@dotenvx/dotenvx 1.59.1 → 1.60.0

package/src/cli/dotenvx.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 
 /* c8 ignore start */
-const { Command } = require('commander')
+const { Command, Option } = require('commander')
 const program = new Command()
 
 const { setLogLevel, logger } = require('../shared/logger')
@@ -13,9 +13,6 @@ const executeDynamic = require('./../lib/helpers/executeDynamic')
 const removeDynamicHelpSection = require('./../lib/helpers/removeDynamicHelpSection')
 const removeOptionsHelpParts = require('./../lib/helpers/removeOptionsHelpParts')
 
-const Session = require('./../db/session')
-const sesh = new Session()
-
 // for use with run
 const envs = []
 function collectEnvs (type) {
@@ -74,10 +71,11 @@ program.command('run')
   .option('--strict', 'process.exit(1) on any errors', false)
   .option('--convention <name>', 'load a .env convention (available conventions: [\'nextjs\', \'flow\'])')
   .option('--ignore <errorCodes...>', 'error code(s) to ignore (example: --ignore=MISSING_ENV_FILE)')
-  .option('--ops-off', 'disable dotenvx-ops features', sesh.opsOff())
+  .option('--no-ops', 'disable dotenvx-ops features')
+  .addOption(new Option('--ops-off', 'DEPRECATED: use --no-ops').hideHelp())
   .action(function (...args) {
     this.envs = envs
-    runAction.apply(this, args)
+    return runAction.apply(this, args)
   })
 
 // dotenvx get
@@ -97,10 +95,10 @@ program.command('get')
   .option('-pp, --pretty-print', 'pretty print output')
   .option('--pp', 'pretty print output (alias)')
   .option('--format <type>', 'format of the output (json, shell, eval)', 'json')
-  .option('--ops-off', 'disable dotenvx-ops features', sesh.opsOff())
+  .option('--no-ops', 'disable dotenvx-ops features')
   .action(function (...args) {
     this.envs = envs
-    getAction.apply(this, args)
+    return getAction.apply(this, args)
   })
 
 // dotenvx set
@@ -117,10 +115,10 @@ program.command('set')
   .option('-c, --encrypt', 'encrypt value', true)
   .option('-p, --plain', 'store value as plain text', false)
   .option('--no-create', 'do not create .env file(s) when missing')
-  .option('--ops-off', 'disable dotenvx-ops features', sesh.opsOff())
+  .option('--no-ops', 'disable dotenvx-ops features')
   .action(function (...args) {
     this.envs = envs
-    setAction.apply(this, args)
+    return setAction.apply(this, args)
   })
 
 // dotenvx encrypt
@@ -131,12 +129,12 @@ program.command('encrypt')
   .option('-fk, --env-keys-file <path>', 'path to your .env.keys file (default: same path as your env file)')
   .option('-k, --key <keys...>', 'keys(s) to encrypt (default: all keys in file)')
   .option('-ek, --exclude-key <excludeKeys...>', 'keys(s) to exclude from encryption (default: none)')
-  .option('--no-create', 'do not create .env file(s) when missing')
-  .option('--ops-off', 'disable dotenvx-ops features', sesh.opsOff())
   .option('--stdout', 'send to stdout')
+  .option('--no-create', 'do not create .env file(s) when missing')
+  .option('--no-ops', 'disable dotenvx-ops features')
   .action(function (...args) {
     this.envs = envs
-    encryptAction.apply(this, args)
+    return encryptAction.apply(this, args)
   })
 
 // dotenvx decrypt
@@ -147,11 +145,11 @@ program.command('decrypt')
   .option('-fk, --env-keys-file <path>', 'path to your .env.keys file (default: same path as your env file)')
   .option('-k, --key <keys...>', 'keys(s) to decrypt (default: all keys in file)')
   .option('-ek, --exclude-key <excludeKeys...>', 'keys(s) to exclude from decryption (default: none)')
-  .option('--ops-off', 'disable dotenvx-ops features', sesh.opsOff())
+  .option('--no-ops', 'disable dotenvx-ops features')
   .option('--stdout', 'send to stdout')
   .action(function (...args) {
     this.envs = envs
-    decryptAction.apply(this, args)
+    return decryptAction.apply(this, args)
   })
 
