@dotenc/cli 0.2.3 → 0.3.1

package/dist/commands/edit.js

@@ -1,3 +1,4 @@
+import chalk from "chalk";
 import { execSync } from "node:child_process";
 import { existsSync } from "node:fs";
 import fs from "node:fs/promises";
@@ -13,12 +14,17 @@ export const editCommand = async (environmentArg) => {
     if (!environment) {
         environment = await chooseEnvironmentPrompt("What environment do you want to edit?");
     }
-    const environmentFilePath = path.join(process.cwd(), `.env.${environment}.enc`);
+    const environmentFile = `.env.${environment}.enc`;
+    const environmentFilePath = path.join(process.cwd(), environmentFile);
     if (!existsSync(environmentFilePath)) {
         console.error(`Environment file not found: ${environmentFilePath}`);
         return;
     }
     const key = await getKey(environment);
+    if (!key) {
+        console.error(`\n${chalk.red("Error:")} no key found for the ${chalk.cyan(environment)} environment.`);
+        return;
+    }
     const tempFilePath = path.join(os.tmpdir(), `.env.${environment}`);
     const content = await decrypt(key, environmentFilePath);
     await fs.writeFile(tempFilePath, content);
@@ -29,17 +35,17 @@ export const editCommand = async (environmentArg) => {
         execSync(`${editor} ${tempFilePath}`, { stdio: "inherit" });
     }
     catch (error) {
-        console.error(`Failed to open editor: ${editor}`);
+        console.error(`\nFailed to open editor: ${editor}`);
         return;
     }
     const newContent = await fs.readFile(tempFilePath, "utf-8");
     const finalHash = createHash(newContent);
     if (initialHash === finalHash) {
-        console.log(`No changes were made to the environment file for "${environment}".`);
+        console.log(`\nNo changes were made to the ${chalk.cyan(environment)} environment.`);
     }
     else {
         await encrypt(key, newContent, environmentFilePath);
-        console.log(`Encrypted environment file for "${environment}" and saved it to ${environmentFilePath}.`);
+        console.log(`\nEncrypted ${chalk.cyan(environment)} environment and saved it to ${chalk.gray(environmentFile)}.`);
     }
     await fs.unlink(tempFilePath);
 };

package/dist/commands/init.js

@@ -1,7 +1,10 @@
+import chalk from "chalk";
 import crypto from "node:crypto";
 import { createEnvironment } from "../helpers/createEnvironment.js";
 import { createLocalEnvironment } from "../helpers/createLocalEnvironment.js";
 import { createProject } from "../helpers/createProject.js";
+import { environmentExists } from "../helpers/environmentExists.js";
+import { getEnvironmentNameSuggestion } from "../helpers/getEnvironmentNameSuggestion.js";
 import { addKey } from "../helpers/key.js";
 import { createEnvironmentPrompt } from "../prompts/createEnvironment.js";
 export const initCommand = async (environmentArg) => {
@@ -14,16 +17,28 @@ export const initCommand = async (environmentArg) => {
     // Prompt for the environment name
     let environment = environmentArg;
     if (!environment) {
-        environment = await createEnvironmentPrompt("What should the environment be named?", "development");
+        environment = await createEnvironmentPrompt("What should the environment be named?", getEnvironmentNameSuggestion());
+    }
+    if (!environment) {
+        console.log(`${chalk.red("Error:")} no environment name provided`);
+        return;
+    }
+    if (environmentExists(environment)) {
+        console.log(`${chalk.red("Error:")} environment ${environment} already exists. To edit it, use ${chalk.gray(`dotenc edit ${environment}`)}`);
+        return;
     }
     await createEnvironment(environment, key);
     // Store the key
     await addKey(projectId, environment, key);
     // Output success message
-    console.log("Initialization complete!");
-    console.log("Next steps:");
-    console.log(`1. Use "dotenc edit ${environment}" to securely edit your environment variables.`);
-    console.log(`2. Use "dotenc run -e ${environment} <command> [args...]" or "DOTENC_ENV=${environment} dotenc run <command> [args...]" to run your application.`);
-    console.log('3. Use "dotenc init [environment]" to initialize a new environment.');
-    console.log("4. Use the git-ignored .env file for local development. It will have priority over any encrypted environment variables.");
+    console.log(`${chalk.green("✔")} Initialization complete!`);
+    console.log("\nSome useful tips:");
+    const editCommand = chalk.gray(`dotenc edit ${environment}`);
+    console.log(`\n- To securely edit your environment:\t${editCommand}`);
+    const runCommand = chalk.gray(`dotenc run -e ${environment} <command> [args...]`);
+    const runCommandWithEnv = chalk.gray(`DOTENC_ENV=${environment} dotenc run <command> [args...]`);
+    console.log(`- To run your application:\t\t${runCommand} or ${runCommandWithEnv}`);
+    const initCommand = chalk.gray("dotenc init [environment]");
+    console.log(`- To initialize a new environment:\t${initCommand}`);
+    console.log(`- Use the git-ignored ${chalk.gray(".env")} file for local development. It will have priority over any encrypted environments.`);
 };

