@dinanathdash/envault 1.0.2 → 1.2.0

package/CHANGELOG.md

@@ -1,3 +1,17 @@
+# [1.2.0](https://github.com/DinanathDash/Envault/compare/v1.1.0...v1.2.0) (2026-02-02)
+
+
+### Features
+
+* Improve CLI login with clipboard support and user email display, enhance `.env` file detection for deploy, and add a `/api/cli/me` endpoint. ([f66aa4a](https://github.com/DinanathDash/Envault/commit/f66aa4a028242d4939fdedcd4165b2bba2a5e290))
+
+# [1.1.0](https://github.com/DinanathDash/Envault/compare/v1.0.2...v1.1.0) (2026-02-01)
+
+
+### Features
+
+* Implement CLI device authentication, add new CLI API routes for projects and secrets, and enhance CLI commands with improved warnings. ([e4871c4](https://github.com/DinanathDash/Envault/commit/e4871c453d7e3974e94505e1f65014350a15a53a))
+
 ## [1.0.2](https://github.com/DinanathDash/Envault/compare/v1.0.1...v1.0.2) (2026-02-01)
 
 

package/README.md

@@ -1,9 +1,5 @@
 # Envault CLI
 
-<p align="center">
-  <img src="https://envault.tech/logo.png" alt="Envault Logo" width="100" />
-</p>
-
 <p align="center">
   <b>Secure Environment Variable Management for Modern Teams</b>
 </p>

package/bin/envault.js

@@ -7,6 +7,10 @@ import { login } from '../src/commands/login.js';
 import { init } from '../src/commands/init.js';
 import { deploy } from '../src/commands/deploy.js';
 import { pull } from '../src/commands/pull.js';
+import { createRequire } from 'module';
+
+const require = createRequire(import.meta.url);
+const pkg = require('../package.json');
 
 const program = new Command();
 
@@ -26,7 +30,7 @@ const showLogo = () => {
 program
     .name('envault')
     .description('Cliff-side security for your environment variables')
-    .version('1.0.0')
+    .version(pkg.version)
     .hook('preAction', (thisCommand) => {
         // Show logo on all commands? Maybe too noisy.
         // Let's show it only on help or specific ones.
@@ -50,6 +54,7 @@ program.command('deploy')
     .description('Deploy local .env to Envault (Encrypt & Push)')
     .option('-p, --project <id>', 'Project ID')
     .option('--dry-run', 'Show what would change without pushing')
+    .option('-f, --force', 'Skip confirmation prompts')
     .action(async (options) => {
         await deploy(options);
     });

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@dinanathdash/envault",
-    "version": "1.0.2",
+    "version": "1.2.0",
     "description": "Envault CLI - Securely manage your environment variables",
     "repository": {
         "type": "git",
@@ -25,6 +25,7 @@
         "axios": "^1.6.0",
         "boxen": "^7.1.1",
         "chalk": "^5.3.0",
+        "clipboardy": "^5.1.0",
         "commander": "^11.1.0",
         "conf": "^12.0.0",
         "dotenv": "^16.3.1",
@@ -37,5 +38,8 @@
         "@semantic-release/exec": "^7.1.0",
         "@semantic-release/git": "^10.0.1",
         "semantic-release": "^25.0.3"
+    },
+    "overrides": {
+        "tar": "^7.5.7"
     }
 }

package/release.config.js

@@ -13,7 +13,7 @@ const config = {
         [
             '@semantic-release/git',
             {
-                assets: ['package.json', 'CHANGELOG.md', 'README.md'],
+                assets: ['package.json', 'package-lock.json', 'CHANGELOG.md', 'README.md'],
                 message: 'chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}',
             },
         ],

package/src/commands/deploy.js

@@ -1,3 +1,5 @@
+import boxen from 'boxen';
+import inquirer from 'inquirer';
 
 import fs from 'fs';
 import dotenv from 'dotenv';
@@ -21,10 +23,32 @@ export async function deploy(options) {
         return;
     }
 
