@dotenvx/dotenvx 0.17.0 → 0.18.0

package/README.md

@@ -56,6 +56,18 @@ see [extended quickstart guide](https://dotenvx.com/docs/quickstart)
 
 More examples
 
+* <details><summary>TypeScript 📘</summary><br>
+
+  ```sh
+  $ echo "HELLO=World" > .env
+  $ echo "console.log('Hello ' + process.env.HELLO)" > index.ts
+
+  $ dotenvx run -- npx ts-node index.ts
+  Hello World
+  ```
+
+  </details>
+
 * <details><summary>Python 🐍</summary><br>
 
   ```sh

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.17.0",
+  "version": "0.18.0",
   "name": "@dotenvx/dotenvx",
   "description": "a better dotenv–from the creator of `dotenv`",
   "author": "@motdotla",

package/src/cli/actions/decrypt.js

@@ -4,6 +4,7 @@ const main = require('./../../lib/main')
 const logger = require('./../../shared/logger')
 const helpers = require('./../helpers')
 const createSpinner = require('./../../shared/createSpinner')
+const parseEncryptionKeyFromDotenvKey = require('./../../lib/helpers/parseEncryptionKeyFromDotenvKey')
 
 const spinner = createSpinner('decrypting')
 
@@ -50,7 +51,7 @@ async function decrypt () {
 
     // give warning if not found
     if (ciphertext && ciphertext.length >= 1) {
-      const key = helpers._parseEncryptionKeyFromDotenvKey(value.trim())
+      const key = parseEncryptionKeyFromDotenvKey(value.trim())
 
       // Decrypt
       const decrypted = main.decrypt(ciphertext, key)

package/src/cli/actions/encrypt.js

@@ -5,7 +5,6 @@ const main = require('./../../lib/main')
 const logger = require('./../../shared/logger')
 const helpers = require('./../helpers')
 const createSpinner = require('./../../shared/createSpinner')
-
 const spinner = createSpinner('encrypting')
 
 async function encrypt (directory) {
@@ -17,8 +16,6 @@ async function encrypt (directory) {
   const options = this.opts()
   logger.debug(`options: ${JSON.stringify(options)}`)
 
-  const optionEnvFile = options.envFile || helpers.findEnvFiles(directory)
-
   try {
     const {
       dotenvKeys,
@@ -28,10 +25,11 @@ async function encrypt (directory) {
       dotenvVaultFile,
       addedVaults,
       existingVaults,
-      addedDotenvFilenames
-    } = main.encrypt(directory, optionEnvFile)
+      addedDotenvFilenames,
+      envFile
+    } = main.encrypt(directory, options.envFile)
 
-    logger.verbose(`generating .env.keys from ${optionEnvFile}`)
+    logger.verbose(`generating .env.keys from ${envFile}`)
     if (addedKeys.length > 0) {
       logger.verbose(`generated ${addedKeys}`)
     }
@@ -40,7 +38,7 @@ async function encrypt (directory) {
     }
     fs.writeFileSync(path.resolve(directory, '.env.keys'), dotenvKeysFile)
 
-    logger.verbose(`generating .env.vault from ${optionEnvFile}`)
+    logger.verbose(`generating .env.vault from ${envFile}`)
     if (addedVaults.length > 0) {
       logger.verbose(`encrypting ${addedVaults}`)
     }
@@ -53,7 +51,7 @@ async function encrypt (directory) {
       spinner.succeed(`encrypted to .env.vault (${addedDotenvFilenames})`)
       logger.help2('ℹ commit .env.vault to code: [git commit -am ".env.vault"]')
     } else {
-      spinner.done(`no changes (${optionEnvFile})`)
+      spinner.done(`no changes (${envFile})`)
     }
 
     if (addedKeys.length > 0) {
@@ -64,7 +62,7 @@ async function encrypt (directory) {
     if (addedVaults.length > 0) {
       const DOTENV_VAULT_X = addedVaults[addedVaults.length - 1]
       const DOTENV_KEY_X = DOTENV_VAULT_X.replace('_VAULT_', '_KEY_')
