cred-0.14.1 is not a library.
Visit the last successful build:
cred-0.3.2
cred
Encrypted local secrets → Deployment platforms.
What it is
cred stores encrypted secrets locally and safely pushes them to target platforms on demand.
⚠️ Status: Early Preview (v0.14.1) — The on-disk format, CLI surface, and security model may change between minor versions.
What it's not
- A hosted secrets manager
- A multi-user access control system
- A replacement for HashiCorp Vault or AWS Secrets Manager
- A runtime secret injector
Who it's for
- Solo developers managing secrets on a single machine
- Open-source maintainers who push secrets to deployment platforms
- Anyone who wants local-first secrets without running infrastructure
Install
Homebrew:
Shell:
|
Cargo:
Pre-built binaries: GitHub Releases
Quick Start
# Initialize a project (auto-detects targets from git, fly.toml, etc.)
# Authenticate with a target (per-project, fine-grained token)
# Store a secret
# Optional: scope a secret to a target (v0.14.0+)
# Push to GitHub (no --repo needed, uses saved binding)
See the Getting Started guide for more.
Features
- Encrypted vault — Secrets stored locally with ChaCha20-Poly1305
- Environments — Organize secrets by context (dev, staging, prod)
- Version history — Track changes, rollback to previous versions
- Sources — Generate credentials from APIs (Resend)
- Targets — Push secrets to deployment platforms (GitHub Actions, Vercel, Fly.io)
- OS keyring — Tokens stored in macOS Keychain, GNOME Keyring, or Windows Credential Manager
- Automation-ready —
--json,--dry-run,--non-interactiveflags
Documentation
License
Licensed under either of:
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT License (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your choice.