@dotenvx/dotenvx 0.17.0 → 0.17.1

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.17.0",
+  "version": "0.17.1",
   "name": "@dotenvx/dotenvx",
   "description": "a better dotenv–from the creator of `dotenv`",
   "author": "@motdotla",

package/src/cli/actions/decrypt.js

@@ -4,6 +4,7 @@ const main = require('./../../lib/main')
 const logger = require('./../../shared/logger')
 const helpers = require('./../helpers')
 const createSpinner = require('./../../shared/createSpinner')
+const parseEncryptionKeyFromDotenvKey = require('./../../lib/helpers/parseEncryptionKeyFromDotenvKey')
 
 const spinner = createSpinner('decrypting')
 
@@ -50,7 +51,7 @@ async function decrypt () {
 
     // give warning if not found
     if (ciphertext && ciphertext.length >= 1) {
-      const key = helpers._parseEncryptionKeyFromDotenvKey(value.trim())
+      const key = parseEncryptionKeyFromDotenvKey(value.trim())
 
       // Decrypt
       const decrypted = main.decrypt(ciphertext, key)

package/src/cli/actions/encrypt.js

@@ -5,9 +5,22 @@ const main = require('./../../lib/main')
 const logger = require('./../../shared/logger')
 const helpers = require('./../helpers')
 const createSpinner = require('./../../shared/createSpinner')
-
 const spinner = createSpinner('encrypting')
 
+const RESERVED_ENV_FILES = ['.env.vault', '.env.project', '.env.keys', '.env.me', '.env.x']
+
+const findEnvFiles = function (directory) {
+  const files = fs.readdirSync(directory)
+
+  const envFiles = files.filter(file =>
+    file.startsWith('.env') &&
+    !file.endsWith('.previous') &&
+    !RESERVED_ENV_FILES.includes(file)
+  )
+
+  return envFiles
+}
+
 async function encrypt (directory) {
   spinner.start()
   await helpers.sleep(500) // better dx
@@ -17,7 +30,7 @@ async function encrypt (directory) {
   const options = this.opts()
   logger.debug(`options: ${JSON.stringify(options)}`)
 
-  const optionEnvFile = options.envFile || helpers.findEnvFiles(directory)
+  const optionEnvFile = options.envFile || findEnvFiles(directory)
 
   try {
     const {
@@ -64,7 +77,7 @@ async function encrypt (directory) {
     if (addedVaults.length > 0) {
       const DOTENV_VAULT_X = addedVaults[addedVaults.length - 1]
       const DOTENV_KEY_X = DOTENV_VAULT_X.replace('_VAULT_', '_KEY_')
-      const tryKey = dotenvKeys[DOTENV_KEY_X] || '<dotenv_key_environment>'
+      const tryKey = dotenvKeys[DOTENV_KEY_X]
 
       logger.help2(`ℹ run [DOTENV_KEY='${tryKey}' dotenvx run -- yourcommand] to test decryption locally`)
     }

package/src/cli/actions/hub/login.js

@@ -6,12 +6,21 @@ const { confirm } = require('@inquirer/prompts')
 const createSpinner = require('./../../../shared/createSpinner')
 const store = require('./../../../shared/store')
 const logger = require('./../../../shared/logger')
-const helpers = require('./../../helpers')
 
 const OAUTH_CLIENT_ID = 'oac_dotenvxcli'
 
 const spinner = createSpinner('waiting on user authorization')
 
+const formatCode = function (str) {
+  const parts = []
+
+  for (let i = 0; i < str.length; i += 4) {
+    parts.push(str.substring(i, i + 4))
+  }
+
+  return parts.join('-')
+}
+
 async function pollTokenUrl (tokenUrl, deviceCode, interval) {
   logger.http(`POST ${tokenUrl} with deviceCode ${deviceCode} at interval ${interval}`)
 
@@ -100,7 +109,7 @@ async function login () {
     pollTokenUrl(tokenUrl, deviceCode, interval)
 