 // dotenvx rotate
@@ -162,11 +160,11 @@ program.command('rotate')
   .option('-fk, --env-keys-file <path>', 'path to your .env.keys file (default: same path as your env file)')
   .option('-k, --key <keys...>', 'keys(s) to encrypt (default: all keys in file)')
   .option('-ek, --exclude-key <excludeKeys...>', 'keys(s) to exclude from encryption (default: none)')
-  .option('--ops-off', 'disable dotenvx-ops features', sesh.opsOff())
+  .option('--no-ops', 'disable dotenvx-ops features')
   .option('--stdout', 'send to stdout')
   .action(function (...args) {
     this.envs = envs
-    rotateAction.apply(this, args)
+    return rotateAction.apply(this, args)
   })
 
 // dotenvx keypair
@@ -177,7 +175,7 @@ program.command('keypair')
   .argument('[KEY]', 'environment variable key name')
   .option('-f, --env-file <paths...>', 'path(s) to your env file(s)')
   .option('-fk, --env-keys-file <path>', 'path to your .env.keys file (default: same path as your env file)')
-  .option('--ops-off', 'disable dotenvx-ops features', sesh.opsOff())
+  .option('--no-ops', 'disable dotenvx-ops features')
   .option('-pp, --pretty-print', 'pretty print output')
   .option('--pp', 'pretty print output (alias)')
   .option('--format <type>', 'format of the output (json, shell)', 'json')
@@ -208,11 +206,11 @@ program.command('help [command]')
     }
   })
 
-// dotenvx pro
+// dotenvx ops
 program.addHelpText('after', ' ')
 program.addHelpText('after', 'Advanced: ')
-program.addHelpText('after', '  ops                          ⛨  Ops [www.dotenvx.com/ops]')
-program.addHelpText('after', '  ext                          🔌 extensions')
+program.addHelpText('after', '  ops                ⛨  Ops [www.dotenvx.com/ops]')
+program.addHelpText('after', '  ext                🔌 extensions')
 
 // dotenvx ext
 program.addCommand(require('./commands/ext'))

package/src/cli/examples.js

@@ -16,7 +16,7 @@ Try it:
   $ echo "console.log('Hello ' + process.env.HELLO)" > index.js
 
   $ dotenvx run -f .env -- node index.js
-  [dotenvx] injecting env (1) from .env
+  [dotenvx] injected env (1) from .env
   Hello World
   \`\`\`
   `

package/src/db/session.js

@@ -1,20 +1,24 @@
 const Ops = require('./../lib/extensions/ops')
+const { logger } = require('./../shared/logger')
 
 class Session {
   constructor () {
     this.ops = new Ops()
-    this.opsStatus = this.ops.status()
   }
 
   //
-  // opsOff/On
+  // ops status helpers
   //
-  opsOn () {
-    return this.opsStatus === 'on'
+  async noOps () {
+    const status = await this.ops.status()
+    logger.debug(`ops: ${status}`)
+    return status === 'off'
   }
 
-  opsOff () {
-    return !this.opsOn()
+  noOpsSync () {
+    const status = this.ops.statusSync()
+    logger.debug(`ops: ${status}`)
+    return status === 'off'
   }
 }
 

package/src/lib/extensions/ops.js

@@ -1,97 +1,146 @@
 const path = require('path')
 const childProcess = require('child_process')
+const util = require('util')
 
-// const { logger } = require('./../../shared/logger')
+const execFile = util.promisify(childProcess.execFile)
 
 class Ops {
-  constructor () {
-    this.opsLib = null
+  async status () {
+    if (this._isForcedOff()) return 'off'
 
-    if (this._isForcedOff()) {
-      return
+    const binary = await this._resolveBinary()
+    if (!binary) return 'off'
+
+    try {
+      return await this._exec(binary, ['status'])
+    } catch (_e) {
+      return 'off'
     }
+  }
 
-    // check npm lib
-    try { this.opsLib = this._opsNpm() } catch (_e) {}
+  statusSync () {
+    if (this._isForcedOff()) return 'off'
 
-    // check binary cli
-    if (!this.opsLib) {
-      try { this.opsLib = this._opsCli() } catch (_e) {}
-    }
+    const binary = this._resolveBinarySync()
+    if (!binary) return 'off'
 
-    if (this.opsLib) {
-      // logger.successv(`⛨ ops: ${this.opsLib.status()}`)
+    try {
+      return this._execSync(binary, ['status'])
+    } catch (_e) {
+      return 'off'
     }
   }
 