package/dist/commands/key/export.js

@@ -1,12 +1,21 @@
+import chalk from "chalk";
 import { getKey } from "../../helpers/key.js";
 import { getProjectConfig } from "../../helpers/projectConfig.js";
+import { chooseEnvironmentPrompt } from "../../prompts/chooseEnvironment.js";
 export const keyExportCommand = async (environmentArg) => {
-    const environment = environmentArg;
     const { projectId } = await getProjectConfig();
     if (!projectId) {
         console.error('No project found. Run "dotenc init" to create one.');
         return;
     }
+    let environment = environmentArg;
+    if (!environment) {
+        environment = await chooseEnvironmentPrompt("What environment do you want to export the key from?");
+    }
     const key = await getKey(environment);
-    console.log(`Key for the ${environment} environment: ${key}`);
+    if (!key) {
+        console.error(`\nNo key found for the ${chalk.cyan(environment)} environment.`);
+        return;
+    }
+    console.log(`\nKey for the ${chalk.cyan(environment)} environment: ${chalk.gray(key)}`);
 };

package/dist/commands/key/import.js

@@ -1,12 +1,22 @@
+import chalk from "chalk";
 import { addKey } from "../../helpers/key.js";
 import { getProjectConfig } from "../../helpers/projectConfig.js";
-export const keyImportCommand = async (key, environmentArg) => {
-    const environment = environmentArg;
+import { chooseEnvironmentPrompt } from "../../prompts/chooseEnvironment.js";
+import { inputKeyPrompt } from "../../prompts/inputKey.js";
+export const keyImportCommand = async (environmentArg, keyArg) => {
     const { projectId } = await getProjectConfig();
     if (!projectId) {
         console.error('No project found. Run "dotenc init" to create one.');
         return;
     }
+    let environment = environmentArg;
+    if (!environment) {
+        environment = await chooseEnvironmentPrompt("What environment do you want to import the key to?");
+    }
+    let key = keyArg;
+    if (!key) {
+        key = await inputKeyPrompt("Paste the key here:");
+    }
     await addKey(projectId, environment, key);
-    console.log(`Key imported to the ${environment} environment.`);
+    console.log(`\nKey imported to the ${chalk.cyan(environment)} environment.`);
 };

package/dist/commands/key/rotate.js

@@ -0,0 +1,35 @@
+import chalk from "chalk";
+import crypto from "node:crypto";
+import { existsSync } from "node:fs";
+import path from "node:path";
+import { decrypt, encrypt } from "../../helpers/crypto.js";
+import { addKey, getKey } from "../../helpers/key.js";
+import { getProjectConfig } from "../../helpers/projectConfig.js";
+import { chooseEnvironmentPrompt } from "../../prompts/chooseEnvironment.js";
+export const keyRotateCommand = async (environmentArg) => {
+    const { projectId } = await getProjectConfig();
+    if (!projectId) {
+        console.error('No project found. Run "dotenc init" to create one.');
+        return;
+    }
+    let environment = environmentArg;
+    if (!environment) {
+        environment = await chooseEnvironmentPrompt("What environment do you want to rotate the key for?");
+    }
+    const environmentFile = `.env.${environment}.enc`;
+    const environmentFilePath = path.join(process.cwd(), environmentFile);
+    if (!existsSync(environmentFilePath)) {
+        console.error(`Environment file not found: ${environmentFilePath}`);
+        return;
+    }
+    const key = await getKey(environment);
+    if (!key) {
+        console.error(`\nNo key found for the ${chalk.cyan(environment)} environment.`);
+        return;
+    }
+    const content = await decrypt(key, environmentFilePath);
+    const newKey = crypto.randomBytes(32).toString("base64");
+    await encrypt(newKey, content, environmentFilePath);
+    await addKey(projectId, environment, newKey);
+    console.log(`\nKey rotated for the ${chalk.cyan(environment)} environment.`);
+};