-    const envPath = '.env';
-    if (!fs.existsSync(envPath)) {
-        console.error(chalk.red('Error: .env file not found.'));
+    // 1. Scan for env files
+    const allFiles = fs.readdirSync(process.cwd());
+    const envFiles = allFiles.filter(file => file.startsWith('.env') && !['.env.example', '.env.template', '.env.sample'].includes(file));
+
+    let envPath = '.env';
+
+    if (envFiles.length === 0) {
+        console.error(chalk.red('Error: No .env files found (looked for files starting with .env, excluding .example/.template/.sample).'));
         return;
+    } else if (envFiles.length === 1) {
+        envPath = envFiles[0];
+        console.log(chalk.blue(`Using environment file: ${envPath}`));
+    } else {
+        // prioritize .env.local if users want, but for now let's ask
+        // OR we can default to .env.local if present, else asking.
+        // The plan said "Multiple files found: Use inquirer to show a list"
+
+        console.log(chalk.yellow(`Multiple environment files found: ${envFiles.join(', ')}`));
+        const { selectedEnv } = await inquirer.prompt([{
+            type: 'list',
+            name: 'selectedEnv',
+            message: 'Which environment file do you want to deploy?',
+            choices: envFiles
+        }]);
+        envPath = selectedEnv;
+        console.log(chalk.blue(`Selected: ${envPath}`));
     }
 
     const envConfig = dotenv.parse(fs.readFileSync(envPath));
@@ -41,11 +65,62 @@ export async function deploy(options) {
         return;
     }
 
+    if (!options.force) {
+        let projectName = 'Envault';
+        try {
+            // Attempt to fetch project name. If fails, fallback to 'Envault'
+            // We use the list endpoint as we know it exists from init.js
+            const { data } = await api.get('/projects');
+            const projects = data.projects || data.data || [];
+            const project = projects.find(p => p.id === projectId);
+            if (project) {
+                projectName = project.name;
+            }
+        } catch (e) {
+            // Ignore error and use default
+        }
+
+        const appUrl = process.env.NEXT_PUBLIC_APP_URL || 'https://envault.tech';
+
+        console.log(boxen(
+            chalk.red.bold('WARNING: OVERWRITING REMOTE SECRETS') +
+            '\n\n' +
+            chalk.white('You are about to ') + chalk.red.bold('DEPLOY') + chalk.white(' local variables to your project:') +
+            '\n' +
+            chalk.cyan.bold(projectName) +
+            '\n\n' +
+            chalk.white('Existing secrets in the project will be ') + chalk.red.bold('OVERWRITTEN') + chalk.white(' by values in your .env.') +
+            '\n\n' +
+            chalk.dim('We recommend checking the dashboard for differences:') +
+            '\n' +
+            chalk.cyan(`${appUrl}/project/${projectId}`),
+            {
+                padding: 1,
+                margin: 1,
+                borderStyle: 'double',
+                borderColor: 'red',
+                title: 'Deploy Warning',
+                titleAlignment: 'center'
+            }
+        ));
+
+        const { confirm } = await inquirer.prompt([{
+            type: 'confirm',
+            name: 'confirm',
+            message: `Are you sure you want to deploy ${secrets.length} secrets to the project?`,
+            default: false
+        }]);
+        if (!confirm) {
+            console.log(chalk.yellow('Operation cancelled.'));
+            return;
+        }
+    }
+
     const spinner = ora('Encrypting and deploying secrets...').start();
 
     try {
         const { data } = await api.post(`/projects/${projectId}/secrets`, { secrets });
-        spinner.succeed(chalk.green(`✔ Successfully deployed ${secrets.length} secrets!`));
+        spinner.succeed(chalk.green(`Successfully deployed ${secrets.length} secrets!`));
     } catch (error) {
         spinner.fail('Deploy failed.');
         console.error(chalk.red(handleApiError(error)));

package/src/commands/init.js

@@ -43,17 +43,46 @@ export async function init() {
     }
 
     if (projects.length === 0) {
-        console.log(chalk.yellow('No projects found. Create one in the dashboard first.'));
-        return;
+        console.log(chalk.yellow('No existing projects found.'));
     }
 
