummary>\u003Cbr>\n\nSpecify path to `.env.keys`. This is useful with monorepos.\n\n```sh\n$ mkdir -p apps\u002Fapp1\n$ echo \"HELLO=Dotenvx\" > apps\u002Fapp1\u002F.env\n\n$ dotenvx encrypt -fk .env.keys -f apps\u002Fapp1\u002F.env\n◈ encrypted (apps\u002Fapp1\u002F.env)\n$ dotenvx rotate -fk .env.keys -f apps\u002Fapp1\u002F.env\n⟳ rotated (apps\u002Fapp1\u002F.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`rotate -k`\u003C\u002Fsummary>\u003Cbr>\n\nRotate the contents of a specified key inside an encrypted `.env` file.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx rotate -k HELLO\n⟳ rotated (.env)\n```\n\nEven specify a glob pattern.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx rotate -k \"HE*\"\n⟳ rotated (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`rotate -ek`\u003C\u002Fsummary>\u003Cbr>\n\nRotate the encrypted contents inside an encrypted `.env` file except for an excluded key.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx rotate -ek HOLA\n⟳ rotated (.env)\n```\n\nEven specify a glob pattern.\n\n```sh\n$ echo \"HELLO=Dotenvx\\nHOLA=Mundo\" > .env\n$ dotenvx encrypt\n◈ encrypted (.env)\n$ dotenvx rotate -ek \"HO*\"\n⟳ rotated (.env)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`rotate --stdout`\u003C\u002Fsummary>\u003Cbr>\n\nRotate the contents of an encrypted `.env` file and send to stdout.\n\n```sh\n$ dotenvx rotate --stdout\n#\u002F-------------------[DOTENV_PUBLIC_KEY]--------------------\u002F\n#\u002F            public-key encryption for .env files          \u002F\n#\u002F       [how it works](https:\u002F\u002Fdotenvx.com\u002Fencryption)     \u002F\n#\u002F----------------------------------------------------------\u002F\nDOTENV_PUBLIC_KEY=\"034af93e93708b994c10f236c96ef88e47291066946cce2e8d98c9e02c741ced45\"\n# .env\nHELLO=\"encrypted:12345\"\n```\n\nor send to a file:\n\n```sh\n$ dotenvx rotate --stdout > somefile.txt\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`help`\u003C\u002Fsummary>\u003Cbr>\n\nOutput help for `dotenvx`.\n\n```sh\n$ dotenvx help\nUsage: dotenvx run -- yourcommand\n\na secure dotenv–from the creator of `dotenv`\n\nOptions:\n  -l, --log-level \u003Clevel>      set log level (default: \"info\")\n  -q, --quiet                  sets log level to error\n  -v, --verbose                sets log level to verbose\n  -d, --debug                  sets log level to debug\n  -V, --version                output the version number\n  -h, --help                   display help for command\n\nCommands:\n  run                inject env at runtime [dotenvx run -- yourcommand]\n  get [KEY]          return a single environment variable\n  set \u003CKEY> \u003Cvalue>  set a single environment variable\n  encrypt            convert .env file(s) to encrypted .env file(s)\n  decrypt            convert encrypted .env file(s) to plain .env file(s)\n  keypair [KEY]      print public\u002Fprivate keys for .env file(s)\n  ls [directory]     print all .env files in a tree structure\n \nAdvanced: \n  pro                          🏆 pro\n  ext                          🔌 extensions\n```\n\nYou can get more detailed help per command with `dotenvx help COMMAND`.\n\n```sh\n$ dotenvx help run\nUsage: @dotenvx\u002Fdotenvx run [options]\n\ninject env at runtime [dotenvx run -- yourcommand]\n\nOptions:\n  -e, --env \u003Cstrings...