package/dist/commands/run.js

@@ -13,13 +13,13 @@ export const runCommand = async (command, args, options) => {
         return;
     }
     const environments = environmentArg.split(",");
-    const decryptedEnvs = await Promise.all(environments.map(async (environment) => {
+    const decryptedEnvs = await Promise.all(environments.map(async (environment, index) => {
         const environmentFilePath = path.join(process.cwd(), `.env.${environment}.enc`);
         if (!existsSync(environmentFilePath)) {
             console.error(`Environment file not found: ${environmentFilePath}`);
             return;
         }
-        const key = await getKey(environment);
+        const key = await getKey(environment, index);
         const content = await decrypt(key, environmentFilePath);
         const decryptedEnv = parseEnv(content);
         return decryptedEnv;

package/dist/helpers/environmentExists.js

@@ -0,0 +1,6 @@
+import { existsSync } from "node:fs";
+import path from "node:path";
+export const environmentExists = (environment) => {
+    const envPath = path.join(process.cwd(), `.env.${environment}.enc`);
+    return existsSync(envPath);
+};

package/dist/helpers/getEnvironmentNameSuggestion.js

@@ -0,0 +1,5 @@
+import { environmentExists } from "./environmentExists.js";
+export const getEnvironmentNameSuggestion = () => {
+    const suggestions = ["development", "staging", "production", "test"].find((env) => !environmentExists(env)) ?? "";
+    return suggestions;
+};

package/dist/helpers/key.js

@@ -3,23 +3,23 @@ import fs from "node:fs/promises";
 import os from "node:os";
 import path from "node:path";
 import { getProjectConfig } from "./projectConfig.js";
-export const getKey = async (environment) => {
+const keysFile = path.join(os.homedir(), ".dotenc", "keys.json");
+export const getKey = async (environment, index = 0) => {
     if (process.env.DOTENC_KEY) {
-        return process.env.DOTENC_KEY;
+        const keys = process.env.DOTENC_KEY.split(",");
+        return keys[index];
     }
     const { projectId } = await getProjectConfig();
-    const keysFile = path.join(os.homedir(), ".dotenc", "keys.json");
     if (existsSync(keysFile)) {
         const keys = JSON.parse(await fs.readFile(keysFile, "utf-8"));
         return keys[projectId][environment];
     }
-    throw new Error("No key found. Please set the DOTENC_KEY environment variable or import the key using `dotenc import-key -e <environment> <key>`.");
+    throw new Error("No key found. Please set the DOTENC_KEY environment variable or import the key using `dotenc key import <environment> <key>`.");
 };
 /**
  * Adds or updates a key for a specific project and environment.
  */
 export const addKey = async (projectId, environment, key) => {
-    const keysFile = path.join(os.homedir(), ".dotenc", "keys.json");
     // Ensure the keys file exists
     if (!existsSync(keysFile)) {
         await fs.mkdir(path.dirname(keysFile), { recursive: true });

package/dist/helpers/parseEnv.js

@@ -70,11 +70,13 @@ export const parseEnv = (content) => {
         }
         // Handle single quote opening
         if (char === "'") {
+            currentValue = "";
             isInSingleQuotes = true;
             continue;
         }
         // Handle double quote opening
         if (char === '"') {
+            currentValue = "";
             isInDoubleQuotes = true;
             continue;
         }

