@dotenvx/dotenvx-ops 0.23.0 → 0.23.2

package/CHANGELOG.md

@@ -2,7 +2,19 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
-[Unreleased](https://github.com/dotenvx/dotenvx-ops/compare/v0.23.0...main)
+[Unreleased](https://github.com/dotenvx/dotenvx-ops/compare/v0.23.2...main)
+
+## [0.23.2](https://github.com/dotenvx/dotenvx-ops/compare/v0.23.1...v0.23.2) (2025-12-04)
+
+### Changed
+
+* Create passcard on successful login ([#11](https://github.com/dotenvx/dotenvx-ops/pull/11))
+
+## [0.23.1](https://github.com/dotenvx/dotenvx-ops/compare/v0.23.0...v0.23.1) (2025-12-03)
+
+### Added
+
+* Stdout storageState with `rotate npm login` ([#10](https://github.com/dotenvx/dotenvx-ops/pull/10))
 
 ## [0.23.0](https://github.com/dotenvx/dotenvx-ops/compare/v0.22.2...v0.23.0) (2025-12-03)
 

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.23.0",
+  "version": "0.23.2",
   "name": "@dotenvx/dotenvx-ops",
   "description": "Dotenvx Ops – commercial tooling for .env files",
   "author": "@motdotla",
@@ -42,6 +42,7 @@
   "dependencies": {
     "@clack/core": "^0.4.2",
     "@dotenvx/dotenvx": "^1.48.1",
+    "@inquirer/prompts": "^7.10.1",
     "arch": "^2.1.1",
     "commander": "^11.1.0",
     "conf": "^10.2.0",

package/src/cli/actions/rotate/npm/login.js

@@ -1,19 +1,47 @@
 const { logger } = require('@dotenvx/dotenvx')
+const PostRotateLogin = require('./../../../../lib/api/postRotateLogin')
+const Session = require('./../../../../db/session')
 const playwrightConnect = require('./../../../../lib/helpers/playwrightConnect')
 
-const TIMEOUT = 1200 // visibility timeout
+const TIMEOUT = 500 // visibility timeout
 
 async function login () {
   const options = this.opts()
   logger.debug(`options: ${JSON.stringify(options)}`)
+  const slug = 'npm'
+  const { org, username, password, email } = options
+  const { browser, context, page } = await playwrightConnect()
 
-  const { browser, page } = await playwrightConnect()
+  const usernameSelector = 'input[type="text"]'
+  const passwordSelector = 'input[type="password"]'
 
   await page.goto('https://npmjs.com/login', { waitUntil: 'domcontentloaded' })
   await page.waitForTimeout(TIMEOUT)
-  await browser.close()
+  await page.fill(usernameSelector, username)
+  await page.waitForTimeout(TIMEOUT)
+  await page.fill(passwordSelector, password)
+  await page.waitForTimeout(TIMEOUT)
+  await page.press('input[type="password"]', 'Enter')
+  await page.waitForNavigation({ timeout: 0 })
+  await page.waitForSelector('img[alt="avatar"]', { state: 'visible', timeout: 0 })
+
+  const sesh = new Session() // TODO: handle scenario where constructor fails
 
-  process.stdout.write('logged in')
+  let hostname = process.env.DOTENVX_OPS_HOSTNAME || process.env.DOTENVX_RADAR_HOSTNAME || options.hostname
+  if (!hostname) {
+    hostname = sesh.hostname()
+  }
+
+  let token = process.env.DOTENVX_OPS_TOKEN || process.env.DOTENVX_RADAR_TOKEN || options.token
+  if (!token) {
+    token = sesh.token()
+  }
+
+  const playwrightStorageStateStringified = JSON.stringify(await context.storageState())
+  const { uid } = await new PostRotateLogin(hostname, token, org, slug, username, password, email, playwrightStorageStateStringified).run()
+
+  await browser.close()
+  process.stdout.write(uid)
 }
 
 module.exports = login

package/src/cli/actions/rotate/npm/rotate.js

@@ -0,0 +1,9 @@
+const { logger } = require('@dotenvx/dotenvx')
+
+async function rotate () {
+  const options = this.opts()
+  logger.debug(`options: ${JSON.stringify(options)}`)
+  process.stdout.write('coming soon')
+}
+
+module.exports = rotate

package/src/cli/commands/rotate/npm.js

@@ -3,38 +3,25 @@ const { Command } = require('commander')
 const npm = new Command('npm')
 
 npm
-  .description('npmjs.com')
+  .description('npm')
   .allowUnknownOption()
 
