Skip to content
varlock

Introduction

Varlock is a universal configuration/secrets/environment variable management tool built on top of the @env-spec specification. It provides a comprehensive set of features out of the box that simplify managing, validating, and securing your environment configuration. Whether you need type-safe environment variables, multi-environment management, secure secret handling, or leak prevention, Varlock lets you focus on building your application instead of wrestling with configuration. While it is written in TypeScript, it is language and framework agnostic, and meant to be used in any project that needs configuration at build or boot time, usually passed in via environment variables.

Features

Section titled “Features”

Varlock aims to be the most comprehensive environment variable management tool. It provides a wide range of features out of the box:

  • AI-Safe Config - Your .env.schema gives AI agents full context on your config without ever exposing secret values. Prevent leaks to AI servers by design, and scan for leaked secrets with varlock scan
  • Security - Automatic log redaction for sensitive values, leak detection in bundled code and server responses, and proactive scanning via varlock scan
  • Validation & Type Safety - Powerful validation capabilities with clear error messages, plus automatic type generation for IntelliSense support
  • Secure Secrets - Built-in device-local encryption with hardware-backed security (Secure Enclave, TPM), plus provider plugins (e.g., 1Password, AWS, HashiCorp Vault) or any CLI tool using exec()
  • Multi-Environment Management - Flexible environment handling with support for environment-specific files, local overrides, and value composition
  • Value Composition - Compose values together using functions, references, and external data sources
  • Framework Integrations - Official integrations for Next.js, Vite, Astro, and more, plus support for any language via varlock run
  • Replacement for dotenv - Can be used as a direct replacement for dotenv in most projects with minimal code changes

AI tooling

Section titled “AI tooling”

Varlock is built for AI-assisted development: your .env.schema gives agents schema context without exposing secret values. See the AI Tools guide for varlock run with coding CLIs, the maintainer skill, Docs MCP, and LLMs.txt.

Next Steps

Section titled “Next Steps”

Ready to get started? Check out the Installation guide to set up Varlock in your project, or build a tailored setup prompt for your AI tool:

Open Prompt Builder
Come chat with us

© 2026 DMNO Inc. All rights reserved.