MCPcopy Index your code
hub / github.com/XENONCYBER/envy

github.com/XENONCYBER/envy @v1.2.1

Chat with this repo
repository ↗ · DeepWiki ↗ · release v1.2.1 ↗ · + Follow
192 symbols 602 edges 26 files 82 documented · 43% updated 4mo agov1.2.1 · 2026-03-03★ 712 open issues
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

Envy Logo

Quick StartConfigurationCommandsKeybindingsFAQDocumentation

A secure encrypted vault for managing API keys, secrets, and environment variables. Built for developers who live in the terminal.

What is Envy?

I built Envy because I was tired of juggling .env files and keeping secrets scattered across password managers, sticky notes, and Slack threads. It's a single binary that gives you both a slick TUI for browsing secrets and a CLI for automation.

Here's what you get:

  • Real encryption — AES-256-GCM with Argon2id, not just base64 obfuscation
  • Fast access — Fuzzy search finds secrets in milliseconds
  • Organized by project — Group related secrets together
  • Multiple environments — Keep dev, stage, and prod separate
  • Version history — See what changed and when
  • Import/export — Bring in your existing .env files

Quick Install

One command:

curl -fsSL https://raw.githubusercontent.com/XENONCYBER/envy/main/install.sh | sh

Or build from source:

git clone https://github.com/XENONCYBER/envy.git && cd envy
go build -o envy ./cmd/main.go

Quick Start

# Create your vault (first run only)
envy

# Import existing .env files
envy --import .env

# Set secrets via CLI
envy set myproject API_KEY=secret123

# Run commands with secrets injected
envy run myproject -- npm start

# Export project to .env file
envy --export myproject

Security

Your secrets are encrypted with AES-256-GCM. The key is derived from your master password using Argon2id — a memory-hard function designed to resist GPU cracking attempts.

  • Your password is never stored anywhere
  • We only keep a hash to verify it's correct
  • The vault file is useless without your password
  • If you forget your password, your secrets are gone. Period.

Read more about how the encryption works.

Documentation

The full docs live in the docs/ folder:

Development

# Prerequisites: Go 1.25.4+

# Clone and build
git clone https://github.com/XENONCYBER/envy.git
cd envy
go build -o envy ./cmd/main.go

# Run tests
go test ./...

# Run locally
go run ./cmd/main.go

See Development Guide for contribution guidelines.

License

MIT License — see LICENSE for details.

Similar Projects

  • pass — The standard Unix password manager
  • gopass — A more feature-rich pass implementation
  • vault — HashiCorp's enterprise secrets solution

GitHub · Issues · Releases

Extension points exported contracts — how you extend this code

Core symbols most depended-on inside this repo

Shape

Function 106
Method 64
Struct 16
TypeAlias 5
Interface 1

Languages

Go100%

Modules by API surface

internal/service/vault.go25 symbols
internal/tui/update.go17 symbols
internal/tui/model.go16 symbols
internal/config/lua.go13 symbols
internal/storage/store.go12 symbols
tests/vault_test.go10 symbols
tests/encryption_test.go10 symbols
internal/tui/bottombar.go10 symbols
internal/config/keymap.go10 symbols
internal/config/theme.go9 symbols
internal/tui/view.go8 symbols
internal/domain/models.go7 symbols

Datastores touched

dbDatabase · 1 repos
devDatabase · 1 repos
myappDatabase · 1 repos
devdbDatabase · 1 repos
mydbDatabase · 1 repos
newappDatabase · 1 repos
prodDatabase · 1 repos
stageDatabase · 1 repos

For agents

$ claude mcp add envy \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact

Ask about this repo answers extend the page