     // optionally allow user to open browser
-    const answer = await confirm({ message: `press Enter to open [${verificationUri}] and enter code [${helpers.formatCode(userCode)}]...` })
+    const answer = await confirm({ message: `press Enter to open [${verificationUri}] and enter code [${formatCode(userCode)}]...` })
 
     if (answer) {
       await open(verificationUri)

package/src/cli/actions/run.js

@@ -1,9 +1,102 @@
 const fs = require('fs')
+const execa = require('execa')
 const logger = require('./../../shared/logger')
 const helpers = require('./../helpers')
 const main = require('./../../lib/main')
+const parseEncryptionKeyFromDotenvKey = require('./../../lib/helpers/parseEncryptionKeyFromDotenvKey')
 
 const ENCODING = 'utf8'
+const REPORT_ISSUE_LINK = 'https://github.com/dotenvx/dotenvx/issues/new'
+
+const executeCommand = async function (commandArgs, env) {
+  const signals = [
+    'SIGHUP', 'SIGQUIT', 'SIGILL', 'SIGTRAP', 'SIGABRT',
+    'SIGBUS', 'SIGFPE', 'SIGUSR1', 'SIGSEGV', 'SIGUSR2', 'SIGTERM'
+  ]
+
+  logger.debug(`executing process command [${commandArgs.join(' ')}]`)
+
+  // handler for SIGINT
+  let commandProcess
+  const sigintHandler = () => {
+    logger.debug('received SIGINT')
+    logger.debug('checking command process')
+    logger.debug(commandProcess)
+
+    if (commandProcess) {
+      logger.debug('sending SIGINT to command process')
+      commandProcess.kill('SIGINT') // Send SIGINT to the command process
+    } else {
+      logger.debug('no command process to send SIGINT to')
+    }
+  }
+
+  const handleOtherSignal = (signal) => {
+    logger.debug(`received ${signal}`)
+  }
+
+  try {
+    commandProcess = execa(commandArgs[0], commandArgs.slice(1), {
+      stdio: 'inherit',
+      env: { ...process.env, ...env }
+    })
+
+    process.on('SIGINT', sigintHandler)
+
+    signals.forEach(signal => {
+      process.on(signal, () => handleOtherSignal(signal))
+    })
+
+    // Wait for the command process to finish
+    const { exitCode } = await commandProcess
+
+    if (exitCode !== 0) {
+      logger.debug(`received exitCode ${exitCode}`)
+      throw new Error(`Command failed with exit code ${exitCode}`)
+    }
+  } catch (error) {
+    if (error.signal !== 'SIGINT') {
+      logger.error(error.message)
+      logger.error(`command [${commandArgs.join(' ')}] failed`)
+      logger.error('')
+      logger.error(`  try without dotenvx: [${commandArgs.join(' ')}]`)
+      logger.error('')
+      logger.error('if that succeeds, then dotenvx is the culprit. report issue:')
+      logger.error(`<${REPORT_ISSUE_LINK}>`)
+    }
+
+    // Exit with the error code from the command process, or 1 if unavailable
+    process.exit(error.exitCode || 1)
+  } finally {
+    // Clean up: Remove the SIGINT handler
+    process.removeListener('SIGINT', sigintHandler)
+  }
+}
+
+const _parseCipherTextFromDotenvKeyAndParsedVault = function (dotenvKey, parsedVault) {
+  // Parse DOTENV_KEY. Format is a URI
+  let uri
+  try {
+    uri = new URL(dotenvKey)
+  } catch (e) {
+    throw new Error(`INVALID_DOTENV_KEY: ${e.message}`)
+  }
+
+  // Get environment
+  const environment = uri.searchParams.get('environment')
+  if (!environment) {
+    throw new Error('INVALID_DOTENV_KEY: Missing environment part')
+  }
+
+  // Get ciphertext payload
+  const environmentKey = `DOTENV_VAULT_${environment.toUpperCase()}`
+  const ciphertext = parsedVault[environmentKey] // DOTENV_VAULT_PRODUCTION
+  if (!ciphertext) {
+    throw new Error(`NOT_FOUND_DOTENV_ENVIRONMENT: cannot locate environment ${environmentKey} in your .env.vault file`)
+  }
+
+  return ciphertext
+}
 
 async function run () {
   const commandArgs = this.args
@@ -38,8 +131,8 @@ async function run () {
             // Get full dotenvKey
             const dotenvKey = dotenvKeys[i].trim()
 
-            const key = helpers._parseEncryptionKeyFromDotenvKey(dotenvKey)
-            const ciphertext = helpers._parseCipherTextFromDotenvKeyAndParsedVault(dotenvKey, parsedVault)
+            const key = parseEncryptionKeyFromDotenvKey(dotenvKey)
+            const ciphertext = _parseCipherTextFromDotenvKeyAndParsedVault(dotenvKey, parsedVault)
 
