@dotenvx/dotenvx 1.56.0 → 1.57.1

package/src/cli/actions/rotate.js

@@ -4,7 +4,7 @@ const { logger } = require('./../../shared/logger')
 const Rotate = require('./../../lib/services/rotate')
 
 const catchAndLog = require('../../lib/helpers/catchAndLog')
-const isIgnoringDotenvKeys = require('../../lib/helpers/isIgnoringDotenvKeys')
+const localDisplayPath = require('../../lib/helpers/localDisplayPath')
 
 function rotate () {
   const options = this.opts()
@@ -38,15 +38,7 @@ function rotate () {
       for (const processedEnv of processedEnvs) {
         logger.verbose(`rotating ${processedEnv.envFilepath} (${processedEnv.filepath})`)
         if (processedEnv.error) {
-          if (processedEnv.error.code === 'MISSING_ENV_FILE') {
-            logger.warn(processedEnv.error.message)
-            logger.help(`? add one with [echo "HELLO=World" > ${processedEnv.envFilepath}] and re-run [dotenvx rotate]`)
-          } else {
-            logger.warn(processedEnv.error.message)
-            if (processedEnv.error.help) {
-              logger.help(processedEnv.error.help)
-            }
-          }
+          logger.warn(processedEnv.error.messageWithHelp)
         } else if (processedEnv.changed) {
           fsx.writeFileX(processedEnv.filepath, processedEnv.envSrc)
           if (processedEnv.privateKeyAdded) {
@@ -60,25 +52,18 @@ function rotate () {
       }
 
       if (changedFilepaths.length > 0) {
-        logger.success(`✔ rotated (${changedFilepaths.join(',')})`)
+        const keyAddedEnv = processedEnvs.find((processedEnv) => processedEnv.privateKeyAdded)
+        let msg = `⟳ rotated (${changedFilepaths.join(',')})`
+        if (keyAddedEnv) {
+          const envKeysFilepath = localDisplayPath(keyAddedEnv.envKeysFilepath)
+          msg += ` + key (${envKeysFilepath})`
+        }
+        logger.success(msg)
       } else if (unchangedFilepaths.length > 0) {
-        logger.info(`no changes (${unchangedFilepaths})`)
+        logger.info(`○ no changes (${unchangedFilepaths})`)
       } else {
         // do nothing - scenario when no .env files found
       }
-
-      for (const processedEnv of processedEnvs) {
-        if (processedEnv.privateKeyAdded) {
-          logger.success(`✔ key added to .env.keys (${processedEnv.privateKeyName})`)
-          // logger.help('⮕  optional: [dotenvx ops backup] to securely backup private key')
-
-          if (!isIgnoringDotenvKeys()) {
-            logger.help('⮕  next run: [dotenvx ext gitignore --pattern .env.keys] to gitignore .env.keys')
-          }
-
-          logger.help(`⮕  next run: [${processedEnv.privateKeyName}='${processedEnv.privateKey}' dotenvx get] to test decryption locally`)
-        }
-      }
     } catch (error) {
       catchAndLog(error)
       process.exit(1)

package/src/cli/actions/run.js

@@ -3,6 +3,7 @@ const { logger } = require('./../../shared/logger')
 
 const executeCommand = require('./../../lib/helpers/executeCommand')
 const Run = require('./../../lib/services/run')
+const catchAndLog = require('./../../lib/helpers/catchAndLog')
 
 const conventions = require('./../../lib/helpers/conventions')
 
@@ -64,18 +65,10 @@ async function run () {
 
         if (options.strict) throw error // throw if strict and not ignored
 
-        if (error.code === 'MISSING_ENV_FILE') {
-          if (!options.convention) { // do not output error for conventions (too noisy)
-            logger.error(error.message)
-            if (error.help) {
-              logger.error(`${error.help} and re-run [dotenvx run -- ${commandArgs.join(' ')}]`)
-            }
-          }
+        if (error.code === 'MISSING_ENV_FILE' && options.convention) { // do not output error for conventions (too noisy)
+          // intentionally quiet
         } else {
-          logger.error(error.message)
-          if (error.help) {
-            logger.error(error.help)
-          }
+          logger.error(error.messageWithHelp)
         }
       }
 