package/dist/program.js

@@ -8,6 +8,7 @@ import { editCommand } from "./commands/edit.js";
 import { initCommand } from "./commands/init.js";
 import { keyExportCommand } from "./commands/key/export.js";
 import { keyImportCommand } from "./commands/key/import.js";
+import { keyRotateCommand } from "./commands/key/rotate.js";
 import { runCommand } from "./commands/run.js";
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
@@ -18,29 +19,43 @@ if (process.env.NODE_ENV !== "production") {
     program.command("debug").description("debug the CLI").action(debugCommand);
 }
 program
-    .command("init [environment]")
+    .command("init")
+    .argument("[environment]", "the environment to initialize")
     .description("initialize a new environment")
     .action(initCommand);
 program
-    .command("edit [environment]")
+    .command("edit")
+    .argument("[environment]", "the environment to edit")
     .description("edit an environment")
     .action(editCommand);
 program
-    .command("run <command> [args...]")
-    .addOption(new Option("-e, --environment <environment>", "the environment to run the command in"))
+    .command("run")
+    .argument("<command>", "the command to run")
+    .argument("[args...]", "the arguments to pass to the command")
+    .addOption(new Option("-e, --env <env1>[,env2[,...]]", "the environments to run the command in"))
     .description("run a command in an environment")
     .action(runCommand);
-const key = program.command("key").description("Manage stored keys");
+const key = program.command("key").description("manage stored keys");
 key
-    .command("import <environment> <key>")
+    .command("import")
+    .argument("[environment]", "the environment to import the key to")
+    .argument("[key]", "the key to import")
     .description("import a key for an environment")
     .action(keyImportCommand);
 key
-    .command("export <environment>")
+    .command("export")
+    .argument("[environment]", "the environment to export the key from")
     .description("export a key from an environment")
     .action(keyExportCommand);
+key
+    .command("rotate")
+    .argument("[environment]", "the environment to rotate the key for")
+    .description("rotate a key for an environment")
+    .action(keyRotateCommand);
 program
-    .command("config <key> [value]")
+    .command("config")
+    .argument("<key>", "the key to get or set")
+    .argument("[value]", "the value to set the key to")
     .addOption(new Option("-r, --remove", "remove a configuration key"))
     .description("manage global configuration")
     .action(configCommand);

package/dist/prompts/inputKey.js

@@ -0,0 +1,13 @@
+import inquirer from "inquirer";
+export const inputKeyPrompt = async (message, defaultValue) => {
+    const result = await inquirer.prompt([
+        {
+            type: "password",
+            name: "key",
+            mask: "*",
+            message,
+            default: defaultValue,
+        },
+    ]);
+    return result.key;
+};

package/dist/tests/e2e.test.js

@@ -0,0 +1,64 @@
+import { existsSync, readFileSync, unlinkSync, writeFileSync } from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import { afterAll, beforeAll, describe, expect, test, vi } from "vitest";
+import { editCommand } from "../commands/edit.js";
+import { initCommand } from "../commands/init.js";
+import { keyRotateCommand } from "../commands/key/rotate.js";
+import { runCommand } from "../commands/run.js";
+import { getKey } from "../helpers/key.js";
+import { cleanupProjectKeys } from "./helpers/cleanupProjectKeys.js";
+import { waitForFile } from "./helpers/waitForFile.js";
+const localEnvFilePath = path.join(process.cwd(), ".env");
+const encryptedEnvFilePath = path.join(process.cwd(), ".env.test.enc");
+const projectFilePath = path.join(process.cwd(), "dotenc.json");
+const outputFilePath = path.join(process.cwd(), "e2e.txt");
+vi.mock("node:child_process", async (importOriginal) => {
+    const actual = await importOriginal();
+    return {
+        ...actual,
+        // Mock for the edit command
+        execSync: () => {
+            const tempFilePath = path.join(os.tmpdir(), ".env.test");
+            writeFileSync(tempFilePath, "DOTENC_HELLO=Hello, world!");
+        },
+    };
+});
+describe("e2e", () => {
+    beforeAll(() => {
+        vi.spyOn(console, "log").mockImplementation(() => { });
+        vi.spyOn(process, "exit").mockImplementation(() => ({}));
+    });
+    test("should initialize an environment", async () => {
+        await initCommand("test");
+        expect(existsSync(localEnvFilePath)).toBe(true);
+        expect(existsSync(encryptedEnvFilePath)).toBe(true);
+        expect(existsSync(projectFilePath)).toBe(true);
+    });
+    test("should edit an environment", async () => {
+        const initialContent = readFileSync(encryptedEnvFilePath, "utf-8");
+        await editCommand("test");
+        const editedContent = readFileSync(encryptedEnvFilePath, "utf-8");
+        expect(editedContent).not.toBe(initialContent);
+    });
+    test("should rotate a key", async () => {
+        const currentKey = await getKey("test");
+        await keyRotateCommand("test");
+        const rotatedKey = await getKey("test");
+        expect(rotatedKey).not.toBe(currentKey);
+    });
+    test("should run a command in an environment", async () => {
+        await runCommand("sh", [path.join(__dirname, "helpers", "e2e.sh")], {
+            env: "test",
+        });
+        const output = await waitForFile(outputFilePath);
+        expect(output).toBe("Hello, world!\n");
+    });
+    afterAll(async () => {
+        await cleanupProjectKeys();
+        unlinkSync(localEnvFilePath);
+        unlinkSync(encryptedEnvFilePath);
+        unlinkSync(projectFilePath);
+        unlinkSync(outputFilePath);
+    });
+});

