vault
by
hashicorp

Description: A tool for secrets management, encryption as a service, and privileged access management

View on GitHub ↗

Summary Information

Updated 1 hour ago
Added to GitGenius on April 8th, 2021
Created on February 25th, 2015
Open Issues & Pull Requests: 1,524 (+0)
Number of forks: 4,708
Total Stargazers: 35,902 (+0)
Total Subscribers: 777 (+0)

Issue Activity (beta)

Open issues: 522
New in 7 days: 0
Closed in 7 days: 0
Avg open age: 707 days
Stale 30+ days: 498
Stale 90+ days: 454

Recent activity

Opened in 7 days: 0
Closed in 7 days: 0
Comments in 7 days: 7
Events in 7 days: 27

Top labels

  • bug (251)
  • enhancement (204)
  • ui (137)
  • feature-request (71)
  • secret/pki (55)
  • agent (54)
  • docs (54)
  • ecosystem (47)

Repository Insights (GitGenius)

Median issue/PR response: 10.7 hours
Mean response time: 13.0 days
90th percentile: 11.5 days
Tracked items: 977

Most active contributors

Detailed Description

Vault is HashiCorp's open-source tool for secrets management, encryption as a service, and privileged access management, written in Go. It provides a unified interface for securely storing, accessing, and managing secrets such as API keys, passwords, certificates, and database credentials across modern infrastructure environments.

The core functionality of Vault centers on secure secret storage with encryption at rest. Vault encrypts all data before writing it to persistent storage, whether that storage is local disk, Consul, or other backends, ensuring that raw storage access alone does not compromise secrets. Beyond static storage, Vault generates dynamic secrets on demand for systems like AWS and SQL databases. When an application requests credentials, Vault creates temporary keypairs with appropriate permissions and automatically revokes them after the lease expires, eliminating the need to manage long-lived credentials.

Vault implements a leasing and renewal system where every secret carries an associated lease. Clients can renew leases through built-in APIs, and Vault automatically revokes secrets when leases expire. The platform also supports encryption and decryption of data without storing it, allowing security teams to define encryption parameters while developers store encrypted data in external systems like SQL databases without designing custom encryption schemes. Revocation capabilities extend beyond individual secrets to entire trees of secrets, enabling administrators to revoke all secrets accessed by a specific user or all secrets of a particular type, which is critical for incident response and key rolling.

The repository shows active development and maintenance. GitGenius tracking data reveals a median issue and pull request response latency of 10.7 hours across 975 tracked items, with a mean latency of 311.7 hours. The most frequently applied issue labels are bug with 248 occurrences, enhancement with 202, and ui with 137, indicating ongoing work across core functionality, feature development, and user interface improvements. The most active contributor tracked is heatherezell with 1483 events, followed by stevendpclark with 165 events and miagilepner with 126 events, demonstrating sustained team engagement.

Development of Vault requires Go and uses Go Modules for dependency management. The repository includes comprehensive testing infrastructure with standard unit tests invoked via make test, acceptance tests for secret and auth methods that create and modify real resources, and Docker-based testing mechanisms for more complex scenarios. The project publishes two importable libraries: github.com/hashicorp/vault/api and github.com/hashicorp/vault/sdk, though importing the main Vault product itself is not a supported use case.

The repository maintains strong security practices with a dedicated security contact at [email protected] for responsible vulnerability disclosure. Documentation is extensive, available at developer.hashicorp.com/vault, with getting started guides, tutorials, and certification exam materials available through HashiCorp's learning platform. The project also maintains example repositories and sample applications demonstrating Vault integration across different programming languages. An enterprise version of Vault is available with additional features beyond the open-source offering.

vault
by
hashicorphashicorp/vault

Repository Details

Fetching additional details & charts...