-    const { projectId } = await inquirer.prompt([{
+    const { selectedProjectId } = await inquirer.prompt([{
         type: 'list',
-        name: 'projectId',
+        name: 'selectedProjectId',
         message: 'Select the project to link:',
-        choices: projects.map(p => ({ name: p.name, value: p.id }))
+        choices: [
+            new inquirer.Separator(),
+            { name: '+ Create New Project', value: 'CREATE_NEW' },
+            new inquirer.Separator(),
+            ...projects.map(p => ({ name: p.name, value: p.id }))
+        ]
     }]);
 
-    fs.writeFileSync('envault.json', JSON.stringify({ projectId }, null, 2));
-    console.log(chalk.green(`\n✔ Project linked! (ID: ${projectId})`));
+    let projectId = selectedProjectId;
+
+    if (selectedProjectId === 'CREATE_NEW') {
+        const { newProjectName } = await inquirer.prompt([{
+            type: 'input',
+            name: 'newProjectName',
+            message: 'Enter name for the new project:',
+            validate: input => input.trim().length > 0 ? true : 'Project name cannot be empty'
+        }]);
+
+        const createSpinner = ora('Creating project...').start();
+        try {
+            const { data } = await api.post('/projects', { name: newProjectName });
+            projectId = data.project.id;
+            createSpinner.succeed(chalk.green(`Project "${data.project.name}" created!`));
+        } catch (error) {
+            createSpinner.fail('Failed to create project.');
+            console.error(chalk.red(handleApiError(error)));
+            return; // Exit if creation fails
+        }
+    }
+
+    // Only write config if we have a valid projectId
+    if (projectId) {
+        fs.writeFileSync('envault.json', JSON.stringify({ projectId }, null, 2));
+        console.log(chalk.green(`\n✔ Project linked! (ID: ${projectId})`));
+    }
 }

package/src/commands/login.js

@@ -3,8 +3,10 @@ import chalk from 'chalk';
 import boxen from 'boxen';
 import ora from 'ora';
 import open from 'open';
+import clipboard from 'clipboardy';
 import { api, handleApiError } from '../lib/api.js';
 import { setToken } from '../lib/config.js';
+import os from 'os';
 
 export async function login() {
     console.log(chalk.blue('  Starting Device Authentication Flow...\n'));
@@ -13,8 +15,16 @@ export async function login() {
     const spinner = ora('Contacting Envault servers...').start();
     let deviceCode, userCode, verificationUri, interval;
 
+    const deviceInfo = {
+        hostname: os.hostname(),
+        platform: os.platform(),
+        release: os.release(),
+        type: os.type(),
+        arch: os.arch()
+    };
+
     try {
-        const { data } = await api.post('/auth/device/code');
+        const { data } = await api.post('/auth/device/code', { device_info: deviceInfo });
         deviceCode = data.device_code;
         userCode = data.user_code; // 8-char
         verificationUri = data.verification_uri;
@@ -32,12 +42,20 @@ export async function login() {
     console.log(boxen(chalk.green.bold(userCode), {
         title: 'Authentication Code',
         titleAlignment: 'center',
+        textAlignment: 'center',
         padding: 1,
         margin: 1,
         borderStyle: 'round',
         borderColor: 'green'
     }));
 
+    try {
+        clipboard.writeSync(userCode);
+        console.log(chalk.dim('(Code copied to clipboard)'));
+    } catch (e) {
+        // Ignore errors if clipboard fails (headless etc)
+    }
+
     // Open browser automatically
     try {
         await open(verificationUri);
@@ -78,7 +96,22 @@ export async function login() {
     try {
         const token = await poll();
         setToken(token);
+
+        // Fetch user info
+        let email = '';
+        try {
+            const { data: userData } = await api.get('/me');
+            if (userData && userData.email) {
+                email = userData.email;
+            }
+        } catch (e) {
+            // Ignore error if fetching user info fails, just show generic success
+        }
+
         spinner.succeed(chalk.green('Successfully authenticated! Token saved.'));
+        if (email) {
+            console.log(chalk.green(`Logged in as: ${chalk.bold(email)}`));
+        }
     } catch (error) {
         spinner.fail('Authentication failed.');
         console.error(chalk.red(error.message));

package/src/commands/pull.js

@@ -2,6 +2,8 @@
 import fs from 'fs';
 import chalk from 'chalk';
 import ora from 'ora';
+import boxen from 'boxen';
+
 import inquirer from 'inquirer';
 import { api, handleApiError } from '../lib/api.js';
 
