$ dotsync init

Stop committing
secrets. Start syncing
them.

DotSync encrypts your .env secrets client-side and syncs them across your team in seconds. No plaintext, no Slack messages, no leaked API keys.

$ go install github.com/Pruthviraj36/dotsync@latest
.env — dotsync
DB_PASSWORD=hunter2
STRIPE_KEY=sk_live_x9...
encrypt
7f3a:e91c:b04d:2f88:
a61e:9d02:c4f7:1b3a:
55d8:0ae3:f12c:88e0
AES-256-GCM · synced ✓
3 team members synced — 0 leaks
$ _
Open source
AES-256-GCM encryption
One CLI command
GitHub OAuth
$ why dotsync

Secure by default,
simple in practice

Every dev team shares secrets. Most do it badly. DotSync makes the secure path the easy path.

Client-side encryption

Secrets are encrypted with AES-256-GCM on your machine before they ever leave it. Plaintext never touches a server.

One command sync

Push and pull encrypted .env files across your whole team with a single CLI command. No setup ceremony.

GitHub OAuth

No new accounts to manage. Sign in with the GitHub identity your team already uses.

Open source

The full source is public. Verify exactly what DotSync does with your secrets, no trust required.

Drop-in workflow

Works alongside your existing .env files and tooling. No migration, no new file formats to learn.

Zero server exposure

Even if the sync server is compromised, attackers get ciphertext. Keys never leave your device.

$ how it works

Three commands. That's it.

01

Initialize

Connect your project and authenticate with GitHub OAuth.

$ dotsync init
02

Push

Encrypt your local .env and sync it to your team instantly.

$ dotsync push
03

Pull

Teammates pull and decrypt the latest secrets, automatically.

$ dotsync pull

Your .env files, encrypted and
always in sync

Free, open source, and ready in under a minute.

Get started on GitHub →