             // Decrypt
             decrypted = main.decrypt(ciphertext, key)
@@ -124,7 +217,7 @@ async function run () {
     process.exit(1)
   } else {
     // const commandArgs = process.argv.slice(commandIndex + 1)
-    await helpers.executeCommand(commandArgs, process.env)
+    await executeCommand(commandArgs, process.env)
   }
 }
 

package/src/cli/helpers.js

@@ -1,18 +1,5 @@
-const fs = require('fs')
 const path = require('path')
-const execa = require('execa')
-const crypto = require('crypto')
-const { execSync } = require('child_process')
-const xxhash = require('xxhashjs')
-
-const XXHASH_SEED = 0xABCD
-const NONCE_BYTES = 12
-
-const main = require('./../lib/main')
-const logger = require('./../shared/logger')
-
-const RESERVED_ENV_FILES = ['.env.vault', '.env.projects', '.env.keys', '.env.me', '.env.x']
-const REPORT_ISSUE_LINK = 'https://github.com/dotenvx/dotenvx/issues/new'
+const childProcess = require('child_process')
 
 const sleep = function (ms) {
   return new Promise(resolve => setTimeout(resolve, ms))
@@ -23,71 +10,6 @@ const resolvePath = function (filepath) {
   return path.resolve(process.cwd(), filepath)
 }
 
-const executeCommand = async function (commandArgs, env) {
-  const signals = [
-    'SIGHUP', 'SIGQUIT', 'SIGILL', 'SIGTRAP', 'SIGABRT',
-    'SIGBUS', 'SIGFPE', 'SIGUSR1', 'SIGSEGV', 'SIGUSR2', 'SIGTERM'
-  ]
-
-  logger.debug(`executing process command [${commandArgs.join(' ')}]`)
-
-  // handler for SIGINT
-  let commandProcess
-  const sigintHandler = () => {
-    logger.debug('received SIGINT')
-    logger.debug('checking command process')
-    logger.debug(commandProcess)
-
-    if (commandProcess) {
-      logger.debug('sending SIGINT to command process')
-      commandProcess.kill('SIGINT') // Send SIGINT to the command process
-    } else {
-      logger.debug('no command process to send SIGINT to')
-    }
-  }
-
-  const handleOtherSignal = (signal) => {
-    logger.debug(`received ${signal}`)
-  }
-
-  try {
-    commandProcess = execa(commandArgs[0], commandArgs.slice(1), {
-      stdio: 'inherit',
-      env: { ...process.env, ...env }
-    })
-
-    process.on('SIGINT', sigintHandler)
-
-    signals.forEach(signal => {
-      process.on(signal, () => handleOtherSignal(signal))
-    })
-
-    // Wait for the command process to finish
-    const { exitCode } = await commandProcess
-
-    if (exitCode !== 0) {
-      logger.debug(`received exitCode ${exitCode}`)
-      throw new Error(`Command failed with exit code ${exitCode}`)
-    }
-  } catch (error) {
-    if (error.signal !== 'SIGINT') {
-      logger.error(error.message)
-      logger.error(`command [${commandArgs.join(' ')}] failed`)
-      logger.error('')
-      logger.error(`  try without dotenvx: [${commandArgs.join(' ')}]`)
-      logger.error('')
-      logger.error('if that succeeds, then dotenvx is the culprit. report issue:')
-      logger.error(`<${REPORT_ISSUE_LINK}>`)
-    }
-
-    // Exit with the error code from the command process, or 1 if unavailable
-    process.exit(error.exitCode || 1)
-  } finally {
-    // Clean up: Remove the SIGINT handler
-    process.removeListener('SIGINT', sigintHandler)
-  }
-}
-
 const pluralize = function (word, count) {
   // simple pluralization: add 's' at the end
   if (count === 0 || count > 1) {
@@ -97,133 +19,9 @@ const pluralize = function (word, count) {
   }
 }
 