-  status () {
-    if (this._isForcedOff() || !this.opsLib) {
-      return 'off'
-    }
+  async keypair (publicKey) {
+    if (this._isForcedOff()) return {}
 
-    return this.opsLib.status()
-  }
+    const binary = await this._resolveBinary()
+    if (!binary) return {}
+
+    const args = ['keypair']
+    if (publicKey) args.push(publicKey)
 
-  keypair (publicKey) {
-    if (this._isForcedOff() || !this.opsLib) {
+    try {
+      return JSON.parse(await this._exec(binary, args))
+    } catch (_e) {
       return {}
     }
+  }
+
+  keypairSync (publicKey) {
+    if (this._isForcedOff()) return {}
 
-    return this.opsLib.keypair(publicKey)
+    const binary = this._resolveBinarySync()
+    if (!binary) return {}
+
+    const args = ['keypair']
+    if (publicKey) args.push(publicKey)
+
+    try {
+      return JSON.parse(this._execSync(binary, args))
+    } catch (_e) {
+      return {}
+    }
   }
 
   observe (payload) {
-    if (!this._isForcedOff() && this.opsLib && this.opsLib.status() !== 'off') {
-      const encoded = Buffer.from(JSON.stringify(payload)).toString('base64')
-      this.opsLib.observe(encoded)
+    if (this._isForcedOff()) return
+
+    const binary = this._resolveBinarySync()
+    if (!binary) return
+
+    let status = 'off'
+    try {
+      status = this._execSync(binary, ['status'])
+    } catch (_e) {
+      return
+    }
+    if (status === 'off') return
+
+    const encoded = Buffer.from(JSON.stringify(payload)).toString('base64')
+    try {
+      const subprocess = childProcess.spawn(binary, ['observe', encoded], {
+        stdio: 'ignore',
+        detached: true
+      })
+      subprocess.unref()
+    } catch (_e) {
+      // noop
     }
   }
 
-  //
-  // private
-  //
-  _opsNpm () {
-    const npmBin = path.resolve(process.cwd(), 'node_modules/.bin/dotenvx-ops')
-    return this._opsLib(npmBin)
+  async _exec (binary, args) {
+    const { stdout } = await execFile(binary, args)
+    return stdout.toString().trim()
   }
 
-  _opsCli () {
-    return this._opsLib('dotenvx-ops')
+  _execSync (binary, args) {
+    return childProcess.execFileSync(binary, args).toString().trim()
   }
 
-  _opsLib (binary) {
-    childProcess.execFileSync(binary, ['--version'], { stdio: ['pipe', 'pipe', 'ignore'] })
-
-    return {
-      status: () => {
-        return childProcess.execFileSync(binary, ['status'], { stdio: ['pipe', 'pipe', 'ignore'] }).toString().trim()
-      },
-      keypair: (publicKey) => {
-        const args = ['keypair']
-        if (publicKey) {
-          args.push(publicKey)
-        }
-        const output = childProcess.execFileSync(binary, args, { stdio: ['pipe', 'pipe', 'ignore'] }).toString().trim()
-        const parsed = JSON.parse(output.toString())
-        return parsed
-      },
-      observe: (encoded) => {
-        try {
-          const subprocess = childProcess.spawn(binary, ['observe', encoded], {
-            stdio: 'ignore',
-            detached: true
-          })
-
-          subprocess.unref() // let it run independently
-        } catch (e) {
-          // noop
-        }
-      }
-    }
+  async _resolveBinary () {
+    if (this._binaryPromise) return this._binaryPromise
+
+    this._binaryPromise = (async () => {
+      const npmBin = path.resolve(process.cwd(), 'node_modules/.bin/dotenvx-ops')
+      try {
+        await this._exec(npmBin, ['--version'])
+        return npmBin
+      } catch (_e) {}
+
+      try {
+        await this._exec('dotenvx-ops', ['--version'])
+        return 'dotenvx-ops'
+      } catch (_e) {}
+
+      return null
+    })()
+
+    return this._binaryPromise
+  }
+
+  _resolveBinarySync () {
+    if (this._binarySync !== undefined) return this._binarySync
+
+    const npmBin = path.resolve(process.cwd(), 'node_modules/.bin/dotenvx-ops')
+    try {
+      this._execSync(npmBin, ['--version'])
+      this._binarySync = npmBin
+      return this._binarySync
+    } catch (_e) {}
+
+    try {
+      this._execSync('dotenvx-ops', ['--version'])
+      this._binarySync = 'dotenvx-ops'
+      return this._binarySync
+    } catch (_e) {}
+
+    this._binarySync = null
+    return null
   }
 
