Shenvy Logo
Zero-knowledge secret sync

Securely share and sync your .env

Shenvy securely manages environment variables for every teammate, service, and deployment. Share credentials instantly, audit changes, and ship with confidence.

$
npm install -g @shenvy/cli
Get started free See pricing

No credit card required. Cancel anytime.

$ shenvy push

Encrypting .env.development…

✓ Pushed 12 variables to my-app / development

$ shenvy pull

✓ Pulled latest secrets — up to date

Features

All the benefits of a modern secrets platform

Shenvy replaces scattered .env files with a resilient control plane designed for fast-moving engineering teams. Sync once, share securely everywhere.

Unified secret sync

Organize credentials, API keys, and certificates in a single workspace that updates everywhere at once.

  • Version history with instant diffing
  • Scoped vaults for services and teams
  • CLI-first workflow for developers

Developer automation

Integrate with your local workflow and staging environments to hydrate builds automatically.

  • Cross-platform CLI (Go)
  • Instant team synchronization
  • CI/CD Integration (Coming Soon)

Role-Based Access Control

Assign precise permissions to every team member. Control who can push, pull, or view secrets across every project and environment.

  • MEMBER, ADMIN, and READER roles
  • Per-project permission scoping
  • Audit timeline for every change

Built to fit your stack

Shenvy integrates with the tools you already use, so updating a secret instantly syncs across pipelines, staging environments, and production workloads.

Local Development
Sync environment variables across repositories and environments with a single command.
Team Collaboration
Share access to specific project environments without exposing sensitive values to unauthorized eyes.
Kubernetes Sidecar
Inject secrets directly into your pods with our upcoming K8s operator (Coming Soon).

Use Cases

From solo projects to enterprise teams

Whether you're a solo developer protecting local secrets or an enterprise team managing production credentials across dozens of services, Shenvy fits your workflow.

Solo dev · CLI

Never commit secrets again

Push your encrypted .env once. Pull it on any machine. No Slack messages, no copy-paste, no secrets in git history.

bash 
shenvy init
shenvy add .env
shenvy push
# On any other machine:
shenvy pull
Solo dev · shenvy run

Run your app with secrets. Zero disk exposure.

Secrets are injected directly into the process environment. They never touch disk, never appear in shell history, never leak through log files.

bash 
shenvy run -- node server.js
shenvy run -e production -- python manage.py migrate
Solo dev · Webapp

Manage your environments from the dashboard

Create a project on the web dashboard, edit variables visually, review version history — then pull to your terminal with one command.

  • Web-based env editor — no terminal required
  • Full version history — see who changed what and restore any version
  • Pull to local anytime with `shenvy pull`
Small team

Onboard in seconds. No secrets in Slack.

The lead creates the project and invites the team on the dashboard. Each dev runs one command. End-to-end encrypted per device — nobody sees anyone else's secrets.

bash 
shenvy clone my-project
Small team · Multi-env

Dev, staging, production — all in one place

One project, multiple environment files — each one independently encrypted and version-controlled. Switch between them with a flag. No manual file swapping, no deployment mistakes.

bash 
shenvy run -e staging -- npm run test:e2e
shenvy run -e production -- ./deploy.sh
CI/CD · API keys

Zero-trust secrets in your pipeline

Generate an API key from the dashboard. Set it as a repo secret in GitHub Actions. Your pipeline injects secrets at runtime — never stored in plaintext in your CI provider.

yaml 
- name: Deploy
  env:
    SHENVY_API_KEY: ${{ secrets.SHENVY_API_KEY }}
  run: shenvy run -- ./deploy.sh
Enterprise · Teams

Secrets with org-level access control

Create teams, assign roles, and control which projects each team can access. Frontend devs don't see backend secrets. Full audit trail on every change.

  • Role-based access: owner, admin, member, and reader roles per team
  • Project-level isolation — each team only accesses the projects they're invited to
  • Track who updated each secret and when, with full version history

Workflow

Simplify your configuration pipeline

Shenvy eliminates the manual overhead of managing .env files across distributed teams and local environments.

  1. 1

    Link your project

    Initialize your workspace with the CLI and start tracking your environment files in seconds.

  2. 2

    Invite your team

    Developers join for free. Share access to specific project environments with granular roles.

  3. 3

    Sync and ship

    Run 'shenvy pull' to pull the latest variables. No more copying .env files or broken builds.

Security

Built for developer trust

Encryption and access control shouldn't slow you down. Shenvy delivers security by default.

Zero-knowledge encryption
Secrets are encrypted on your device. We never see your plain-text variables.
Team-based access
Control who can read or modify secrets at the project and environment level.
Audit timeline
Track every sync and change event from a single compliance-ready timeline.

Ready to centralize your secrets?

Launch in minutes with the Shenvy CLI. Free to get started — no credit card needed.

terminal
  1. 1. Install$npm install -g @shenvy/cli
  2. 2. Login$shenvy login
  3. 3. Init$shenvy init
  4. 4. Push$shenvy push
Start free trial View plans