-const findEnvFiles = function (directory) {
-  const files = fs.readdirSync(directory)
-
-  const envFiles = files.filter(file =>
-    file.startsWith('.env') &&
-    !file.endsWith('.previous') &&
-    !RESERVED_ENV_FILES.includes(file)
-  )
-
-  return envFiles
-}
-
-const guessEnvironment = function (filepath) {
-  const filename = path.basename(filepath)
-  const parts = filename.split('.')
-  const possibleEnvironment = parts[2] // ['', 'env', environment', 'previous']
-
-  if (!possibleEnvironment || possibleEnvironment.length === 0) {
-    return 'development'
-  }
-
-  return possibleEnvironment
-}
-
-const generateDotenvKey = function (environment) {
-  const rand = crypto.randomBytes(32).toString('hex')
-
-  return `dotenv://:key_${rand}@dotenvx.com/vault/.env.vault?environment=${environment.toLowerCase()}`
-}
-
-const encryptFile = function (filepath, dotenvKey, encoding) {
-  const key = _parseEncryptionKeyFromDotenvKey(dotenvKey)
-  const message = fs.readFileSync(filepath, encoding)
-
-  const ciphertext = encrypt(key, message)
-
-  return ciphertext
-}
-
-const encrypt = function (key, message) {
-  // set up nonce
-  const nonce = crypto.randomBytes(NONCE_BYTES)
-
-  // set up cipher
-  const cipher = crypto.createCipheriv('aes-256-gcm', key, nonce)
-
-  // generate ciphertext
-  let ciphertext = ''
-  ciphertext += cipher.update(message, 'utf8', 'hex')
-  ciphertext += cipher.final('hex')
-  ciphertext += cipher.getAuthTag().toString('hex')
-
-  // prepend nonce
-  ciphertext = nonce.toString('hex') + ciphertext
-
-  // base64 encode output
-  return Buffer.from(ciphertext, 'hex').toString('base64')
-}
-
-const changed = function (ciphertext, dotenvKey, filepath, encoding) {
-  const key = _parseEncryptionKeyFromDotenvKey(dotenvKey)
-  const decrypted = main.decrypt(ciphertext, key)
-  const raw = fs.readFileSync(filepath, encoding)
-
-  return hash(decrypted) !== hash(raw)
-}
-
-const hash = function (str) {
-  return xxhash.h32(str, XXHASH_SEED).toString(16)
-}
-
-const _parseEncryptionKeyFromDotenvKey = function (dotenvKey) {
-  // Parse DOTENV_KEY. Format is a URI
-  let uri
-  try {
-    uri = new URL(dotenvKey)
-  } catch (e) {
-    throw new Error(`INVALID_DOTENV_KEY: ${e.message}`)
-  }
-
-  // Get decrypt key
-  const key = uri.password
-  if (!key) {
-    throw new Error('INVALID_DOTENV_KEY: Missing key part')
-  }
-
-  return Buffer.from(key.slice(-64), 'hex')
-}
-
-const _parseCipherTextFromDotenvKeyAndParsedVault = function (dotenvKey, parsedVault) {
-  // Parse DOTENV_KEY. Format is a URI
-  let uri
-  try {
-    uri = new URL(dotenvKey)
-  } catch (e) {
-    throw new Error(`INVALID_DOTENV_KEY: ${e.message}`)
-  }
-
-  // Get environment
-  const environment = uri.searchParams.get('environment')
-  if (!environment) {
-    throw new Error('INVALID_DOTENV_KEY: Missing environment part')
-  }
-
-  // Get ciphertext payload
-  const environmentKey = `DOTENV_VAULT_${environment.toUpperCase()}`
-  const ciphertext = parsedVault[environmentKey] // DOTENV_VAULT_PRODUCTION
-  if (!ciphertext) {
-    throw new Error(`NOT_FOUND_DOTENV_ENVIRONMENT: cannot locate environment ${environmentKey} in your .env.vault file`)
-  }
-
-  return ciphertext
-}
-
-const formatCode = function (str) {
-  const parts = []
-
-  for (let i = 0; i < str.length; i += 4) {
-    parts.push(str.substring(i, i + 4))
-  }
-
-  return parts.join('-')
-}
-
 const getRemoteOriginUrl = function () {
   try {
-    const url = execSync('git remote get-url origin 2> /dev/null').toString().trim()
+    const url = childProcess.execSync('git remote get-url origin 2> /dev/null').toString().trim()
     return url
   } catch (_error) {
     return null
@@ -242,18 +40,7 @@ const extractUsernameName = function (url) {
 module.exports = {
   sleep,
   resolvePath,
-  executeCommand,
   pluralize,
-  findEnvFiles,
-  guessEnvironment,
-  generateDotenvKey,
-  encryptFile,
-  encrypt,
-  changed,
-  hash,
-  formatCode,
   getRemoteOriginUrl,
-  extractUsernameName,
-  _parseEncryptionKeyFromDotenvKey,
-  _parseCipherTextFromDotenvKeyAndParsedVault
+  extractUsernameName
 }

package/src/lib/helpers/parseEncryptionKeyFromDotenvKey.js

@@ -0,0 +1,19 @@
+function parseEncryptionKeyFromDotenvKey (dotenvKey) {
+  // Parse DOTENV_KEY. Format is a URI
+  let uri
+  try {
+    uri = new URL(dotenvKey)
+  } catch (e) {
+    throw new Error(`INVALID_DOTENV_KEY: ${e.message}`)
+  }
+
+  // Get decrypt key
+  const key = uri.password
+  if (!key) {
+    throw new Error('INVALID_DOTENV_KEY: Missing key part')
+  }
+
+  return Buffer.from(key.slice(-64), 'hex')
+}
+
+module.exports = parseEncryptionKeyFromDotenvKey