   _isForcedOff () {
-    return process.env.DOTENVX_OPS_OFF === 'true'
+    return process.env.DOTENVX_NO_OPS === 'true'
   }
 }
 

package/src/lib/helpers/catchAndLog.js

@@ -1,7 +1,7 @@
 const { logger } = require('./../../shared/logger')
 
 function catchAndLog (error) {
-  logger.error(error.messageWithHelp)
+  logger.error(error.messageWithHelp || error.message)
   if (error.debug) {
     logger.debug(error.debug)
   }

package/src/lib/helpers/createSpinner.js

@@ -0,0 +1,24 @@
+const FRAMES = ['◇', '⬖', '◆', '⬗']
+const FRAME_INTERVAL_MS = 80
+
+async function createSpinner (options = {}) {
+  const stream = process.stderr
+  const hasCursorControls = typeof stream.cursorTo === 'function' && typeof stream.clearLine === 'function'
+  const enabled = Boolean(stream.isTTY && hasCursorControls && !options.quiet && !options.verbose && !options.debug)
+  if (!enabled) return null
+
+  const text = options.text || 'thinking'
+  const frames = options.frames || FRAMES
+
+  const { default: yoctoSpinner } = await import('yocto-spinner')
+  return yoctoSpinner({
+    text,
+    spinner: {
+      frames,
+      interval: FRAME_INTERVAL_MS
+    },
+    stream
+  }).start()
+}
+
+module.exports = createSpinner

package/src/lib/helpers/cryptography/index.js

@@ -1,11 +1,15 @@
 module.exports = {
   opsKeypair: require('./opsKeypair'),
+  opsKeypairSync: require('./opsKeypairSync'),
   localKeypair: require('./localKeypair'),
   encryptValue: require('./encryptValue'),
   decryptKeyValue: require('./decryptKeyValue'),
   isEncrypted: require('./isEncrypted'),
   isPublicKey: require('./isPublicKey'),
+  mutateKeysSrc: require('./mutateKeysSrc'),
+  mutateKeysSrcSync: require('./mutateKeysSrcSync'),
   provision: require('./provision'),
+  provisionSync: require('./provisionSync'),
   provisionWithPrivateKey: require('./provisionWithPrivateKey'),
   mutateSrc: require('./mutateSrc'),
 

package/src/lib/helpers/cryptography/mutateKeysSrc.js

@@ -9,7 +9,7 @@ const FIRST_TIME_KEYS_SRC = [
 const path = require('path')
 const fsx = require('./../fsx')
 
-function mutateKeysSrc ({ envFilepath, keysFilepath, privateKeyName, privateKeyValue }) {
+async function mutateKeysSrc ({ envFilepath, keysFilepath, privateKeyName, privateKeyValue }) {
   const filename = path.basename(envFilepath)
   const filepath = path.resolve(envFilepath)
   let resolvedKeysFilepath = path.join(path.dirname(filepath), '.env.keys')
@@ -19,13 +19,13 @@ function mutateKeysSrc ({ envFilepath, keysFilepath, privateKeyName, privateKeyV
   const appendPrivateKey = [`# ${filename}`, `${privateKeyName}=${privateKeyValue}`, ''].join('\n')
 
   let keysSrc = ''
-  if (fsx.existsSync(resolvedKeysFilepath)) {
-    keysSrc = fsx.readFileX(resolvedKeysFilepath)
+  if (await fsx.exists(resolvedKeysFilepath)) {
+    keysSrc = await fsx.readFileX(resolvedKeysFilepath)
   }
   keysSrc = keysSrc.length > 1 ? keysSrc : `${FIRST_TIME_KEYS_SRC}\n`
   keysSrc = `${keysSrc}\n${appendPrivateKey}`
 