>            environment variable(s) set as string (example: \"HELLO=Dotenvx\") (default: [])\n  -f, --env-file \u003Cpaths...>         path(s) to your env file(s) (default: [])\n  -fv, --env-vault-file \u003Cpaths...>  path(s) to your .env.vault file(s) (default: [])\n  -o, --overload                    override existing env variables\n  --convention \u003Cname>               load a .env convention (available conventions: ['nextjs'])\n  -h, --help                        display help for command\n\nExamples:\n\n  $ dotenvx run -- npm run dev\n  $ dotenvx run -- flask --app index run\n  $ dotenvx run -- php artisan serve\n  $ dotenvx run -- bin\u002Frails s\n\nTry it:\n\n  $ echo \"HELLO=Dotenvx\" > .env\n  $ echo \"console.log('Hello ' + process.env.HELLO)\" > index.js\n\n  $ dotenvx run -- node index.js\n  [dotenvx@1.X.X] injecting env (1) from .env\n  Hello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`--version`\u003C\u002Fsummary>\u003Cbr>\n\nCheck current version of `dotenvx`.\n\n```sh\n$ dotenvx --version\nX.X.X\n```\n\n\u003C\u002Fdetails>\n\n### Extensions 🔌\n\nCLI extensions.\n\n\u003Cdetails>\u003Csummary>`ext genexample`\u003C\u002Fsummary>\u003Cbr>\n\nIn one command, generate a `.env.example` file from your current `.env` file contents.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n\n$ dotenvx ext genexample\n▣ generated (.env.example)\n```\n\n```ini\n# .env.example\nHELLO=\"\"\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext genexample -f`\u003C\u002Fsummary>\u003Cbr>\n\nPass multiple `.env` files to generate your `.env.example` file from the combination of their contents.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ echo \"DB_HOST=example.com\" > .env.production\n\n$ dotenvx ext genexample -f .env -f .env.production\n▣ generated (.env.example)\n```\n\n```ini\n# .env.example\nHELLO=\"\"\nDB_HOST=\"\"\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext genexample directory`\u003C\u002Fsummary>\u003Cbr>\n\nGenerate a `.env.example` file inside the specified directory. Useful for monorepos.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ mkdir -p apps\u002Fbackend\n$ echo \"HELLO=Backend\" > apps\u002Fbackend\u002F.env\n\n$ dotenvx ext genexample apps\u002Fbackend\n▣ generated (.env.example)\n```\n\n```ini\n# apps\u002Fbackend\u002F.env.example\nHELLO=\"\"\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext gitignore`\u003C\u002Fsummary>\u003Cbr>\n\nGitignore your `.env` files.\n\n```sh\n$ dotenvx ext gitignore\n▣ ignored .env* (.gitignore)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext gitignore --pattern`\u003C\u002Fsummary>\u003Cbr>\n\nGitignore specific pattern(s) of `.env` files.\n\n```sh\n$ dotenvx ext gitignore --pattern .env.keys\n▣ ignored .env.keys (.gitignore)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext precommit`\u003C\u002Fsummary>\u003Cbr>\n\nPrevent `.env` files from being committed to code.\n\n```sh\n$ dotenvx ext precommit\n▣ .env files (1) protected (encrypted or gitignored)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext precommit --install`\u003C\u002Fsummary>\u003Cbr>\n\nInstall a shell script to `.git\u002Fhooks\u002Fpre-commit` to prevent accidentally committing any `.env` files to source control.