
better-env
A Secure, Developer-Friendly Alternative to .env
16 followers
A Secure, Developer-Friendly Alternative to .env
16 followers
better-env is a CLI tool that manages environment variables securely using OpenPGP encryption. Store secrets once in a global encrypted store, link them to projects via commit-safebetter-env files, and load them at runtime, no plaintext to be found anywhere.



Hey Product Hunt! π
I'm Harish, the maker of better-env, and I'm excited to share it with you!
Have you ever thought about how fundamentally flawed .env files are? They're plaintext, easy to commit, scattered across projects, and a security risk waiting to happen. I've lost count of the times I've panicked after accidentally committing a `.env` file or struggled to manage secrets across multiple projects.
That's exactly why I built better-env: a secure CLI tool that manages environment variables using PGP encryption, eliminating plaintext secrets from your repos entirely.
π What it does:
Global encrypted store - Store all your secrets once in a secure, PGP-encrypted location on your machine.
Zero plaintext - No .env files needed in your projects. Secrets decrypt only at runtime when you need them.
Commit-safe - `.better-env` files contain only key names (no values), so they're completely safe to commit.
Per-project selection - Choose which secrets each project uses with simple commands.
β‘ Why it's useful:
Never accidentally commit secrets again - even if you commit `.better-env`, it has no sensitive data.
Centralized secret management - one encrypted store for all your projects.
Works seamlessly with your workflow - use bnv shell or bnv run to inject secrets.
No complex infrastructure - just a simple CLI tool that encrypts locally.
π Try better-env now - It's Free and Open Source!
Check out the Github Repository
Check out the Documentation
Would love your feedback, thoughts, or feature requests. I'm building this for developers like you π, and your input means a lot. Let's talk! π
Cheers,
Harish
Swytchcode
Amazing. It's a great idea, and yes, .env is really problematic.
I'll try this one out