capy run command decrypts your .env in memory and hands the plaintext to your Python process. Your code reads env vars the normal way: os.environ, os.getenv, or libraries like python-dotenv.
Sync your secrets
From a project that has a Capy authenticates you, creates a project on first run, encrypts every value in
.env:.env, and gitignores the file. Only keep.lock (a small versioning manifest) gets committed.Run your app with capy run
Prefix whatever command you normally run:Capy reads
.env, decrypts values, and passes them as environment variables to the child process. Your code reads them the usual way:Invite a teammate
capy redeem <code> to join.What’s next
Running your app
The full story on
capy run - signals, exit codes, env precedence.Deploying
How deploy tokens work and what your platform needs.