\n\n```sh\n$ dotenvx ext precommit --install\n▣ dotenvx ext precommit installed [.git\u002Fhooks\u002Fpre-commit]\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext precommit directory`\u003C\u002Fsummary>\u003Cbr>\n\nPrevent `.env` files from being committed to code inside a specified path to a directory.\n\n```sh\n$ echo \"HELLO=Dotenvx\" > .env\n$ mkdir -p apps\u002Fbackend\n$ echo \"HELLO=Backend\" > apps\u002Fbackend\u002F.env\n\n$ dotenvx ext precommit apps\u002Fbackend\n▣ apps\u002Fbackend\u002F.env not protected (encrypted or gitignored)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext prebuild`\u003C\u002Fsummary>\u003Cbr>\n\nPrevent `.env` files from being built into your docker containers.\n\nAdd it to your `Dockerfile`.\n\n```Containerfile\n# Install via script\nRUN curl -fsS https:\u002F\u002Fdotenvx.sh | sh\n\n# Or copy binary from official image\nCOPY --from=dotenv\u002Fdotenvx:latest \u002Fusr\u002Flocal\u002Fbin\u002Fdotenvx \u002Fbin\u002Flocal\u002Fbin\n\n# ... orther container commands\n\nRUN dotenvx ext prebuild\nCMD [\"\u002Fusr\u002Flocal\u002Fbin\u002Fdotenvx\", \"run\", \"--\", \"node\", \"index.js\"]\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext prebuild directory`\u003C\u002Fsummary>\u003Cbr>\n\nPrevent `.env` files from being built into your docker containers inside a specified path to a directory.\n\nAdd it to your `Dockerfile`.\n\n```Containerfile\n# Install via script\nRUN curl -fsS https:\u002F\u002Fdotenvx.sh | sh\n\n# Or copy binary from official image\nCOPY --from=dotenv\u002Fdotenvx:latest \u002Fusr\u002Flocal\u002Fbin\u002Fdotenvx \u002Fbin\u002Flocal\u002Fbin\n\n# ... orther container commands\n\nRUN dotenvx ext prebuild apps\u002Fbackend\nCMD [\"\u002Fusr\u002Flocal\u002Fbin\u002Fdotenvx\", \"run\", \"--\", \"node\", \"apps\u002Fbackend\u002Findex.js\"]\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`ext scan`\u003C\u002Fsummary>\u003Cbr>\n\nScan for leaked secrets.\n\n```sh\n$ dotenvx ext scan\n100 commits scanned.\nno leaks found\n```\n\nUses [gitleaks](https:\u002F\u002Fgitleaks.io) under the hood.\n\n\u003C\u002Fdetails>\n\n### Library 📦\n\nUse dotenvx directly in code.\n\n\u003Cdetails>\u003Csummary>`config()`\u003C\u002Fsummary>\u003Cbr>\n\nUse directly in node.js code.\n\n```ini\n# .env\nHELLO=\"Dotenvx\"\n```\n\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config()\n\nconsole.log(`Hello ${process.env.HELLO}`)\n```\n\n```sh\n$ node index.js\n[dotenvx@1.X.X] injecting env (1) from .env\nHello Dotenvx\n```\n\nIt defaults to looking for a `.env` file.\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`config(path: ['.env.local', '.env'])` - multiple files\u003C\u002Fsummary>\u003Cbr>\n\nSpecify path(s) to multiple .env files.\n\n```ini\n# .env.local\nHELLO=\"Me\"\n```\n\n```ini\n# .env\nHELLO=\"Dotenvx\"\n```\n\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config({path: ['.env.local', '.env']})\n\n\u002F\u002F esm\n\u002F\u002F import dotenvx from \"@dotenvx\u002Fdotenvx\";\n\u002F\u002F dotenvx.config({path: ['.env.local', '.env']});\n\nconsole.log(`Hello ${process.env.HELLO}`)\n```\n\n```sh\n$ node index.js\n[dotenvx@1.X.X] injecting env (1) from .env.local, .env\nHello Me\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`config(overload: true)` - overload\u003C\u002Fsummary>\u003Cbr>\n\nUse `overload` to overwrite the prior set value.