This content originally appeared on DEV Community and was authored by Arjuna Nayak
Sharing environment variables during a quick project hand-off shouldn't require setting up a heavy enterprise vault like Doppler or Infisical. But it also shouldn't mean copy-pasting plaintext API keys into Slack or Discord.
I wanted a frictionless, terminal-native bridge. So I built share-env: an ephemeral, peer-to-peer CLI for securely sharing .env files.
Here is exactly how it is architected under the hood:
True Zero-Knowledge E2E Encryption
Files are encrypted entirely locally using Node's native crypto module (AES-256-GCM). The decryption key is passed via a hash fragment in the generated share code (e.g., blue-sky-rocket#a1b2c3d4). The relay server receives the ciphertext, but the hex key after the # never leaves your local machine.
Smart Merging (No overwriting)
Generic file-sharers like Magic Wormhole blindly overwrite files. share-env parses the incoming payload using dotenv. If there is a conflict (e.g., you have PORT=3000 locally and the incoming file has PORT=8080), it pauses and interactively asks which value to keep.
Pre-Flight Git Guardrails
To prevent accidental leaks, the CLI uses the fs module to check your .gitignore before pulling. If .env isn't safely ignored, the CLI throws a fatal error and physically blocks execution.
Burn-After-Reading TTL
The Express relay server has no database. It uses node-cache to hold encrypted blobs in memory with a strict 10-minute TTL. The millisecond a payload is pulled, it is permanently destroyed.
Test it locally in 5 seconds (Zero Setup)
You do not need to create an account, and you don't even need to install it globally. Run this in any directory with a .env file:
Developer A (Sender):
Bash
npx share-env push
Developer B (Receiver):
Bash
npx share-env pull <share-code>
Source Code & Registry:
GitHub: https://github.com/arjunn881/env-share
npm: https://www.npmjs.com/package/share-env
I spend a lot of my time building in the MERN stack, and juggling local environments across different setups has always been a pain point. I open-sourced the entire monorepo—I'd love for the community to audit the crypto architecture or drop feedback on the CLI UX!
— Arjun
This content originally appeared on DEV Community and was authored by Arjuna Nayak
Arjuna Nayak | Sciencx (2026-06-10T18:04:23+00:00) Stop sharing .env files in Discord. I built a zero-setup, E2E encrypted CLI instead.. Retrieved from https://www.scien.cx/2026/06/10/stop-sharing-env-files-in-discord-i-built-a-zero-setup-e2e-encrypted-cli-instead/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.