-  fsx.writeFileX(resolvedKeysFilepath, keysSrc) // TODO: don't write if ops
+  await fsx.writeFileX(resolvedKeysFilepath, keysSrc) // TODO: don't write if ops
 
   const envKeysFilepath = keysFilepath || path.join(path.dirname(envFilepath), path.basename(resolvedKeysFilepath))
 

package/src/lib/helpers/cryptography/mutateKeysSrcSync.js

@@ -0,0 +1,38 @@
+const FIRST_TIME_KEYS_SRC = [
+  '#/------------------!DOTENV_PRIVATE_KEYS!-------------------/',
+  '#/ private decryption keys. DO NOT commit to source control /',
+  '#/     [how it works](https://dotenvx.com/encryption)       /',
+  // '#/           backup with: `dotenvx ops backup`              /',
+  '#/----------------------------------------------------------/'
+].join('\n')
+
+const path = require('path')
+const fsx = require('./../fsx')
+
+function mutateKeysSrcSync ({ envFilepath, keysFilepath, privateKeyName, privateKeyValue }) {
+  const filename = path.basename(envFilepath)
+  const filepath = path.resolve(envFilepath)
+  let resolvedKeysFilepath = path.join(path.dirname(filepath), '.env.keys')
+  if (keysFilepath) {
+    resolvedKeysFilepath = path.resolve(keysFilepath)
+  }
+  const appendPrivateKey = [`# ${filename}`, `${privateKeyName}=${privateKeyValue}`, ''].join('\n')
+
+  let keysSrc = ''
+  if (fsx.existsSync(resolvedKeysFilepath)) {
+    keysSrc = fsx.readFileXSync(resolvedKeysFilepath)
+  }
+  keysSrc = keysSrc.length > 1 ? keysSrc : `${FIRST_TIME_KEYS_SRC}\n`
+  keysSrc = `${keysSrc}\n${appendPrivateKey}`
+
+  fsx.writeFileXSync(resolvedKeysFilepath, keysSrc) // TODO: don't write if ops
+
+  const envKeysFilepath = keysFilepath || path.join(path.dirname(envFilepath), path.basename(resolvedKeysFilepath))
+
+  return {
+    keysSrc,
+    envKeysFilepath
+  }
+}
+
+module.exports = mutateKeysSrcSync

package/src/lib/helpers/cryptography/opsKeypair.js

@@ -1,7 +1,7 @@
 const Ops = require('../../extensions/ops')
 
-function opsKeypair (existingPublicKey) {
-  const kp = new Ops().keypair(existingPublicKey)
+async function opsKeypair (existingPublicKey) {
+  const kp = await new Ops().keypair(existingPublicKey)
   const publicKey = kp.public_key
   const privateKey = kp.private_key
 

package/src/lib/helpers/cryptography/opsKeypairSync.js

@@ -0,0 +1,14 @@
+const Ops = require('../../extensions/ops')
+
+function opsKeypairSync (existingPublicKey) {
+  const kp = new Ops().keypairSync(existingPublicKey)
+  const publicKey = kp.public_key
+  const privateKey = kp.private_key
+
+  return {
+    publicKey,
+    privateKey
+  }
+}
+
+module.exports = opsKeypairSync

package/src/lib/helpers/cryptography/provision.js

@@ -4,8 +4,8 @@ const opsKeypair = require('./opsKeypair')
 const localKeypair = require('./localKeypair')
 const { keyNames } = require('../keyResolution')
 
-function provision ({ envSrc, envFilepath, keysFilepath, opsOn }) {
-  opsOn = opsOn === true
+async function provision ({ envSrc, envFilepath, keysFilepath, noOps }) {
+  noOps = noOps !== false
   const { publicKeyName, privateKeyName } = keyNames(envFilepath)
 
   let publicKey
@@ -14,12 +14,12 @@ function provision ({ envSrc, envFilepath, keysFilepath, opsOn }) {
   let envKeysFilepath
   let privateKeyAdded = false
 
-  if (opsOn) {
-    const kp = opsKeypair()
+  if (noOps) {
+    const kp = localKeypair()
     publicKey = kp.publicKey
     privateKey = kp.privateKey
   } else {
-    const kp = localKeypair()
+    const kp = await opsKeypair()
     publicKey = kp.publicKey
     privateKey = kp.privateKey
   }
@@ -27,8 +27,8 @@ function provision ({ envSrc, envFilepath, keysFilepath, opsOn }) {
   const mutated = mutateSrc({ envSrc, envFilepath, keysFilepath, publicKeyName, publicKeyValue: publicKey })
   envSrc = mutated.envSrc
 