-      const tryKey = dotenvKeys[DOTENV_KEY_X] || '<dotenv_key_environment>'
+      const tryKey = dotenvKeys[DOTENV_KEY_X]
 
       logger.help2(`ℹ run [DOTENV_KEY='${tryKey}' dotenvx run -- yourcommand] to test decryption locally`)
     }

package/src/cli/actions/get.js

@@ -0,0 +1,24 @@
+const logger = require('./../../shared/logger')
+
+const main = require('./../../lib/main')
+
+function get (key) {
+  logger.debug(`key: ${key}`)
+
+  const options = this.opts()
+  logger.debug(`options: ${JSON.stringify(options)}`)
+
+  const value = main.get(key, options.envFile, options.overload, options.all)
+
+  if (typeof value === 'object' && value !== null) {
+    if (options.prettyPrint) {
+      logger.blank(JSON.stringify(value, null, 2))
+    } else {
+      logger.blank(value)
+    }
+  } else {
+    logger.blank(value)
+  }
+}
+
+module.exports = get

package/src/cli/actions/hub/login.js

@@ -6,12 +6,21 @@ const { confirm } = require('@inquirer/prompts')
 const createSpinner = require('./../../../shared/createSpinner')
 const store = require('./../../../shared/store')
 const logger = require('./../../../shared/logger')
-const helpers = require('./../../helpers')
 
 const OAUTH_CLIENT_ID = 'oac_dotenvxcli'
 
 const spinner = createSpinner('waiting on user authorization')
 
+const formatCode = function (str) {
+  const parts = []
+
+  for (let i = 0; i < str.length; i += 4) {
+    parts.push(str.substring(i, i + 4))
+  }
+
+  return parts.join('-')
+}
+
 async function pollTokenUrl (tokenUrl, deviceCode, interval) {
   logger.http(`POST ${tokenUrl} with deviceCode ${deviceCode} at interval ${interval}`)
 
@@ -100,7 +109,7 @@ async function login () {
     pollTokenUrl(tokenUrl, deviceCode, interval)
 
     // optionally allow user to open browser
-    const answer = await confirm({ message: `press Enter to open [${verificationUri}] and enter code [${helpers.formatCode(userCode)}]...` })
+    const answer = await confirm({ message: `press Enter to open [${verificationUri}] and enter code [${formatCode(userCode)}]...` })
 
     if (answer) {
       await open(verificationUri)

package/src/cli/actions/run.js

@@ -1,9 +1,102 @@
 const fs = require('fs')
+const execa = require('execa')
 const logger = require('./../../shared/logger')
 const helpers = require('./../helpers')
 const main = require('./../../lib/main')
+const parseEncryptionKeyFromDotenvKey = require('./../../lib/helpers/parseEncryptionKeyFromDotenvKey')
 
 const ENCODING = 'utf8'
+const REPORT_ISSUE_LINK = 'https://github.com/dotenvx/dotenvx/issues/new'
+
+const executeCommand = async function (commandArgs, env) {
+  const signals = [
+    'SIGHUP', 'SIGQUIT', 'SIGILL', 'SIGTRAP', 'SIGABRT',
+    'SIGBUS', 'SIGFPE', 'SIGUSR1', 'SIGSEGV', 'SIGUSR2', 'SIGTERM'
+  ]
+
+  logger.debug(`executing process command [${commandArgs.join(' ')}]`)
+
+  // handler for SIGINT
+  let commandProcess
+  const sigintHandler = () => {
+    logger.debug('received SIGINT')
+    logger.debug('checking command process')
+    logger.debug(commandProcess)
+
+    if (commandProcess) {
+      logger.debug('sending SIGINT to command process')
+      commandProcess.kill('SIGINT') // Send SIGINT to the command process
+    } else {
+      logger.debug('no command process to send SIGINT to')
+    }
+  }
+
+  const handleOtherSignal = (signal) => {
+    logger.debug(`received ${signal}`)
+  }
+
+  try {
+    commandProcess = execa(commandArgs[0], commandArgs.slice(1), {
