PHPackages initiativesolutions/secrets-manager - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. initiativesolutions/secrets-manager ActiveLibrary[Security](/categories/security) initiativesolutions/secrets-manager =================================== Encrypt sensitive app data 1.0.10(2y ago)02.7k↓100%proprietaryPHP Since Aug 8Pushed 2y agoCompare [ Source](https://github.com/initiativesolutions/secrets-manager)[ Packagist](https://packagist.org/packages/initiativesolutions/secrets-manager)[ RSS](/packages/initiativesolutions-secrets-manager/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (2)Versions (11)Used By (0) Secrets Manager 🔐 ================= [](#secrets-manager-) > The **Secrets Manager** application is a command-line tool that allows you to encrypt sensitive values for your application's `.env` files. This ensures that sensitive values are not stored in plain text, enhancing the security of your applications. > This project has two different uses: > > - for token encryption (command line use) > - to decrypt the tokens from the application (secrets provider) Installation ------------ [](#installation) ### For tokens encryption [](#for-tokens-encryption) To install the command line tool application, follow these steps: 1. Clone this repository: `git clone https://github.com/initiativesolutions/secrets-manager.git` 2. Install dependencies: `composer install` ### For tokens provider [](#for-tokens-provider) From the application where you want to decrypt the tokens : 1. `composer require initiativesolutions/secrets-manager` Usage ----- [](#usage) ### For tokens encryption [](#for-tokens-encryption-1) > Ensure you run the application with a user having **necessary rights** on the machine or server, as the application performs file read and write operations. #### Configuration [](#configuration) The default configuration of the application is set in the `config.yaml` file. Make sure to adjust these values according to your needs. Example: ``` encryption_key: location: /var/keys/secrets-manager/encryption file_name: encrypt.key secrets_files: location: /var/keys/secrets-manager/secrets prefix: secrets_ encrypt: algorithm: aes256 ``` #### Commands [](#commands) Here are the available commands in the application: - `bin/secretctl encrypt [TOKEN_NAME] -app [APPLICATION_NAME] -env [ENVIRONNEMENT_NAME]`: Encrypts token one by one. - `bin/secretctl encrypt -file [PATH_TO_JSON_TOKENS] -app [APPLICATION_NAME] -env [ENVIRONNEMENT_NAME] [--remove-file]`: Encrypts json file by passing path (you can use --remove-file to delete .json file after encryption) - `bin/secretctl rotate`: Re-encrypts tokens and generates a new security key. - `bin/secretctl delete [TOKEN_NAME] -app [APPLICATION_NAME] -env [ENVIRONNEMENT_NAME]`: Delete a token. - `bin/secretctl list -app [APPLICATION_NAME] -env [ENVIRONNEMENT_NAME]`: List tokens. - `bin/secretctl help`: See help for all commands > If you have a problem when running `bin/secretctl` then run : `chmod +x bin/secretctl && sed -i -e 's/\r$//' bin/secretctl` ### For tokens provider [](#for-tokens-provider-1) ``` $tokens = (new SecretsProvider()) ->decrypt('path/to/encrypt.key', 'path/to/secrets/tokens'); $_ENV = array_merge($_ENV, $tokens); ``` Tests ----- [](#tests) You can run tests with `vendor/bin/phpunit tests/`. ### Health Score 26 — LowBetter than 43% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity16 Limited adoption so far Community6 Small or concentrated contributor base Maturity50 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~15 days Recently: every ~35 days Total 10 Last Release 864d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e792b53a4e6a6529b12dee3f64f51ea0f6c231ed5a829e12ae8076c516987170?d=identicon)[initiativesolutions](/maintainers/initiativesolutions) --- Top Contributors [![amine-ini](https://avatars.githubusercontent.com/u/136342133?v=4)](https://github.com/amine-ini "amine-ini (33 commits)") --- Tags crmsecret-managementsecurity ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/initiativesolutions-secrets-manager/health.svg) ``` [![Health](https://phpackages.com/badges/initiativesolutions-secrets-manager/health.svg)](https://phpackages.com/packages/initiativesolutions-secrets-manager) ``` ### Alternatives [enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker)[craftcamp/php-abac Library used to implement Attribute-Based Access Control in a PHP application 987.1k2](/packages/craftcamp-php-abac) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)