Sharing environment variables during a quick project hand-off shouldn't require setting up a heavy enterprise vault like Doppler or Infisical. But it also shouldn't mean copy-pasting plaintext API keys into Slack or Discord.
I wanted a frictionless, terminal-native bridge. So I built share-env: an ephemeral, peer-to-peer CLI for securely sharing .env files.
Here is exactly how it is architected under the hood:
True Zero-Knowledge E2E Encryption
Files are encrypted entirely locally using Node's native crypto module (AES-256-GCM). The decryption key is passed via a hash fragment in the generated share code (e.g., blue-sky-rocket#a1b2c3d4). The relay server receives the ciphertext, but the hex key after the # never leaves your local machine.
Smart Merging (No overwriting)
Generic file-sharers like Magic Wormhole blindly overwrite files. share-env parses the incoming payload using dotenv. If there is a conflict (e.g., you have PORT=3000 locally and the incoming file has PORT=8080), it pauses and interactively asks which value to keep.
Pre-Flight Git Guardrails
To prevent accidental leaks, the CLI uses the fs module to check your .gitignore before pulling. If .env isn't safely ignored, the CLI throws a fatal error and physically blocks execution.
Burn-After-Reading TTL
The Express relay server has no database. It uses node-cache to hold encrypted blobs in memory with a strict 10-minute TTL. The millisecond a payload is pulled, it is permanently destroyed.
Test it locally in 5 seconds (Zero Setup)
You do not need to create an account, and you don't even need to install it globally. Run this in any directory with a .env file:
Developer A (Sender):
Bash
npx share-env push
Developer B (Receiver):
Bash
npx share-env pull <share-code>
Source Code & Registry:
GitHub: https://github.com/arjunn881/env-share
npm: https://www.npmjs.com/package/share-env
I spend a lot of my time building in the MERN stack, and juggling local environments across different setups has always been a pain point. I open-sourced the entire monorepo—I'd love for the community to audit the crypto architecture or drop feedback on the CLI UX!
— Arjun
Top comments (0)