Suggested additions
I'd like to suggest two open-source DevSecOps tools for inclusion:
Secret Management
- Envault - Environment variable vault with AES-256 encryption, team sharing via .env files, and rotation tracking. CLI-based secret management for the .env workflow. MIT licensed.
npm install -g envault (189 weekly downloads) or pip install envault-secrets.
Automation
- API Auth Guard - API authentication guard that validates auth headers, detects missing security headers (CORS, CSP, HSTS), and tests token expiration across endpoints. Runs in CI to catch auth issues before deployment. MIT licensed.
Both tools fill gaps in the current list — there's no .env-specific secret tool in Secret Management, and no API auth validation tool in Automation. Happy to submit a PR if these are welcome.
Suggested additions
I'd like to suggest two open-source DevSecOps tools for inclusion:
Secret Management
npm install -g envault(189 weekly downloads) orpip install envault-secrets.Automation
Both tools fill gaps in the current list — there's no .env-specific secret tool in Secret Management, and no API auth validation tool in Automation. Happy to submit a PR if these are welcome.