-  if (!opsOn) {
-    const mutated = mutateKeysSrc({ envFilepath, keysFilepath, privateKeyName, privateKeyValue: privateKey })
+  if (noOps) {
+    const mutated = await mutateKeysSrc({ envFilepath, keysFilepath, privateKeyName, privateKeyValue: privateKey })
     keysSrc = mutated.keysSrc
     envKeysFilepath = mutated.envKeysFilepath
     privateKeyAdded = true

package/src/lib/helpers/cryptography/provisionSync.js

@@ -0,0 +1,47 @@
+const mutateSrc = require('./mutateSrc')
+const mutateKeysSrcSync = require('./mutateKeysSrcSync')
+const opsKeypairSync = require('./opsKeypairSync')
+const localKeypair = require('./localKeypair')
+const { keyNames } = require('../keyResolution')
+
+function provisionSync ({ envSrc, envFilepath, keysFilepath, noOps }) {
+  noOps = noOps !== false
+  const { publicKeyName, privateKeyName } = keyNames(envFilepath)
+
+  let publicKey
+  let privateKey
+  let keysSrc
+  let envKeysFilepath
+  let privateKeyAdded = false
+
+  if (noOps) {
+    const kp = localKeypair()
+    publicKey = kp.publicKey
+    privateKey = kp.privateKey
+  } else {
+    const kp = opsKeypairSync()
+    publicKey = kp.publicKey
+    privateKey = kp.privateKey
+  }
+
+  const mutated = mutateSrc({ envSrc, envFilepath, keysFilepath, publicKeyName, publicKeyValue: publicKey })
+  envSrc = mutated.envSrc
+
+  if (noOps) {
+    const mutated = mutateKeysSrcSync({ envFilepath, keysFilepath, privateKeyName, privateKeyValue: privateKey })
+    keysSrc = mutated.keysSrc
+    envKeysFilepath = mutated.envKeysFilepath
+    privateKeyAdded = true
+  }
+
+  return {
+    envSrc,
+    keysSrc,
+    publicKey,
+    privateKey,
+    privateKeyAdded,
+    envKeysFilepath
+  }
+}
+
+module.exports = provisionSync

package/src/lib/helpers/cryptography/provisionWithPrivateKey.js

@@ -3,7 +3,7 @@ const mutateSrc = require('./mutateSrc')
 const localKeypair = require('./localKeypair')
 
 function provisionWithPrivateKey ({ envSrc, envFilepath, keysFilepath, privateKeyValue, publicKeyValue, publicKeyName }) {
-  const { publicKey, privateKey } = localKeypair(privateKeyValue) // opsOn doesn't matter here since privateKeyValue was already discovered prior (via ops and local) and passed as privateKeyValue
+  const { publicKey, privateKey } = localKeypair(privateKeyValue) // noOps doesn't matter here since privateKeyValue was already discovered prior (via ops and local) and passed as privateKeyValue
 
   // if derivation doesn't match what's in the file (or preset in env)
   if (publicKeyValue && publicKeyValue !== publicKey) {

package/src/lib/helpers/detectEncoding.js

@@ -1,7 +1,7 @@
 const fs = require('fs')
 
-function detectEncoding (filepath) {
-  const buffer = fs.readFileSync(filepath)
+async function detectEncoding (filepath) {
+  const buffer = await fs.promises.readFile(filepath)
 
   // check for UTF-16LE BOM (Byte Order Mark)
   if (buffer.length >= 2 && buffer[0] === 0xFF && buffer[1] === 0xFE) {

package/src/lib/helpers/detectEncodingSync.js

@@ -0,0 +1,22 @@
+const fs = require('fs')
+
+function detectEncodingSync (filepath) {
+  const buffer = fs.readFileSync(filepath)
+
+  // check for UTF-16LE BOM (Byte Order Mark)
+  if (buffer.length >= 2 && buffer[0] === 0xFF && buffer[1] === 0xFE) {
+    return 'utf16le'
+  }
+
+  /* c8 ignore start */
+  // check for UTF-8 BOM
+  if (buffer.length >= 3 && buffer[0] === 0xEF && buffer[1] === 0xBB && buffer[2] === 0xBF) {
+    return 'utf8'
+  }
+
+  /* c8 ignore stop */
+
+  return 'utf8'
+}
+
+module.exports = detectEncodingSync