@@ -106,10 +99,7 @@ async function run () {
 
     logger.successv(msg)
   } catch (error) {
-    logger.error(error.message)
-    if (error.help) {
-      logger.error(error.help)
-    }
+    catchAndLog(error)
     process.exit(1)
   }
 

package/src/cli/actions/set.js

@@ -4,7 +4,7 @@ const { logger } = require('./../../shared/logger')
 const Sets = require('./../../lib/services/sets')
 
 const catchAndLog = require('../../lib/helpers/catchAndLog')
-const isIgnoringDotenvKeys = require('../../lib/helpers/isIgnoringDotenvKeys')
+const localDisplayPath = require('../../lib/helpers/localDisplayPath')
 
 function set (key, value) {
   logger.debug(`key: ${key}`)
@@ -40,15 +40,7 @@ function set (key, value) {
       logger.verbose(`setting for ${processedEnv.envFilepath}`)
 
       if (processedEnv.error) {
-        if (processedEnv.error.code === 'MISSING_ENV_FILE') {
-          logger.warn(processedEnv.error.message)
-          logger.help(`? add one with [echo "HELLO=World" > ${processedEnv.envFilepath}] and re-run [dotenvx set]`)
-        } else {
-          logger.warn(processedEnv.error.message)
-          if (processedEnv.error.help) {
-            logger.help(processedEnv.error.help)
-          }
-        }
+        logger.warn(processedEnv.error.messageWithHelp)
       } else {
         fsx.writeFileX(processedEnv.filepath, processedEnv.envSrc)
 
@@ -57,26 +49,25 @@ function set (key, value) {
       }
     }
 
+    const keyAddedEnv = processedEnvs.find((processedEnv) => processedEnv.privateKeyAdded)
+    const keyAddedSuffix = keyAddedEnv ? ` + key (${localDisplayPath(keyAddedEnv.envKeysFilepath)})` : ''
+
     if (changedFilepaths.length > 0) {
-      logger.success(`✔ set ${key}${withEncryption} (${changedFilepaths.join(',')})`)
+      if (encrypt) {
+        logger.success(`◈ encrypted ${key} (${changedFilepaths.join(',')})${keyAddedSuffix}`)
+      } else {
+        logger.success(`◇ set ${key} (${changedFilepaths.join(',')})`)
+      }
+    } else if (encrypt && keyAddedEnv) {
+      const keyAddedEnvFilepath = keyAddedEnv.envFilepath || changedFilepaths[0] || '.env'
+      logger.success(`◈ encrypted ${key} (${keyAddedEnvFilepath})${keyAddedSuffix}`)
     } else if (unchangedFilepaths.length > 0) {
-      logger.info(`no changes (${unchangedFilepaths})`)
+      logger.info(`○ no changes (${unchangedFilepaths})`)
     } else {
       // do nothing
     }
 
-    for (const processedEnv of processedEnvs) {
-      if (processedEnv.privateKeyAdded) { // TODO: change to localPrivateKeyAdded
-        logger.success(`✔ key added to ${processedEnv.envKeysFilepath} (${processedEnv.privateKeyName})`)
-        // logger.help('⮕  optional: [dotenvx ops backup] to securely backup private key')
-
-        if (!isIgnoringDotenvKeys()) {
-          logger.help('⮕  next run: [dotenvx ext gitignore --pattern .env.keys] to gitignore .env.keys')
-        }
-
-        logger.help(`⮕  next run: [${processedEnv.privateKeyName}='${processedEnv.privateKey}' dotenvx get ${key}] to test decryption locally`)
-      }
-    }
+    // intentionally quiet: success line communicates key creation
   } catch (error) {
     catchAndLog(error)
     process.exit(1)

package/src/cli/dotenvx.js

@@ -30,8 +30,7 @@ const commanderVersion = getCommanderVersion()
 if (commanderVersion && parseInt(commanderVersion.split('.')[0], 10) >= 12) {
   const message = `dotenvx depends on commander@11.x.x but you are attempting to hoist commander@${commanderVersion}`
   const error = new Errors({ message }).dangerousDependencyHoist()
-  logger.error(error.message)
-  if (error.help) logger.error(error.help)
+  logger.error(error.messageWithHelp)
 }
 