+      stdio: 'inherit',
+      env: { ...process.env, ...env }
+    })
+
+    process.on('SIGINT', sigintHandler)
+
+    signals.forEach(signal => {
+      process.on(signal, () => handleOtherSignal(signal))
+    })
+
+    // Wait for the command process to finish
+    const { exitCode } = await commandProcess
+
+    if (exitCode !== 0) {
+      logger.debug(`received exitCode ${exitCode}`)
+      throw new Error(`Command failed with exit code ${exitCode}`)
+    }
+  } catch (error) {
+    if (error.signal !== 'SIGINT') {
+      logger.error(error.message)
+      logger.error(`command [${commandArgs.join(' ')}] failed`)
+      logger.error('')
+      logger.error(`  try without dotenvx: [${commandArgs.join(' ')}]`)
+      logger.error('')
+      logger.error('if that succeeds, then dotenvx is the culprit. report issue:')
+      logger.error(`<${REPORT_ISSUE_LINK}>`)
+    }
+
+    // Exit with the error code from the command process, or 1 if unavailable
+    process.exit(error.exitCode || 1)
+  } finally {
+    // Clean up: Remove the SIGINT handler
+    process.removeListener('SIGINT', sigintHandler)
+  }
+}
+
+const _parseCipherTextFromDotenvKeyAndParsedVault = function (dotenvKey, parsedVault) {
+  // Parse DOTENV_KEY. Format is a URI
+  let uri
+  try {
+    uri = new URL(dotenvKey)
+  } catch (e) {
+    throw new Error(`INVALID_DOTENV_KEY: ${e.message}`)
+  }
+
+  // Get environment
+  const environment = uri.searchParams.get('environment')
+  if (!environment) {
+    throw new Error('INVALID_DOTENV_KEY: Missing environment part')
+  }
+
+  // Get ciphertext payload
+  const environmentKey = `DOTENV_VAULT_${environment.toUpperCase()}`
+  const ciphertext = parsedVault[environmentKey] // DOTENV_VAULT_PRODUCTION
+  if (!ciphertext) {
+    throw new Error(`NOT_FOUND_DOTENV_ENVIRONMENT: cannot locate environment ${environmentKey} in your .env.vault file`)
+  }
+
+  return ciphertext
+}
 
 async function run () {
   const commandArgs = this.args
@@ -38,8 +131,8 @@ async function run () {
             // Get full dotenvKey
             const dotenvKey = dotenvKeys[i].trim()
 
-            const key = helpers._parseEncryptionKeyFromDotenvKey(dotenvKey)
-            const ciphertext = helpers._parseCipherTextFromDotenvKeyAndParsedVault(dotenvKey, parsedVault)
+            const key = parseEncryptionKeyFromDotenvKey(dotenvKey)
+            const ciphertext = _parseCipherTextFromDotenvKeyAndParsedVault(dotenvKey, parsedVault)
 
             // Decrypt
             decrypted = main.decrypt(ciphertext, key)
@@ -124,7 +217,7 @@ async function run () {
     process.exit(1)
   } else {
     // const commandArgs = process.argv.slice(commandIndex + 1)
-    await helpers.executeCommand(commandArgs, process.env)
+    await executeCommand(commandArgs, process.env)
   }
 }
 

package/src/cli/dotenvx.js

@@ -104,6 +104,16 @@ program.command('ls')
   .option('-f, --env-file <filenames...>', 'path(s) to your env file(s)', '.env*')
   .action(require('./actions/ls'))
 
+// dotenvx get
+program.command('get')
+  .description('Return environment variable(s)')
+  .argument('[key]', 'environment variable name')
+  .option('-f, --env-file <paths...>', 'path(s) to your env file(s)', '.env')
+  .option('-o, --overload', 'override existing env variables')
+  .option('-a, --all', 'include all machine envs as well')
+  .option('-pp, --pretty-print', 'pretty print output')
+  .action(require('./actions/get'))
+
 // dotenvx hub
