Stop committing
secrets. Start syncing
them.
DotSync encrypts your .env secrets client-side and syncs them across your team in seconds. No plaintext, no Slack messages, no leaked API keys.
a61e:9d02:c4f7:1b3a:
55d8:0ae3:f12c:88e0
Secure by default,
simple in practice
Every dev team shares secrets. Most do it badly. DotSync makes the secure path the easy path.
Client-side encryption
Secrets are encrypted with AES-256-GCM on your machine before they ever leave it. Plaintext never touches a server.
One command sync
Push and pull encrypted .env files across your whole team with a single CLI command. No setup ceremony.
GitHub OAuth
No new accounts to manage. Sign in with the GitHub identity your team already uses.
Open source
The full source is public. Verify exactly what DotSync does with your secrets, no trust required.
Drop-in workflow
Works alongside your existing .env files and tooling. No migration, no new file formats to learn.
Zero server exposure
Even if the sync server is compromised, attackers get ciphertext. Keys never leave your device.
Three commands. That's it.
Initialize
Connect your project and authenticate with GitHub OAuth.
$ dotsync initPush
Encrypt your local .env and sync it to your team instantly.
$ dotsync pushPull
Teammates pull and decrypt the latest secrets, automatically.
$ dotsync pullYour .env files, encrypted and
always in sync
Free, open source, and ready in under a minute.
Get started on GitHub →