 // global log levels
@@ -108,7 +107,7 @@ program.command('get')
 const setAction = require('./actions/set')
 program.command('set')
   .usage('<KEY> <value> [options]')
-  .description('set a single environment variable')
+  .description('encrypt a single environment variable')
   .addHelpText('after', examples.set)
   .allowUnknownOption()
   .argument('KEY', 'KEY')
@@ -153,6 +152,21 @@ program.command('decrypt')
     decryptAction.apply(this, args)
   })
 
+// dotenvx rotate
+const rotateAction = require('./actions/rotate')
+program.command('rotate')
+  .description('rotate keypair(s) and re-encrypt .env file(s)')
+  .option('-f, --env-file <paths...>', 'path(s) to your env file(s)', collectEnvs('envFile'), [])
+  .option('-fk, --env-keys-file <path>', 'path to your .env.keys file (default: same path as your env file)')
+  .option('-k, --key <keys...>', 'keys(s) to encrypt (default: all keys in file)')
+  .option('-ek, --exclude-key <excludeKeys...>', 'keys(s) to exclude from encryption (default: none)')
+  .option('--ops-off', 'disable dotenvx-ops features', sesh.opsOff())
+  .option('--stdout', 'send to stdout')
+  .action(function (...args) {
+    this.envs = envs
+    rotateAction.apply(this, args)
+  })
+
 // dotenvx keypair
 const keypairAction = require('./actions/keypair')
 program.command('keypair')
@@ -176,21 +190,6 @@ program.command('ls')
   .option('-ef, --exclude-env-file <excludeFilenames...>', 'path(s) to exclude from your env file(s) (default: none)')
   .action(lsAction)
 
-// dotenvx rotate
-const rotateAction = require('./actions/rotate')
-program.command('rotate')
-  .description('rotate keypair(s) and re-encrypt .env file(s)')
-  .option('-f, --env-file <paths...>', 'path(s) to your env file(s)', collectEnvs('envFile'), [])
-  .option('-fk, --env-keys-file <path>', 'path to your .env.keys file (default: same path as your env file)')
-  .option('-k, --key <keys...>', 'keys(s) to encrypt (default: all keys in file)')
-  .option('-ek, --exclude-key <excludeKeys...>', 'keys(s) to exclude from encryption (default: none)')
-  .option('--ops-off', 'disable dotenvx-ops features', sesh.opsOff())
-  .option('--stdout', 'send to stdout')
-  .action(function (...args) {
-    this.envs = envs
-    rotateAction.apply(this, args)
-  })
-
 // dotenvx help
 program.command('help [command]')
   .description('display help for command')
@@ -252,7 +251,8 @@ program.helpInformation = function () {
   const filteredLines = lines.filter(line =>
     !line.includes('DEPRECATED') &&
     !line.includes('help [command]') &&
-    !line.includes('🔌 extensions')
+    !line.includes('🔌 extensions') &&
+    !/^\s*ls\b/.test(line)
   )
 
   return filteredLines.join('\n')

package/src/cli/examples.js

@@ -66,11 +66,11 @@ Examples:
   $ dotenvx ext gitignore --pattern .env.keys
   \`\`\`
 
-Try it:
+  Try it:
 