 program.addCommand(require('./commands/hub'))
 

package/src/cli/helpers.js

@@ -1,18 +1,5 @@
-const fs = require('fs')
 const path = require('path')
-const execa = require('execa')
-const crypto = require('crypto')
-const { execSync } = require('child_process')
-const xxhash = require('xxhashjs')
-
-const XXHASH_SEED = 0xABCD
-const NONCE_BYTES = 12
-
-const main = require('./../lib/main')
-const logger = require('./../shared/logger')
-
-const RESERVED_ENV_FILES = ['.env.vault', '.env.projects', '.env.keys', '.env.me', '.env.x']
-const REPORT_ISSUE_LINK = 'https://github.com/dotenvx/dotenvx/issues/new'
+const childProcess = require('child_process')
 
 const sleep = function (ms) {
   return new Promise(resolve => setTimeout(resolve, ms))
@@ -23,71 +10,6 @@ const resolvePath = function (filepath) {
   return path.resolve(process.cwd(), filepath)
 }
 
-const executeCommand = async function (commandArgs, env) {
-  const signals = [
-    'SIGHUP', 'SIGQUIT', 'SIGILL', 'SIGTRAP', 'SIGABRT',
-    'SIGBUS', 'SIGFPE', 'SIGUSR1', 'SIGSEGV', 'SIGUSR2', 'SIGTERM'
-  ]
-
-  logger.debug(`executing process command [${commandArgs.join(' ')}]`)
-
-  // handler for SIGINT
-  let commandProcess
-  const sigintHandler = () => {
-    logger.debug('received SIGINT')
-    logger.debug('checking command process')
-    logger.debug(commandProcess)
-
-    if (commandProcess) {
-      logger.debug('sending SIGINT to command process')
-      commandProcess.kill('SIGINT') // Send SIGINT to the command process
-    } else {
-      logger.debug('no command process to send SIGINT to')
-    }
-  }
-
-  const handleOtherSignal = (signal) => {
-    logger.debug(`received ${signal}`)
-  }
-
-  try {
-    commandProcess = execa(commandArgs[0], commandArgs.slice(1), {
-      stdio: 'inherit',
-      env: { ...process.env, ...env }
-    })
-
-    process.on('SIGINT', sigintHandler)
-
-    signals.forEach(signal => {
-      process.on(signal, () => handleOtherSignal(signal))
-    })
-
-    // Wait for the command process to finish
-    const { exitCode } = await commandProcess
-
-    if (exitCode !== 0) {
-      logger.debug(`received exitCode ${exitCode}`)
-      throw new Error(`Command failed with exit code ${exitCode}`)
-    }
-  } catch (error) {
-    if (error.signal !== 'SIGINT') {
-      logger.error(error.message)
-      logger.error(`command [${commandArgs.join(' ')}] failed`)
-      logger.error('')
-      logger.error(`  try without dotenvx: [${commandArgs.join(' ')}]`)
-      logger.error('')
-      logger.error('if that succeeds, then dotenvx is the culprit. report issue:')
-      logger.error(`<${REPORT_ISSUE_LINK}>`)
-    }
-
-    // Exit with the error code from the command process, or 1 if unavailable
-    process.exit(error.exitCode || 1)
-  } finally {
-    // Clean up: Remove the SIGINT handler
-    process.removeListener('SIGINT', sigintHandler)
-  }
-}
-
 const pluralize = function (word, count) {
   // simple pluralization: add 's' at the end
   if (count === 0 || count > 1) {
@@ -97,133 +19,9 @@ const pluralize = function (word, count) {
   }
 }
 
-const findEnvFiles = function (directory) {
-  const files = fs.readdirSync(directory)
-
-  const envFiles = files.filter(file =>
-    file.startsWith('.env') &&
-    !file.endsWith('.previous') &&
-    !RESERVED_ENV_FILES.includes(file)
-  )
-
-  return envFiles
-}
-
-const guessEnvironment = function (filepath) {
-  const filename = path.basename(filepath)
-  const parts = filename.split('.')
