This product was not featured by Product Hunt yet.
It will not be visible on their landing page and won't be ranked (cannot win product of the day regardless of upvotes).

Product Thumbnail

EnvManager

Stop sharing secrets in Slack

SaaS
Developer Tools
Visit WebsiteSee on Product HuntTwitter

Hunted byPatrick GerritsPatrick Gerrits

EnvManager replacesenv files shared via Slack, email, and sticky notes with an encrypted, versioned vault. • AES-256 encryption at rest; secrets decrypt only at access • Per-environment roles: interns see staging, leads see production; revoke instantly when devs leave • Immutable audit trail to roll back rotations • One command: envmanager pull syncs to your machine or CI/CD • Proxy functions call Stripe/OpenAI from static sites without leaking keys 2-min setup. 14-day free trial, no card.

Top comment

Hey hunters 👋

I built EnvManager after watching one too many teams paste production .env files into Slack, fully searchable, forever, by anyone in the workspace. And when a dev leaves? Nobody rotates the keys they have access to because nobody even knows which ones they saw.

So EnvManager gives you an encrypted, versioned vault with per-environment roles and a one-command CLI (envmanager pull). The newest piece is proxy functions, calling Stripe or OpenAI from a static site without exposing keys in the browser.

Quick note on the security model, since it always comes up:

Secrets are encrypted with XChaCha20-Poly1305 (libsodium, the same cipher family as Signal and 1Password) before they touch the database. The row only stores an opaque vault reference, never the value, so a leaked DB dump is a pile of useless pointers, not your keys.

Who can decrypt is enforced at the database level: you have to be in the org and have explicit access to that exact environment. Staging access never unlocks production. And every read, web reveal, CLI pull, and proxy call lands in an audit log with user, timestamp, and IP. So when someone leaves, you can see precisely which secrets they touched and rotate just those.

The CLI stays boring deliberately: envmanager pull authenticates with a scoped API key over TLS and writes a normal .env; nothing secret lives in your repo or ships in a client bundle. Proxy functions are the same idea: the key stays server-side in the vault; the browser only ever calls your proxy. And for the genuinely paranoid, one-time share links are end-to-end encrypted in the browser (AES-GCM); the decryption key lives in the link fragment, which never hits our servers.

Set up takes ~2 minutes, and there's a 14-day free trial (no card).

I'd love feedback on two things:

(1) does the role/permission model fit how your team splits staging vs. production, and (2) which integration should we add next? Building in public over at @pgerrits.

Comment highlights

No comment highlights available yet. Please check back later!

About EnvManager on Product Hunt

Stop sharing secrets in Slack

EnvManager was submitted on Product Hunt and earned 4 upvotes and 1 comments, placing #68 on the daily leaderboard. EnvManager replacesenv files shared via Slack, email, and sticky notes with an encrypted, versioned vault. • AES-256 encryption at rest; secrets decrypt only at access • Per-environment roles: interns see staging, leads see production; revoke instantly when devs leave • Immutable audit trail to roll back rotations • One command: envmanager pull syncs to your machine or CI/CD • Proxy functions call Stripe/OpenAI from static sites without leaking keys 2-min setup. 14-day free trial, no card.

EnvManager was featured in SaaS (43k followers) and Developer Tools (515.4k followers) on Product Hunt. Together, these topics include over 124k products, making this a competitive space to launch in.

Who hunted EnvManager?

EnvManager was hunted by Patrick Gerrits. A “hunter” on Product Hunt is the community member who submits a product to the platform — uploading the images, the link, and tagging the makers behind it. Hunters typically write the first comment explaining why a product is worth attention, and their followers are notified the moment they post. Around 79% of featured launches on Product Hunt are self-hunted by their makers, but a well-known hunter still acts as a signal of quality to the rest of the community. See the full all-time top hunters leaderboard to discover who is shaping the Product Hunt ecosystem.

Want to see how EnvManager stacked up against nearby launches in real time? Check out the live launch dashboard for upvote speed charts, proximity comparisons, and more analytics.