macOS
brew install sopslocal Homebrew formula metadata
sudo port install sopsMacPorts ports tree · security/sops/Portfile · source: api.github.com
brew
Editor of encrypted files. Version 3.13.2 via Homebrew; verified 2026-06-30.
install
brew install sopslocal Homebrew formula metadata
sudo port install sopsMacPorts ports tree · security/sops/Portfile · source: api.github.com
sudo apk add sopsAlpine Linux edge package indexes · sops · source: dl-cdn.alpinelinux.org
nix profile install nixpkgs#sopsnixpkgs package indexes · pkgs/by-name/so/sops/package.nix · source: api.github.com
sudo pacman -S sopsArch Linux sync databases · sops · source: geo.mirror.pkgbuild.com
sudo zypper install sopsopenSUSE Tumbleweed package metadata · sops · source: download.opensuse.org
choco install sopsChocolatey community package catalog · sops · source: community.chocolatey.org
scoop install main/sopsScoop official bucket manifest trees · bucket/sops.json · source: api.github.com
winget install --id Mozilla.SOPS -eWindows Package Manager source index · Mozilla.SOPS · source: cdn.winget.microsoft.com
overview
Editor of encrypted files
history
SOPS, Secrets OPerationS, is a command-line editor for encrypted files. It is widely used to keep YAML, JSON, ENV, INI, and binary files encrypted while integrating with key systems such as AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.
The official README and docs say SOPS was initially launched at Mozilla in 2015 by Adrian Utrilla and Julien Vehent. The project later moved under the `getsops` organization and was donated to the Cloud Native Computing Foundation as a Sandbox project in 2023.
SOPS grew out of operational pain around hand-managed PGP-encrypted files. Its official credits name hiera-eyaml, credstash, sneaker, password-store, and years of manual PGP management as inspirations.
SOPS became a standard secrets-management CLI in infrastructure repositories because it encrypts values in structured files while leaving enough metadata for automated decryption by CI, deployment tools, and operators with the right identities.
The package-manager metadata in this batch shows broad adoption across Homebrew, Alpine, Chocolatey, MacPorts, Nix, Arch, Scoop, winget, and openSUSE. That cross-platform packaging reflects how often SOPS is used both on developer laptops and in automation.
A typical SOPS workflow is to create or edit an encrypted file with `sops`, commit the encrypted file, and decrypt or publish it only where the configured KMS, age, PGP, Vault/OpenBao, or cloud identity allows access.
Projects commonly keep `.sops.yaml` at a repository root to define `creation_rules` for new files. The official docs say SOPS recursively looks for `.sops.yaml` and that other names require an explicit `--config` option.
SOPS is package-nerd significant because it solved a painful operational gap with a small CLI instead of a central secrets service: encrypted structured files could live in Git and still be edited safely.
Its package spread also shows the modern DevOps pattern of one portable binary becoming shared workflow glue across macOS laptops, Linux CI runners, Windows machines, and Kubernetes-oriented tooling.
security posture
No matching local secret-handling manifest was found for sops. Nucleus package metadata is still published here so future coverage has a stable package URL.
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
.sops.yamlexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
sops | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/getsops/sops
install metadata
| Package key | brew:sops |
|---|---|
| Version | 3.13.2 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/sops |
| Homepage | https://getsops.io/ |
| Repository | https://github.com/getsops/sops |
| Upstream docs | https://getsops.io/docs |
| License | MPL-2.0 |
| Source archive | https://github.com/getsops/sops/archive/refs/tags/v3.13.2.tar.gz |
| Last updated | 2026-06-30T08:40:31Z |
| Pulse | updated |
| Build dependencies | go |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | sops |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
sops
nix profile install nixpkgs#sopssops 3.12.2-r1
Simple and flexible tool for managing secrets
https://github.com/getsops/sops
sudo apk add sopssops 3.13.1-1
Editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats
https://github.com/getsops/sops
sudo pacman -S sopssops 3.13.1-1.1
Simple and flexible tool for managing secrets
https://github.com/getsops/sops
sudo zypper install sopssops
sudo port install sopssops
choco install sopsmain/sops
scoop install main/sopsMozilla.SOPS
winget install --id Mozilla.SOPS -eSecretsOPerationS.SOPS
winget install --id SecretsOPerationS.SOPS -esource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.