\n\n```ini\n# .env.local\nHELLO=\"Me\"\n```\n\n```ini\n# .env\nHELLO=\"Dotenvx\"\n```\n\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config({path: ['.env.local', '.env'], overload: true})\n\n\u002F\u002F esm\n\u002F\u002F import dotenvx from \"@dotenvx\u002Fdotenvx\";\n\u002F\u002F dotenvx.config({path: ['.env.local', '.env'], overload: true});\n\nconsole.log(`Hello ${process.env.HELLO}`)\n```\n\n```sh\n$ node index.js\n[dotenvx@1.X.X] injecting env (1) from .env.local, .env\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`config(quiet: true)` - quiet\u003C\u002Fsummary>\u003Cbr>\n\nSuppress all output (except errors).\n\n```ini\n# .env\nHELLO=\"Dotenvx\"\n```\n\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config({path: ['.env.missing', '.env'], quiet: true})\n\n\u002F\u002F esm\n\u002F\u002F import dotenvx from \"@dotenvx\u002Fdotenvx\";\n\u002F\u002F dotenvx.config({path: ['.env.missing', '.env'], quiet: true});\n\nconsole.log(`Hello ${process.env.HELLO}`)\n```\n\n```sh\n$ node index.js\nError: [MISSING_ENV_FILE] missing .env.missing file (\u002Fpath\u002Fto\u002F.env.missing)\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`config(strict: true)` - strict\u003C\u002Fsummary>\u003Cbr>\n\nExit with code `1` if any errors are encountered - like a missing .env file or decryption failure.\n\n```ini\n# .env\nHELLO=\"Dotenvx\"\n```\n\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config({path: ['.env.missing', '.env'], strict: true})\n\n\u002F\u002F esm\n\u002F\u002F import dotenvx from \"@dotenvx\u002Fdotenvx\";\n\u002F\u002F dotenvx.config({path: ['.env.missing', '.env'], strict: true});\n\nconsole.log(`Hello ${process.env.HELLO}`)\n```\n\n```sh\n$ node index.js\nError: [MISSING_ENV_FILE] missing .env.missing file (\u002Fpath\u002Fto\u002F.env.missing)\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`config(ignore:)` - ignore\u003C\u002Fsummary>\u003Cbr>\n\nUse `ignore` to suppress specific errors like `MISSING_ENV_FILE`.\n\n```ini\n# .env\nHELLO=\"Dotenvx\"\n```\n\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config({path: ['.env.missing', '.env'], ignore: ['MISSING_ENV_FILE']})\n\n\u002F\u002F esm\n\u002F\u002F import dotenvx from \"@dotenvx\u002Fdotenvx\";\n\u002F\u002F dotenvx.config({path: ['.env.missing', '.env'], ignore: ['MISSING_ENV_FILE']});\n\nconsole.log(`Hello ${process.env.HELLO}`)\n```\n\n```sh\n$ node index.js\n[dotenvx@1.X.X] injecting env (1) from .env\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`config(envKeysFile:)` - envKeysFile\u003C\u002Fsummary>\u003Cbr>\n\nUse `envKeysFile` to customize the path to your `.env.keys` file. This is useful with monorepos.\n\n```ini\n# .env\nHELLO=\"Dotenvx\"\n```\n\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config({path: ['.env'], envKeysFile: '..\u002F..\u002F.env.keys'})\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`config(convention:)` - convention\u003C\u002Fsummary>\u003Cbr>\n\nSet a convention when using `dotenvx.config()`. This allows you to use the same file loading order as the CLI without needing to specify each file individually.