   \`\`\`
   $ dotenvx ext gitignore
-  ✔ ignored .env* (.gitignore)
+  ▣ ignored .env* (.gitignore)
   \`\`\`
   `
 }

package/src/lib/helpers/catchAndLog.js

@@ -1,10 +1,7 @@
 const { logger } = require('./../../shared/logger')
 
 function catchAndLog (error) {
-  logger.error(error.message)
-  if (error.help) {
-    logger.help(error.help)
-  }
+  logger.error(error.messageWithHelp)
   if (error.debug) {
     logger.debug(error.debug)
   }

package/src/lib/helpers/conventions.js

@@ -1,3 +1,5 @@
+const Errors = require('./errors')
+
 function conventions (convention) {
   const env = process.env.DOTENV_ENV || process.env.NODE_ENV || 'development'
 
@@ -19,7 +21,7 @@ function conventions (convention) {
       { type: 'envFile', value: '.env.defaults' }
     ]
   } else {
-    throw new Error(`INVALID_CONVENTION: '${convention}'. permitted conventions: ['nextjs', 'flow']`)
+    throw new Errors({ convention }).invalidConvention()
   }
 }
 

package/src/lib/helpers/cryptography/decryptKeyValue.js

@@ -30,7 +30,7 @@ function decryptKeyValue (key, value, privateKeyName, privateKey) {
         if (e.message === 'Invalid private key') {
           decryptionError = new Errors({ key, privateKeyName, privateKey }).invalidPrivateKey()
         } else if (e.message === 'Unsupported state or unable to authenticate data') {
-          decryptionError = new Errors({ key, privateKeyName, privateKey }).looksWrongPrivateKey()
+          decryptionError = new Errors({ key, privateKeyName, privateKey }).wrongPrivateKey()
         } else if (e.message === 'Point of length 65 was invalid. Expected 33 compressed bytes or 65 uncompressed bytes') {
           decryptionError = new Errors({ key, privateKeyName, privateKey }).malformedEncryptedData()
         } else {

package/src/lib/helpers/errors.js

@@ -1,5 +1,26 @@
 const truncate = require('./truncate')
 
+const ISSUE_BY_CODE = {
+  COMMAND_EXITED_WITH_CODE: 'https://github.com/dotenvx/dotenvx/issues/new',
+  COMMAND_SUBSTITUTION_FAILED: 'https://github.com/dotenvx/dotenvx/issues/532',
+  DECRYPTION_FAILED: 'https://github.com/dotenvx/dotenvx/issues/757',
+  DANGEROUS_DEPENDENCY_HOIST: 'https://github.com/dotenvx/dotenvx/issues/622',
+  INVALID_COLOR: 'must be 256 colors',
+  INVALID_CONVENTION: 'https://github.com/dotenvx/dotenvx/issues/761',
+  INVALID_PRIVATE_KEY: 'https://github.com/dotenvx/dotenvx/issues/465',
+  INVALID_PUBLIC_KEY: 'https://github.com/dotenvx/dotenvx/issues/756',
+  MALFORMED_ENCRYPTED_DATA: 'https://github.com/dotenvx/dotenvx/issues/467',
+  MISPAIRED_PRIVATE_KEY: 'https://github.com/dotenvx/dotenvx/issues/752',
+  MISSING_DIRECTORY: 'https://github.com/dotenvx/dotenvx/issues/758',
+  MISSING_ENV_FILE: 'https://github.com/dotenvx/dotenvx/issues/484',
+  MISSING_ENV_FILES: 'https://github.com/dotenvx/dotenvx/issues/760',
+  MISSING_KEY: 'https://github.com/dotenvx/dotenvx/issues/759',
+  MISSING_LOG_LEVEL: 'must be valid log level',
+  MISSING_PRIVATE_KEY: 'https://github.com/dotenvx/dotenvx/issues/464',
+  PRECOMMIT_HOOK_MODIFY_FAILED: 'try again or report error',
+  WRONG_PRIVATE_KEY: 'https://github.com/dotenvx/dotenvx/issues/466'
+}
+
 class Errors {
   constructor (options = {}) {
     this.filepath = options.filepath
@@ -8,118 +29,252 @@ class Errors {
     this.key = options.key
     this.privateKey = options.privateKey
     this.privateKeyName = options.privateKeyName
+    this.publicKeyName = options.publicKeyName
     this.publicKey = options.publicKey
     this.publicKeyExisting = options.publicKeyExisting
     this.command = options.command
 
     this.message = options.message
+    this.code = options.code
+    this.help = options.help
+    this.debug = options.debug
+
+    this.convention = options.convention
+    this.directory = options.directory
+    this.exitCode = options.exitCode
+    this.level = options.level
+    this.color = options.color
+    this.error = options.error
   }
 
