ejson (Shopify)

2022-08-22 ยท 1 min read

    EJSON is a small library to manage encrypted secrets using asymmetric encryption.

    The main benefits provided by ejson are:

    • Secrets can be safely stored in a git repo.
    • Changes to secrets are auditable on a line-by-line basis with git blame.
    • Anyone with git commit access has access to write new secrets.
    • Decryption access can easily be locked down to production servers only.
    • Secrets change synchronously with application source (as opposed to secrets provisioned by Configuration Management).
    • Simple, well-tested, easily-auditable source.