-  const possibleEnvironment = parts[2] // ['', 'env', environment', 'previous']
-
-  if (!possibleEnvironment || possibleEnvironment.length === 0) {
-    return 'development'
-  }
-
-  return possibleEnvironment
-}
-
-const generateDotenvKey = function (environment) {
-  const rand = crypto.randomBytes(32).toString('hex')
-
-  return `dotenv://:key_${rand}@dotenvx.com/vault/.env.vault?environment=${environment.toLowerCase()}`
-}
-
-const encryptFile = function (filepath, dotenvKey, encoding) {
-  const key = _parseEncryptionKeyFromDotenvKey(dotenvKey)
-  const message = fs.readFileSync(filepath, encoding)
-
-  const ciphertext = encrypt(key, message)
-
-  return ciphertext
-}
-
-const encrypt = function (key, message) {
-  // set up nonce
-  const nonce = crypto.randomBytes(NONCE_BYTES)
-
-  // set up cipher
-  const cipher = crypto.createCipheriv('aes-256-gcm', key, nonce)
-
-  // generate ciphertext
-  let ciphertext = ''
-  ciphertext += cipher.update(message, 'utf8', 'hex')
-  ciphertext += cipher.final('hex')
-  ciphertext += cipher.getAuthTag().toString('hex')
-
-  // prepend nonce
-  ciphertext = nonce.toString('hex') + ciphertext
-
-  // base64 encode output
-  return Buffer.from(ciphertext, 'hex').toString('base64')
-}
-
-const changed = function (ciphertext, dotenvKey, filepath, encoding) {
-  const key = _parseEncryptionKeyFromDotenvKey(dotenvKey)
-  const decrypted = main.decrypt(ciphertext, key)
-  const raw = fs.readFileSync(filepath, encoding)
-
-  return hash(decrypted) !== hash(raw)
-}
-
-const hash = function (str) {
-  return xxhash.h32(str, XXHASH_SEED).toString(16)
-}
-
-const _parseEncryptionKeyFromDotenvKey = function (dotenvKey) {
-  // Parse DOTENV_KEY. Format is a URI
-  let uri
-  try {
-    uri = new URL(dotenvKey)
-  } catch (e) {
-    throw new Error(`INVALID_DOTENV_KEY: ${e.message}`)
-  }
-
-  // Get decrypt key
-  const key = uri.password
-  if (!key) {
-    throw new Error('INVALID_DOTENV_KEY: Missing key part')
-  }
-
-  return Buffer.from(key.slice(-64), 'hex')
-}
-
-const _parseCipherTextFromDotenvKeyAndParsedVault = function (dotenvKey, parsedVault) {
-  // Parse DOTENV_KEY. Format is a URI
-  let uri
-  try {
-    uri = new URL(dotenvKey)
-  } catch (e) {
-    throw new Error(`INVALID_DOTENV_KEY: ${e.message}`)
-  }
-
-  // Get environment
-  const environment = uri.searchParams.get('environment')
-  if (!environment) {
-    throw new Error('INVALID_DOTENV_KEY: Missing environment part')
-  }
-
-  // Get ciphertext payload
-  const environmentKey = `DOTENV_VAULT_${environment.toUpperCase()}`
-  const ciphertext = parsedVault[environmentKey] // DOTENV_VAULT_PRODUCTION
-  if (!ciphertext) {
-    throw new Error(`NOT_FOUND_DOTENV_ENVIRONMENT: cannot locate environment ${environmentKey} in your .env.vault file`)
-  }
-
-  return ciphertext
-}
-
-const formatCode = function (str) {
-  const parts = []
-
-  for (let i = 0; i < str.length; i += 4) {
-    parts.push(str.substring(i, i + 4))
-  }
-
-  return parts.join('-')
-}
-
 const getRemoteOriginUrl = function () {
   try {
-    const url = execSync('git remote get-url origin 2> /dev/null').toString().trim()
+    const url = childProcess.execSync('git remote get-url origin 2> /dev/null').toString().trim()
     return url
   } catch (_error) {
     return null
@@ -242,18 +40,7 @@ const extractUsernameName = function (url) {
 module.exports = {
   sleep,
   resolvePath,
-  executeCommand,
   pluralize,
-  findEnvFiles,
-  guessEnvironment,
-  generateDotenvKey,
-  encryptFile,
-  encrypt,
-  changed,
-  hash,
-  formatCode,
   getRemoteOriginUrl,
-  extractUsernameName,
-  _parseEncryptionKeyFromDotenvKey,
-  _parseCipherTextFromDotenvKeyAndParsedVault