 // dotenvx-ops rotate npm login
 const loginAction = require('./../../actions/rotate/npm/login')
 npm
   .command('login')
-  .description('interactive local login + cookie capture')
+  .description('connect passcard')
+  .requiredOption('--org <organizationSlug>')
+  .requiredOption('--username <username>')
+  .requiredOption('--password <password>')
+  .option('--email <email>')
   .action(loginAction)
 
-//
-// // dotenvx-ops settings token
-// const tokenAction = require('./../actions/settings/token')
-// settings
-//   .command('token')
-//   .description('print your access token (--unmask)')
-//   .option('--unmask', 'unmask access token')
-//   .action(tokenAction)
-//
-// // dotenvx-ops settings device
-// const deviceAction = require('./../actions/settings/device')
-// settings
-//   .command('device')
-//   .description('print your device pubkey (--unmask)')
-//   .option('--unmask', 'unmask device pubkey')
-//   .action(deviceAction)
-//
-// // dotenvx-ops settings hostname
-// const hostnameAction = require('./../actions/settings/hostname')
-// settings
-//   .command('hostname')
-//   .description('print hostname')
-//   .action(hostnameAction)
-//
+// dotenvx-ops rotate npm rotate
+const rotateAction = require('./../../actions/rotate/npm/rotate')
+npm
+  .command('rotate')
+  .description('rotate api key')
+  .action(rotateAction)
+
 module.exports = npm

package/src/lib/api/postRotateLogin.js

@@ -0,0 +1,54 @@
+const { http } = require('../../lib/helpers/http')
+const buildApiError = require('../../lib/helpers/buildApiError')
+
+class PostRotateLogin {
+  constructor (hostname, token, org, slug, username, password, email = null, playwrightStorageStateStringified) {
+    this.hostname = hostname || 'https://ops.dotenvx.com'
+    this.token = token
+
+    this.org = org
+    this.slug = slug
+    this.username = username
+    this.password = password
+    this.email = email
+    this.playwrightStorageStateStringified = playwrightStorageStateStringified
+  }
+
+  async run () {
+    const token = this.token
+    const url = `${this.hostname}/api/rotate/login`
+
+    const org = this.org
+    const slug = this.slug
+    const username = this.username
+    const password = this.password
+    const email = this.email
+    const playwrightStorageStateStringified = this.playwrightStorageStateStringified
+
+    const resp = await http(url, {
+      method: 'POST',
+      headers: {
+        Authorization: `Bearer ${token}`,
+        'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({
+        org,
+        slug,
+        username,
+        password,
+        email,
+        playwright_storage_state: playwrightStorageStateStringified
+      })
+    })
+
+    const json = await resp.body.json()
+
+    if (resp.statusCode >= 400) {
+      throw buildApiError(resp.statusCode, json)
+    }
+
+    return json
+  }
+}
+
+module.exports = PostRotateLogin

package/src/lib/helpers/playwrightConnect.js

@@ -1,17 +1,17 @@
 const { logger } = require('@dotenvx/dotenvx')
 const { chromium } = require('playwright')
 
-async function playwrightConnect () {
-  const browser = await ensurePlaywrightBrowser()
+async function playwrightConnect (channel = 'chrome') {
+  const browser = await ensurePlaywrightBrowser(channel)
   const context = await browser.newContext()
   const page = await context.newPage()
 
   return { browser, context, page }
 }
 
-async function ensurePlaywrightBrowser () {
+async function ensurePlaywrightBrowser (channel = 'chrome') {
   try {
-    return await chromium.launch({ headless: false })
+    return await chromium.launch({ headless: false, channel })
   } catch (err) {
     if (String(err).includes('Executable doesn\'t exist')) {
       logger.info('Installing chromium...')