package/dist/tests/helpers/cleanupProjectKeys.js

@@ -0,0 +1,13 @@
+import { existsSync, readFileSync, writeFileSync } from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import { getProjectConfig } from "../../helpers/projectConfig.js";
+export const cleanupProjectKeys = async () => {
+    const { projectId } = await getProjectConfig();
+    const keysFile = path.join(os.homedir(), ".dotenc", "keys.json");
+    if (existsSync(keysFile)) {
+        const keys = JSON.parse(readFileSync(keysFile, "utf-8"));
+        delete keys[projectId];
+        writeFileSync(keysFile, JSON.stringify(keys, null, 2));
+    }
+};

package/dist/tests/helpers/waitForFile.js

@@ -0,0 +1,15 @@
+import { existsSync, readFileSync } from "node:fs";
+export const waitForFile = (filePath, timeout = 5000) => new Promise((resolve, reject) => {
+    const startTime = Date.now();
+    const interval = setInterval(() => {
+        if (existsSync(filePath)) {
+            clearInterval(interval);
+            resolve(readFileSync(filePath, "utf-8"));
+            return;
+        }
+        if (Date.now() - startTime > timeout) {
+            clearInterval(interval);
+            reject(new Error(`Timeout waiting for file ${filePath}`));
+        }
+    }, 100);
+});

package/dist/{helpers → tests}/parseEnv.test.js

@@ -1,5 +1,5 @@
 import { describe, expect, test } from "vitest";
-import { parseEnv } from "./parseEnv.js";
+import { parseEnv } from "../helpers/parseEnv.js";
 describe("parseEnv", () => {
     test("should parse a simple key-value pair", () => {
         const env = parseEnv("FOO=bar");
@@ -19,10 +19,12 @@ foo
 # Comment here "!#' foo
 
 HELLO = WORLD
+DOTENC_HELLO = "Hello, world!"
 `);
         expect(env.FOO).toBe("\nbar");
         expect(env.BAR).toBe("baz\nfoo\n");
         expect(env.BAZ).toBe("123");
         expect(env.HELLO).toBe("WORLD");
+        expect(env.DOTENC_HELLO).toBe("Hello, world!");
     });
 });

package/package.json

@@ -1,7 +1,9 @@
 {
   "name": "@dotenc/cli",
-  "version": "0.2.3",
+  "version": "0.3.1",
   "description": "🔐 Secure, encrypted environment variables that live in your codebase",
+  "author": "Ivan Filho <i@ivanfilho.com>",
+  "license": "MIT",
   "type": "module",
   "bin": {
     "dotenc": "./dist/cli.js"
@@ -9,6 +11,29 @@
   "files": [
     "dist"
   ],
+  "devDependencies": {
+    "@biomejs/biome": "^1.9.4",
+    "@types/node": "^22.13.7",
+    "tsc-alias": "^1.8.11",
+    "tsx": "^4.19.3",
+    "typescript": "^5.8.2",
+    "vitest": "^3.0.9"
+  },
+  "dependencies": {
+    "@paralleldrive/cuid2": "^2.2.2",
+    "chalk": "^5.4.1",
+    "commander": "^13.1.0",
+    "inquirer": "^12.4.2",
+    "zod": "^3.24.2"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/ivanfilhoz/dotenc.git"
+  },
+  "bugs": {
+    "url": "https://github.com/ivanfilhoz/dotenc/issues"
+  },
+  "homepage": "https://github.com/ivanfilhoz/dotenc#readme",
   "keywords": [
     "environment",
     "variables",
@@ -26,23 +51,6 @@
     "encrypted",
     "codebase"
   ],
-  "author": "Ivan Filho <i@ivanfilho.com>",
-  "license": "MIT",
-  "devDependencies": {
-    "@biomejs/biome": "^1.9.4",
-    "@types/node": "^22.13.7",
-    "tsc-alias": "^1.8.11",
-    "tsx": "^4.19.3",
-    "typescript": "^5.8.2",
-    "vitest": "^3.0.9"
-  },
-  "dependencies": {
-    "@paralleldrive/cuid2": "^2.2.2",
-    "chalk": "^5.4.1",
-    "commander": "^13.1.0",
-    "inquirer": "^12.4.2",
-    "zod": "^3.24.2"
-  },
   "scripts": {
     "dev": "tsx src/cli.ts",
     "start": "node dist/cli.js",