@dotenvx/dotenvx 0.14.1 → 0.15.1

package/README.md

@@ -280,6 +280,23 @@ More examples
   $ git dotenvx run -- npm start
   ```
 
+  </details>
+* <details><summary>Variable Expansion</summary><br>
+
+  Reference and expand variables already on your machine for use in your .env file.
+
+  ```ini
+  DATABASE_URL="postgres://${USER}@localhost/my_database"
+  ```
+  ```js
+  console.log('DATABASE_URL', process.env.DATABASE_URL)
+  ```
+  ```sh
+  $ USER=username dotenvx run --debug -- node index.js
+  [dotenvx@0.14.1] injecting env (1) from .env
+  DATABASE_URL postgres://username@localhost/my_database
+  ```
+
   </details>
 
 &nbsp;

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.14.1",
+  "version": "0.15.1",
   "name": "@dotenvx/dotenvx",
   "description": "a better dotenv–from the creator of `dotenv`",
   "author": "@motdotla",
@@ -23,6 +23,7 @@
     "standard:fix": "standard --fix",
     "test": "jest --verbose"
   },
+  "funding": "Have you seen dotenvx.com? run anywhere, cross-platform, and encrypted envs.",
   "dependencies": {
     "@inquirer/prompts": "^3.3.0",
     "axios": "^1.6.2",
@@ -30,12 +31,12 @@
     "clipboardy": "^2.3.0",
     "commander": "^11.1.0",
     "conf": "^10.2.0",
-    "dotenv": "^16.4.0",
+    "dotenv": "^16.4.2",
+    "dotenv-expand": "^11.0.2",
     "execa": "^5.1.1",
     "ignore": "^5.3.0",
     "open": "^8.4.2",
     "ora": "^5.4.1",
-    "qrcode-terminal": "^0.12.0",
     "update-notifier": "^5.1.0",
     "winston": "^3.11.0",
     "xxhashjs": "^0.2.2"

package/src/cli/actions/encrypt.js

@@ -68,7 +68,7 @@ async function encrypt () {
 
     let keysData = `#/!!!!!!!!!!!!!!!!!!!.env.keys!!!!!!!!!!!!!!!!!!!!!!/
 #/   DOTENV_KEYs. DO NOT commit to source control   /
-#/   [how it works](https://dotenv.org/env-keys)    /
+#/   [how it works](https://dotenvx.com/env-keys)   /
 #/--------------------------------------------------/\n`
 
     for (const key in dotenvKeys) {
@@ -115,7 +115,7 @@ async function encrypt () {
 
     let vaultData = `#/-------------------.env.vault---------------------/
 #/         cloud-agnostic vaulting standard         /
-#/   [how it works](https://dotenv.org/env-vault)   /
+#/   [how it works](https://dotenvx.com/env-vault)  /
 #/--------------------------------------------------/\n\n`
 
     for (const vault in dotenvVaults) {

package/src/cli/actions/run.js

@@ -27,7 +27,7 @@ async function run () {
 
         logger.debug(`decrypting encrypted env from ${filepath}`)
         // handle scenario for comma separated keys - for use with key rotation
-        // example: DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=prod,dotenv://:key_7890@dotenv.org/vault/.env.vault?environment=prod"
+        // example: DOTENV_KEY="dotenv://:key_1234@dotenvx.com/vault/.env.vault?environment=prod,dotenv://:key_7890@dotenvx.com/vault/.env.vault?environment=prod"
         const dotenvKeys = process.env.DOTENV_KEY.split(',')
         const length = dotenvKeys.length
 
@@ -53,7 +53,7 @@ async function run () {
           }
         }
         logger.debug(decrypted)
-        const parsed = main.parse(decrypted)
+        const parsed = main.parseExpand(decrypted)
         const result = main.inject(process.env, parsed, options.overload)
 
         logger.successv(`injecting env (${result.injected.size}) from encrypted .env.vault`)
@@ -78,7 +78,7 @@ async function run () {
 
       try {
         const src = fs.readFileSync(filepath, { encoding: ENCODING })
-        const parsed = main.parse(src)
+        const parsed = main.parseExpand(src)
         const result = main.inject(process.env, parsed, options.overload)
 
         readableFilepaths.add(envFilepath)

package/src/lib/main.js

@@ -1,5 +1,6 @@
 const logger = require('./../shared/logger')
 const dotenv = require('dotenv')
+const dotenvExpand = require('dotenv-expand')
 
 const config = function (options) {
   return dotenv.config(options)
@@ -35,6 +36,27 @@ const parse = function (src) {
   return result
 }
 
+const parseExpand = function (src) {
+  const parsed = dotenv.parse(src)
+  const expandPlease = {
+    processEnv: {}, // https://github.com/motdotla/dotenv-expand?tab=readme-ov-file#processenv
+    parsed: { ...parsed, ...process.env } // must merge process.env in order to use pre-existing envs for expansion of parsed object
+  }
+  const expanded = dotenvExpand.expand(expandPlease).parsed
+
+  // but then for logging only log the original keys existing in parsed. this feels unnecessarily complex - like dotenv-expand should support the ability to inject additional `process.env` or objects as it sees fit to the object it wants to expand
+  const result = {}
+  for (const key in parsed) {
+    if (Object.prototype.hasOwnProperty.call(expanded, key)) {
+      result[key] = expanded[key]
+    }
+  }
+
+  logger.debug(result)
+
+  return result
+}
+
 const inject = function (processEnv = {}, parsed = {}, overload = false) {
   if (typeof parsed !== 'object') {
     throw new Error('OBJECT_REQUIRED: Please check the parsed argument being passed to inject')
@@ -78,5 +100,6 @@ module.exports = {
   configDotenv,
   decrypt,
   parse,
+  parseExpand,
   inject
 }