+  extractUsernameName
 }

package/src/lib/helpers/parseEncryptionKeyFromDotenvKey.js

@@ -0,0 +1,19 @@
+function parseEncryptionKeyFromDotenvKey (dotenvKey) {
+  // Parse DOTENV_KEY. Format is a URI
+  let uri
+  try {
+    uri = new URL(dotenvKey)
+  } catch (e) {
+    throw new Error(`INVALID_DOTENV_KEY: ${e.message}`)
+  }
+
+  // Get decrypt key
+  const key = uri.password
+  if (!key) {
+    throw new Error('INVALID_DOTENV_KEY: Missing key part')
+  }
+
+  return Buffer.from(key.slice(-64), 'hex')
+}
+
+module.exports = parseEncryptionKeyFromDotenvKey

package/src/lib/main.js

@@ -5,6 +5,7 @@ const dotenvExpand = require('dotenv-expand')
 // services
 const Encrypt = require('./services/encrypt')
 const Ls = require('./services/ls')
+const Get = require('./services/get')
 
 const config = function (options) {
   return dotenv.config(options)
@@ -114,6 +115,10 @@ const ls = function (directory, envFile) {
   return new Ls(directory, envFile).run()
 }
 
+const get = function (key, envFile, overload, all) {
+  return new Get(key, envFile, overload, all).run()
+}
+
 module.exports = {
   config,
   configDotenv,
@@ -121,6 +126,7 @@ module.exports = {
   parse,
   parseExpand,
   inject,
+  encrypt,
   ls,
-  encrypt
+  get
 }

package/src/lib/services/encrypt.js

@@ -6,11 +6,12 @@ const DotenvKeys = require('./../helpers/dotenvKeys')
 const DotenvVault = require('./../helpers/dotenvVault')
 
 const ENCODING = 'utf8'
+const RESERVED_ENV_FILES = ['.env.vault', '.env.project', '.env.keys', '.env.me', '.env.x']
 
 class Encrypt {
-  constructor (directory = '.', envFile = '.env') {
+  constructor (directory = '.', envFile) {
     this.directory = directory
-    this.envFile = envFile
+    this.envFile = envFile || this._findEnvFiles()
     // calculated
     this.envKeysFilepath = path.resolve(this.directory, '.env.keys')
     this.envVaultFilepath = path.resolve(this.directory, '.env.vault')
@@ -83,7 +84,8 @@ class Encrypt {
       dotenvVaultFile,
       addedVaults,
       existingVaults,
-      addedDotenvFilenames
+      addedDotenvFilenames,
+      envFile: this.envFile
     }
   }
 
@@ -110,6 +112,17 @@ class Encrypt {
 
     return dotenv.configDotenv(options).parsed
   }
+
+  _findEnvFiles () {
+    const files = fs.readdirSync(this.directory)
+    const envFiles = files.filter(file =>
+      file.startsWith('.env') &&
+      !file.endsWith('.previous') &&
+      !RESERVED_ENV_FILES.includes(file)
+    )
+
+    return envFiles
+  }
 }
 
 module.exports = Encrypt

package/src/lib/services/get.js

@@ -0,0 +1,47 @@
+const dotenv = require('dotenv')
+const dotenvExpand = require('dotenv-expand')
+
+class Get {
+  constructor (key, envFile = '.env', overload = false, all = false) {
+    this.key = key
+    this.envFile = envFile
+    this.overload = overload
+    this.all = all
+  }
+
+  run () {
+    const clonedEnv = { ...process.env }
+    const options = {
+      processEnv: clonedEnv,
+      path: this.envFile,
+      override: this.overload
+    }
+    const parsed = dotenv.config(options).parsed
+
+    const expandedEnv = { ...clonedEnv }
+    const expandOptions = {
+      processEnv: expandedEnv,
+      parsed
+    }
+    dotenvExpand.expand(expandOptions)
+
+    if (!this.key) {
+      // if user wants to return ALL envs (even prior set on machine)
+      if (this.all) {
+        return expandedEnv
+      }
+
+      // typical scenario - return only envs that were identified in the .env file
+      const result = {}
+      for (const key of Object.keys(parsed)) {
+        result[key] = expandedEnv[key]
+      }
+
+      return result
+    }
+
+    return expandedEnv[this.key]
+  }
+}
+
+module.exports = Get