@dotenvx/dotenvx 1.48.3 → 1.49.0

package/CHANGELOG.md

@@ -2,7 +2,19 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
-[Unreleased](https://github.com/dotenvx/dotenvx/compare/v1.48.3...main)
+[Unreleased](https://github.com/dotenvx/dotenvx/compare/v1.48.4...main)
+
+## [1.49.0](https://github.com/dotenvx/dotenvx/compare/v1.48.4...v1.49.0) (2025-08-18)
+
+### Added
+
+* For precommit and prebuild, ignore `.env.x` file like we do with `.env.vault` file. ([#666](https://github.com/dotenvx/dotenvx/pull/666))
+
+## [1.48.4](https://github.com/dotenvx/dotenvx/compare/v1.48.3...v1.48.4) (2025-07-29)
+
+### Removed
+
+* Remove unnecessary use of `eval` in proKeypair helper ([#654](https://github.com/dotenvx/dotenvx/pull/654))
 
 ## 1.48.3
 

package/README.md

@@ -1,6 +1,6 @@
-[![dotenvx](https://dotenvx.com/better-banner.png)](https://dotenvx.com)
+[![dotenvx](https://dotenvx.com/banner.png)](https://dotenvx.com)
 
-*a better dotenv*–from the creator of [`dotenv`](https://github.com/motdotla/dotenv).
+*a secure dotenv*–from the creator of [`dotenv`](https://github.com/motdotla/dotenv).
 
 * run anywhere (cross-platform)
 * multi-environment
@@ -2036,7 +2036,7 @@ Output help for `dotenvx`.
 $ dotenvx help
 Usage: dotenvx run -- yourcommand
 
-a better dotenv–from the creator of `dotenv`
+a secure dotenv–from the creator of `dotenv`
 
 Options:
   -l, --log-level <level>      set log level (default: "info")
@@ -2543,18 +2543,22 @@ This is known as *Decryption at Access* and is written about in [the whitepaper]
 
 ### Usage
 
-```sh
 1. Install Radar
 
+```sh
 $ curl -sfS https://dotenvx.sh/radar | sh
+```
 
 2. Log in
 
+```sh
 $ dotenvx-radar login
 ✔ logged in [username]
+```
 
 3. Run dotenvx
 
+```sh
 $ dotenvx run -- yourcommand
 [dotenvx@1.0.0] 📡 radar active
 [dotenvx@1.0.0] injecting env (1) from .env

package/package.json

@@ -1,7 +1,7 @@
 {
-  "version": "1.48.3",
+  "version": "1.49.0",
   "name": "@dotenvx/dotenvx",
-  "description": "a better dotenv–from the creator of `dotenv`",
+  "description": "a secure dotenv–from the creator of `dotenv`",
   "author": "@motdotla",
   "keywords": [
     "dotenv",
@@ -44,7 +44,7 @@
   "funding": "https://dotenvx.com",
   "dependencies": {
     "commander": "^11.1.0",
-    "dotenv": "^16.4.5",
+    "dotenv": "^17.2.1",
     "eciesjs": "^0.4.10",
     "execa": "^5.1.1",
     "fdir": "^6.2.0",
@@ -56,7 +56,7 @@
   "devDependencies": {
     "@yao-pkg/pkg": "^5.14.2",
     "capture-console": "^1.0.2",
-    "esbuild": "^0.24.0",
+    "esbuild": "^0.25.8",
     "proxyquire": "^2.1.3",
     "sinon": "^14.0.1",
     "standard": "^17.1.0",

package/src/lib/helpers/dotenvParse.js

@@ -40,7 +40,7 @@ function dotenvParse (src, skipExpandForDoubleQuotes = false, skipConvertingWind
       //
       // # .env
       // HELLO="World"
-      // HELLO="enrypted:1234"
+      // HELLO="encrypted:1234"
       obj[key] = obj[key] || []
       obj[key].push(value)
     } else {

package/src/lib/helpers/isFullyEncrypted.js

@@ -10,7 +10,7 @@ function isFullyEncrypted (src) {
     //
     // # .env
     // HELLO="World"
-    // HELLO="enrypted:1234"
+    // HELLO="encrypted:1234"
     //
     // key => [value1, ...]
     for (const value of values) {

package/src/lib/helpers/proKeypair.js

@@ -13,13 +13,9 @@ class ProKeypair {
     let result = {}
 
     try {
-      // if installed as sibling module
-      const projectRoot = path.resolve(process.cwd())
-      // eslint-disable-next-line no-eval
-      const dotenvxProPath = eval('require').resolve('@dotenvx/dotenvx-pro', { paths: [projectRoot] }) // necessary for webpack builds
-      // eslint-disable-next-line no-eval
-      const { keypair } = eval('require')(dotenvxProPath) // necessary for webpack builds
-      result = keypair(this.envFilepath)
+      const fallbackBin = path.resolve(process.cwd(), 'node_modules/.bin/dotenvx-pro')
+      const output = childProcess.execSync(`${fallbackBin} keypair -f ${this.envFilepath}`, { stdio: ['pipe', 'pipe', 'ignore'] }).toString().trim()
+      result = JSON.parse(output)
     } catch (_e) {
       try {
         // if installed as binary cli

package/src/lib/services/prebuild.js

@@ -41,13 +41,13 @@ class Prebuild {
 
       // check if that file is being ignored
       if (ig.ignores(file)) {
-        if (file === '.env.example' || file === '.env.vault') {
+        if (file === '.env.example' || file === '.env.vault' || file === '.env.x') {
           const warning = new Error(`[dotenvx@${packageJson.version}][prebuild] ${file} (currently ignored but should not be)`)
           warning.help = `[dotenvx@${packageJson.version}][prebuild] ⮕  run [dotenvx ext gitignore --pattern !${file}]`
           warnings.push(warning)
         }
       } else {
-        if (file !== '.env.example' && file !== '.env.vault') {
+        if (file !== '.env.example' && file !== '.env.vault' && file !== '.env.x') {
           const src = fsx.readFileX(file)
           const encrypted = isFullyEncrypted(src)
 

package/src/lib/services/precommit.js

@@ -57,13 +57,13 @@ class Precommit {
         if (this._isFileToBeCommitted(file)) {
           // check if that file is being ignored
           if (ig.ignores(file)) {
-            if (file === '.env.example' || file === '.env.vault') {
+            if (file === '.env.example' || file === '.env.vault' || file === '.env.x') {
               const warning = new Error(`[dotenvx@${packageJson.version}][precommit] ${file} (currently ignored but should not be)`)
               warning.help = `[dotenvx@${packageJson.version}][precommit] ⮕  run [dotenvx ext gitignore --pattern !${file}]`
               warnings.push(warning)
             }
           } else {
-            if (file !== '.env.example' && file !== '.env.vault') {
+            if (file !== '.env.example' && file !== '.env.vault' && file !== '.env.x') {
               const src = fsx.readFileX(file)
               const encrypted = isFullyEncrypted(src)