-  missingEnvFile () {
-    const code = 'MISSING_ENV_FILE'
-    const message = `[${code}] missing ${this.envFilepath} file (${this.filepath})`
-    const help = `[${code}] https://github.com/dotenvx/dotenvx/issues/484`
+  custom () {
+    const e = new Error(this.message)
+    if (this.code) e.code = this.code
+    if (this.help) e.help = this.help
+    if (this.code && !e.help) e.help = `fix: [${ISSUE_BY_CODE[this.code]}]`
+    e.messageWithHelp = `${e.message}. ${e.help}`
+    if (this.debug) e.debug = this.debug
+    return e
+  }
+
+  commandExitedWithCode () {
+    const code = 'COMMAND_EXITED_WITH_CODE'
+    const message = `[${code}] Command exited with exit code ${this.exitCode}`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
     e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 
-  missingKey () {
-    const code = 'MISSING_KEY'
-    const message = `[${code}] missing ${this.key} key`
+  commandSubstitutionFailed () {
+    const code = 'COMMAND_SUBSTITUTION_FAILED'
+    const message = `[${code}] could not eval ${this.key} containing command '${this.command}': ${this.message}`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 
-  missingPrivateKey () {
-    const code = 'MISSING_PRIVATE_KEY'
-    const message = `[${code}] could not decrypt ${this.key} using private key '${this.privateKeyName}=${truncate(this.privateKey)}'`
-    const help = `[${code}] https://github.com/dotenvx/dotenvx/issues/464`
+  decryptionFailed () {
+    const code = 'DECRYPTION_FAILED'
+    const message = `[${code}] ${this.message}`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
     e.help = help
+    e.messageWithHelp = `${message}. ${help}`
+    return e
+  }
+
+  dangerousDependencyHoist () {
+    const code = 'DANGEROUS_DEPENDENCY_HOIST'
+    const message = `[${code}] your environment has hoisted an incompatible version of a dotenvx dependency: ${this.message}`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
+
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
+    return e
+  }
+
+  invalidColor () {
+    const code = 'INVALID_COLOR'
+    const message = `[${code}] Invalid color ${this.color}`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
+
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
+    return e
+  }
+
+  invalidConvention () {
+    const code = 'INVALID_CONVENTION'
+    const message = `[${code}] invalid convention (${this.convention})`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
+
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 
   invalidPrivateKey () {
     const code = 'INVALID_PRIVATE_KEY'
     const message = `[${code}] could not decrypt ${this.key} using private key '${this.privateKeyName}=${truncate(this.privateKey)}'`
-    const help = `[${code}] https://github.com/dotenvx/dotenvx/issues/465`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
     e.help = help
+    e.messageWithHelp = `${message}. ${help}`
+    return e
+  }
+
+  invalidPublicKey () {
+    const code = 'INVALID_PUBLIC_KEY'
+    const message = `[${code}] could not encrypt using public key '${this.publicKeyName}=${truncate(this.publicKey)}'`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
+
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
+    return e
+  }
+
+  malformedEncryptedData () {
+    const code = 'MALFORMED_ENCRYPTED_DATA'
+    const message = `[${code}] could not decrypt ${this.key} because encrypted data appears malformed`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
+
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 
   mispairedPrivateKey () {
     const code = 'MISPAIRED_PRIVATE_KEY'
     const message = `[${code}] private key's derived public key (${truncate(this.publicKey)}) does not match the existing public key (${truncate(this.publicKeyExisting)})`
-    const help = `[${code}] https://github.com/dotenvx/dotenvx/issues/752`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
     e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 
-  looksWrongPrivateKey () {
-    const code = 'WRONG_PRIVATE_KEY'
-    const message = `[${code}] could not decrypt ${this.key} using private key '${this.privateKeyName}=${truncate(this.privateKey)}'`
-    const help = `[${code}] https://github.com/dotenvx/dotenvx/issues/466`
+  missingDirectory () {
+    const code = 'MISSING_DIRECTORY'
+    const message = `[${code}] missing directory (${this.directory})`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
     e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 
-  malformedEncryptedData () {
-    const code = 'MALFORMED_ENCRYPTED_DATA'
-    const message = `[${code}] could not decrypt ${this.key} because encrypted data appears malformed`
-    const help = `[${code}] https://github.com/dotenvx/dotenvx/issues/467`
+  missingEnvFile () {
+    const code = 'MISSING_ENV_FILE'
+    const envFilepath = this.envFilepath || '.env'
+    const message = `[${code}] missing file (${envFilepath})`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
     e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 
-  decryptionFailed () {
-    const code = 'DECRYPTION_FAILED'
-    const message = this.message
+  missingEnvFiles () {
+    const code = 'MISSING_ENV_FILES'
+    const message = `[${code}] no .env* files found`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 
-  commandSubstitutionFailed () {
-    const code = 'COMMAND_SUBSTITUTION_FAILED'
-    const message = `[${code}] could not eval ${this.key} containing command '${this.command}': ${this.message}`
-    const help = `[${code}] https://github.com/dotenvx/dotenvx/issues/532`
+  missingKey () {
+    const code = 'MISSING_KEY'
+    const message = `[${code}] missing key (${this.key})`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
     e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 
-  dangerousDependencyHoist () {
-    const code = 'DANGEROUS_DEPENDENCY_HOIST'
-    const message = `[${code}] your environment has hoisted an incompatible version of a dotenvx dependency: ${this.message}`
-    const help = `[${code}] https://github.com/dotenvx/dotenvx/issues/622`
+  missingLogLevel () {
+    const code = 'MISSING_LOG_LEVEL'
+    const message = `[${code}] missing log level '${this.level}'. implement in logger`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
+
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
+    return e
+  }
+
+  missingPrivateKey () {
+    const code = 'MISSING_PRIVATE_KEY'
+    const message = `[${code}] could not decrypt ${this.key} using private key '${this.privateKeyName}=${truncate(this.privateKey)}'`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
+
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
+    return e
+  }
+
+  precommitHookModifyFailed () {
+    const code = 'PRECOMMIT_HOOK_MODIFY_FAILED'
+    const message = `[${code}] failed to modify pre-commit hook: ${this.error.message}`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
 
