/jump to repo

Repos Recent Bookmarks Watched Notes Tags Discover Compare Stats GitHub

Repository brief

hashicorp/vault

Read the upstream summary on the left, browse the cached forks below it, and load each fork comparison into the right-hand panel.

Cached analysis

cached 2026-03-30T15:34:47.212Z

1mo ago

hashicorp/vault

HashiCorp Vault is a large, active Go-based secrets-management project for secure storage, dynamic credentials, data encryption, leasing, and revocation. It is widely used and actively maintained, with 35k+ stars, 4.6k+ forks, and recent commits as of 2026-03-30.

Loading tags...

Stars35,298

Forks4,622

Default branchmain

Last pushed2026-03-30T13:30:26Z

Recommended shortcuts

Jump straight into Discofork's strongest cached fork picks, or open a compare view in one click.

Forks

Choose a fork to inspect

10 of 10 fork briefs

Maintenance:

Magnitude:

Sort:

Selected

Prefer upstream unless you specifically need this older fork's local changes or can commit to maintaining a large backport stream. For most adopters, the fork looks too stale and too far behind upstream to be a safe default.

Prefer this fork only if you explicitly want a deeply customized Vault branch and can absorb the maintenance burden. For most production adopters, upstream Vault is the safer choice because this fork is materially behind and heavily diverged.

Prefer this fork if you need Yandex Cloud-specific Vault behavior and operational instrumentation. Prefer upstream if you want maximum compatibility, fresher fixes, and lower long-term maintenance cost.

Choose this fork only if you need its older branch behavior and local diagnostics/docs tweaks. If you want current Vault capabilities, this is too far behind upstream to be a low-risk adoption target.

Prefer upstream Vault for new work. Choose this fork only if you are intentionally preserving a legacy 2015 deployment or need its specific etcd/S3/Consul-era changes and can accept major maintenance and security debt.

Choose this fork only if you specifically need a 2023-era Vault snapshot or its bespoke UI/API/operational tweaks. For most adopters, upstream is the safer choice because this fork is materially stale and likely missing many later fixes and improvements.

Prefer this fork only if you need its older, customized Vault behavior and are prepared to own maintenance. For most adopters, upstream Vault is the safer choice because this fork is stale and materially behind current development.

Prefer upstream unless you explicitly need this fork’s legacy behavior or local patches. This fork is best for users committed to an old Vault baseline; it is a poor choice for teams wanting an actively maintained secrets platform.

Prefer upstream unless you specifically need this fork's legacy behavior or a few historical customizations. It is too stale and too far behind to be a good default choice for new deployments.

Prefer upstream Vault unless you specifically need this older, customized snapshot and are prepared to carry the maintenance burden. This fork looks useful mainly as a legacy/internal variant, not as a modern starting point.

Fork comparison

shahradelahi/vault

38/100

stale

significant_divergence

Prefer upstream unless you specifically need this older fork's local changes or can commit to maintaining a large backport stream. For most adopters, the fork looks too stale and too far behind upstream to be a safe default.

Likely purpose

A stale downstream snapshot of Vault that looks best suited for reference, experimentation, or a heavily customized internal branch rather than as a drop-in replacement for current upstream Vault.

Best for

Teams that need an older Vault snapshot for reproduction, research, or internal patching.; Operators who want to own a long-lived fork and are prepared to backport upstream fixes themselves.; Users primarily interested in the benchmark/docs/SDK customizations rather than current upstream Vault features.

Additional features

Adds or preserves custom benchmarking and telemetry-collector Grafana dashboard workflows under `enos/`.
Includes fork-specific documentation and website content changes, suggesting a repo variant that also serves as a docs/distribution workspace.
Carries local protocol/binary regeneration in `sdk/plugin/pb/backend.pb.go`, which can support custom plugin/backend integration work.
Expands API, schema, or SDK surface area for downstream integrations and generated clients.
Adds plugin, tool, or MCP-style extensibility beyond the upstream baseline.
Introduces more operational workflow surface such as server-side handling, auth, session control, or admin tooling.

Missing features

Misses 477 upstream commits, so it likely lacks a large amount of current Vault backend, UI, and test work present in upstream as of 2026-03-30.
Likely lacks recent upstream fixes for auth, seal rewrap handling, multiseal behavior, PKI tests, and UI maintenance that landed after this fork point.
Appears to lag on current upstream packaging and dependency updates, including lockfile and generated-code churn that upstream has continued to absorb.
Because the fork stopped pushing in 2024, keeping it current would require manual backporting of ongoing upstream API, UI, and operational changes.
Some upstream behavior appears to be removed, disabled, or intentionally stripped down in this fork.
Some upstream plugin, tool, or MCP-style integration paths may be reduced or disabled.

Strengths

Large existing Vault codebase with the same core secrets-management foundation as upstream.
Potentially useful when a team wants an older, pinned baseline with local docs or benchmark assets already in-tree.
Could be easier to audit for a narrow internal customization set than tracking fast-moving upstream.

Risks

High maintenance burden from being far behind upstream.
Substantial merge and security backport effort if used in production.
The fork's value is hard to distinguish from upstream, so adopters may inherit complexity without clear product gain.
Wide file churn and stale activity suggest a high chance of drift in generated artifacts and dependencies.