\n\n```sh\n# Setup environment files\n$ echo \"HELLO=development local\" > .env.development.local\n$ echo \"HELLO=local\" > .env.local\n$ echo \"HELLO=development\" > .env.development\n$ echo \"HELLO=env\" > .env\n```\n\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config({ convention: 'nextjs' })\n\nconsole.log(`Hello ${process.env.HELLO}`)\n```\n\n```sh\n$ NODE_ENV=development node index.js\n[dotenvx@1.28.0] injecting env (1) from .env.development.local, .env.local, .env.development, .env\nHello development local\n```\n\nThis is equivalent to using `--convention=nextjs` with the CLI:\n\n```sh\n$ dotenvx run --convention=nextjs -- node index.js\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`config(noOps:)` - noOps\u003C\u002Fsummary>\u003Cbr>\n\nTurn off [Dotenvx Ops](https:\u002F\u002Fdotenvx.com\u002Fops) features.\n\n```js\n\u002F\u002F index.js\nrequire('@dotenvx\u002Fdotenvx').config({noOps: true})\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`parse(src)`\u003C\u002Fsummary>\u003Cbr>\n\nParse a `.env` string directly in node.js code.\n\n```js\n\u002F\u002F index.js\nconst dotenvx = require('@dotenvx\u002Fdotenvx')\nconst src = 'HELLO=Dotenvx'\nconst parsed = dotenvx.parse(src)\nconsole.log(`Hello ${parsed.HELLO}`)\n```\n\n```sh\n$ node index.js\nHello Dotenvx\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`parse(src, {processEnv:})`\u003C\u002Fsummary>\u003Cbr>\n\nSometimes, you want to run `parse` without it accessing `process.env`. (You can pass a fake processEnv this way as well - sometimes useful.)\n\n```js\n\u002F\u002F index.js\nconst dotenvx = require('@dotenvx\u002Fdotenvx')\nconst src = 'USER=Me'\nconst parsed = dotenvx.parse(src, { processEnv: {} })\nconsole.log(`Hello ${parsed.USER}`)\n```\n\n```sh\n$ node index.js\nHello Me\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`parse(src, {privateKey:})`\u003C\u002Fsummary>\u003Cbr>\n\nDecrypt an encrypted `.env` string with `privateKey`.\n\n```js\n\u002F\u002F index.js\nconst dotenvx = require('@dotenvx\u002Fdotenvx')\nconst src = 'HELLO=\"encrypted:BE9Y7LKANx77X1pv1HnEoil93fPa5c9rpL\u002F1ps48uaRT9zM8VR6mHx9yM+HktKdsPGIZELuZ7rr2mn1gScsmWitppAgE\u002F1lVprNYBCqiYeaTcKXjDUXU5LfsEsflnAsDhT\u002FkWG1l\"'\nconst parsed = dotenvx.parse(src, { privateKey: 'a4547dcd9d3429615a3649bb79e87edb62ee6a74b007075e9141ae44f5fb412c' })\nconsole.log(`Hello ${parsed.HELLO}`)\n```\n\n```sh\n$ node index.js\nHello Dotenvx\n```\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`set(KEY, value)`\u003C\u002Fsummary>\u003Cbr>\n\nProgrammatically set an environment variable. \n\n```js\n\u002F\u002F index.js\nconst dotenvx = require('@dotenvx\u002Fdotenvx')\ndotenvx.set('HELLO', 'Dotenvx', { path: '.env' })\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`set(KEY, value, {plain:})`\u003C\u002Fsummary>\u003Cbr>\n\nProgrammatically set a plaintext environment variable.\n\n```js\n\u002F\u002F index.js\nconst dotenvx = require('@dotenvx\u002Fdotenvx')\ndotenvx.set('HELLO', 'Dotenvx', { plain: true })\n```\n\n\u003C\u002Fdetails>\n\u003Cdetails>\u003Csummary>`get(KEY)` - \u003Ci>Decryption at Access\u003C\u002Fi>\u003C\u002Fsummary>\u003Cbr>\n\nProgrammatically get an environment variable at access\u002Fruntime.\n\n```js\n\u002F\u002F index.js\nconst dotenvx = requir","dotenvx 是一个安全的环境变量管理工具，由 dotenv 的创建者开发。它支持跨平台运行、多环境配置以及加密环境变量，确保敏感信息的安全性。核心功能包括通过命令行界面（CLI）进行环境变量的管理和加密，支持多种安装方式如 npm、curl、Homebrew 和 Docker 等，便于集成到各种开发和部署流程中。适用于需要对应用程序中的敏感信息进行安全存储与访问的场景，特别适合那些关注数据安全且希望简化配置管理过程的开发者或团队使用。",2,"2026-06-11 03:36:46","high_star"]