     const e = new Error(message)
     e.code = code
     e.help = help
+    e.messageWithHelp = `${message}. ${help}`
+    return e
+  }
+
+  wrongPrivateKey () {
+    const code = 'WRONG_PRIVATE_KEY'
+    const message = `[${code}] could not decrypt ${this.key} using private key '${this.privateKeyName}=${truncate(this.privateKey)}'`
+    const help = `fix: [${ISSUE_BY_CODE[code]}]`
+
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    e.messageWithHelp = `${message}. ${help}`
     return e
   }
 }
 
+Errors.ISSUE_BY_CODE = ISSUE_BY_CODE
+
 module.exports = Errors

package/src/lib/helpers/executeCommand.js

@@ -2,6 +2,7 @@ const path = require('path')
 const which = require('which')
 const execute = require('./../../lib/helpers/execute')
 const { logger } = require('./../../shared/logger')
+const Errors = require('./errors')
 
 async function executeCommand (commandArgs, env) {
   const signals = [
@@ -91,7 +92,7 @@ async function executeCommand (commandArgs, env) {
 
     if (exitCode !== 0) {
       logger.debug(`received exitCode ${exitCode}`)
-      throw new Error(`Command exited with exit code ${exitCode}`)
+      throw new Errors({ exitCode }).commandExitedWithCode()
     }
   } catch (error) {
     // no color on these errors as they can be standard errors for things like jest exiting with exitCode 1 for a single failed test.