@@ -22,13 +24,50 @@ export async function pull(options) {
     }
 
     if (fs.existsSync('.env') && !options.force) {
+        let projectName = 'Envault';
+        try {
+            const { data } = await api.get('/projects');
+            const projects = data.projects || data.data || [];
+            const project = projects.find(p => p.id === projectId);
+            if (project) {
+                projectName = project.name;
+            }
+        } catch (e) {
+            // Ignore
+        }
+
+        const appUrl = process.env.NEXT_PUBLIC_APP_URL || 'https://envault.tech';
+
+        console.log(boxen(
+            chalk.red.bold('WARNING: POTENTIAL DATA LOSS') +
+            '\n\n' +
+            chalk.white('You are about to ') + chalk.red.bold('OVERWRITE') + chalk.white(' your local ') + chalk.yellow('.env') + chalk.white(' file.') +
+            '\n\n' +
+            chalk.white('Any local changes not synced to ') + chalk.cyan.bold(projectName) + chalk.white(' will be ') + chalk.red.bold('PERMANENTLY LOST.') +
+            '\n\n' +
+            chalk.dim('We recommend checking the dashboard for differences:') +
+            '\n' +
+            chalk.cyan(`${appUrl}/project/${projectId}`),
+            {
+                padding: 1,
+                margin: 1,
+                borderStyle: 'double',
+                borderColor: 'red',
+                title: 'Sync Warning',
+                titleAlignment: 'center'
+            }
+        ));
+
         const { confirm } = await inquirer.prompt([{
             type: 'confirm',
             name: 'confirm',
-            message: 'This will overwrite your current .env file. Continue?',
+            message: 'Are you sure you want to overwrite your local .env file?',
             default: false
         }]);
-        if (!confirm) return;
+        if (!confirm) {
+            console.log(chalk.yellow('Operation cancelled.'));
+            return;
+        }
     }
 
     const spinner = ora('Fetching secrets...').start();
@@ -47,7 +86,7 @@ export async function pull(options) {
             .join('\n');
 
         fs.writeFileSync('.env', envContent);
-        spinner.succeed(chalk.green(`✔ Pulled ${data.secrets.length} secrets to .env`));
+        spinner.succeed(chalk.green(`Pulled ${data.secrets.length} secrets to .env`));
 
     } catch (error) {
         spinner.fail('Pull failed.');

package/src/lib/api.js

@@ -1,6 +1,6 @@
 
 import axios from 'axios';
-import { getToken, getApiUrl } from './config.js';
+import { getToken, getApiUrl, clearToken } from './config.js';
 
 export const api = axios.create({
     baseURL: getApiUrl(),
@@ -17,6 +17,28 @@ api.interceptors.request.use((config) => {
     return config;
 });
 
+// Handle token expiration
+api.interceptors.response.use(
+    (response) => response,
+    (error) => {
+        if (error.response?.status === 401) {
+            const errorMsg = error.response?.data?.error;
+            if (errorMsg === 'token_expired') {
+                console.error('\n❌ Your session has expired (tokens are valid for 3 days).');
+                console.error('Please run "envault login" to authenticate again.\n');
+                clearToken();
+                process.exit(1);
+            } else if (errorMsg === 'Invalid token' || errorMsg === 'Missing or invalid authorization header') {
+                console.error('\n❌ Authentication required.');
+                console.error('Please run "envault login" to authenticate.\n');
+                clearToken();
+                process.exit(1);
+            }
+        }
+        return Promise.reject(error);
+    }
+);
+
 export function handleApiError(error) {
     if (error.response) {
         return error.response.data.error || error.response.statusText;