DepVault Documentation

DepVault helps developers manage dependencies and secrets in one place. Scan for vulnerabilities, store environment variables with end-to-end encryption, and share secrets securely — across any tech stack.

What is DepVault?

DepVault provides three core tools in one unified platform:

• Dependency Analysis — Scan dependency files from 9+ ecosystems (Node.js, Python, .NET, Rust, Go, Java, Kotlin, Ruby, PHP) and get instant reports on outdated packages, known CVEs, and license conflicts.
• Encrypted Vault — Store environment variables and secret files with zero-knowledge encryption. Your vault password never leaves your device — secrets are encrypted with AES-256-GCM in your browser before they reach the server.
• Secret Sharing & CI/CD — Share secrets via one-time encrypted links, inject secrets into CI/CD pipelines with scoped tokens, and scan git repos for accidentally committed credentials.

Why DepVault?

Most secret managers require you to trust the server with your data. DepVault is different — secrets are encrypted client-side before they ever leave your browser. The server stores only ciphertext and can never decrypt your data. The full codebase is open source so you can audit every line.

Quick Links

• Getting Started — Create your account, set up your first project, and run your first scan.
• Guides — Feature walkthroughs for the web dashboard and CLI.
• CLI Reference — Install and configure the DepVault CLI.

Platform Overview

Supported Ecosystems

Supported Config Formats

DepVault can import, export, and convert between:

• .env (dotenv)
• appsettings.json (ASP.NET)
• secrets.yaml (Kubernetes)
• config.toml (TOML)