@dotenvx/dotenvx 1.59.1 → 1.60.1

package/src/lib/services/encrypt.js

@@ -29,12 +29,12 @@ const detectEncoding = require('./../helpers/detectEncoding')
 const SAMPLE_ENV_KIT = require('./../helpers/kits/sample')
 
 class Encrypt {
-  constructor (envs = [], key = [], excludeKey = [], envKeysFilepath = null, opsOn = false, noCreate = false) {
+  constructor (envs = [], key = [], excludeKey = [], envKeysFilepath = null, noOps = false, noCreate = false) {
     this.envs = determine(envs, process.env)
     this.key = key
     this.excludeKey = excludeKey
     this.envKeysFilepath = envKeysFilepath
-    this.opsOn = opsOn
+    this.noOps = noOps
     this.noCreate = noCreate
 
     this.processedEnvs = []
@@ -42,7 +42,7 @@ class Encrypt {
     this.unchangedFilepaths = new Set()
   }
 
-  run () {
+  async run () {
     // example
     // envs [
     //   { type: 'envFile', value: '.env' }
@@ -56,7 +56,7 @@ class Encrypt {
 
     for (const env of this.envs) {
       if (env.type === TYPE_ENV_FILE) {
-        this._encryptEnvFile(env.value)
+        await this._encryptEnvFile(env.value)
       }
     }
 
@@ -67,10 +67,11 @@ class Encrypt {
     }
   }
 
-  _encryptEnvFile (envFilepath) {
+  async _encryptEnvFile (envFilepath) {
     const row = {}
     row.keys = []
     row.type = TYPE_ENV_FILE
+    let fileCreated = false
 
     const filepath = path.resolve(envFilepath)
     row.filepath = filepath
@@ -79,14 +80,16 @@ class Encrypt {
     try {
       // if noCreate is on then detectEncoding will throw and we'll halt the calls
       // but if noCreate is false then create the file if it doesn't exist
-      if (!fsx.existsSync(filepath) && !this.noCreate) {
-        fsx.writeFileX(filepath, SAMPLE_ENV_KIT)
+      if (!(await fsx.exists(filepath)) && !this.noCreate) {
+        await fsx.writeFileX(filepath, SAMPLE_ENV_KIT)
+        fileCreated = true
       }
-      const encoding = detectEncoding(filepath)
-      let envSrc = fsx.readFileX(filepath, { encoding })
+      const encoding = await detectEncoding(filepath)
+      let envSrc = await fsx.readFileX(filepath, { encoding })
       if (envSrc.trim().length === 0) {
         envSrc = SAMPLE_ENV_KIT
         row.kitCreated = 'sample'
+        row.changed = true
       }
       const envParsed = dotenvParse(envSrc)
 
@@ -94,15 +97,16 @@ class Encrypt {
       let privateKey
 
       const { publicKeyName, privateKeyName } = keyNames(envFilepath)
-      const { publicKeyValue, privateKeyValue } = keyValues(envFilepath, { keysFilepath: this.envKeysFilepath, opsOn: this.opsOn })
+      const { publicKeyValue, privateKeyValue } = await keyValues(envFilepath, { keysFilepath: this.envKeysFilepath, noOps: this.noOps })
 
       // first pass - provision
       if (!privateKeyValue && !publicKeyValue) {
-        const prov = provision({ envSrc, envFilepath, keysFilepath: this.envKeysFilepath, opsOn: this.opsOn })
+        const prov = await provision({ envSrc, envFilepath, keysFilepath: this.envKeysFilepath, noOps: this.noOps })
         envSrc = prov.envSrc
         publicKey = prov.publicKey
         privateKey = prov.privateKey
-        row.privateKeyAdded = prov.privateKeyAdded
+        row.localPrivateKeyAdded = prov.localPrivateKeyAdded
+        row.remotePrivateKeyAdded = prov.remotePrivateKeyAdded
         row.envKeysFilepath = prov.envKeysFilepath
       } else if (privateKeyValue) {
         const prov = provisionWithPrivateKey({ envSrc, envFilepath, keysFilepath: this.envKeysFilepath, privateKeyValue, publicKeyValue, publicKeyName })
@@ -148,6 +152,9 @@ class Encrypt {
       }
 
       row.envSrc = envSrc
+      if (fileCreated) {
+        row.changed = true
+      }
       if (row.changed) {
         this.changedFilepaths.add(envFilepath)
       } else {

package/src/lib/services/genexample.js

@@ -39,7 +39,7 @@ class Genexample {
       }
 
       // get the original src
-      let src = fsx.readFileX(filepath)
+      let src = fsx.readFileXSync(filepath)
       const parsed = dotenvParse(src)
       for (const key in parsed) {
         // used later
@@ -63,7 +63,7 @@ class Genexample {
       }
     } else {
       // it already exists (which means the user might have it modified a way in which they prefer, so replace exampleSrc with their existing .env.example)
-      exampleSrc = fsx.readFileX(this.exampleFilepath)
+      exampleSrc = fsx.readFileXSync(this.exampleFilepath)
 
       const parsed = dotenvParse(exampleSrc)
       for (const key of [...keys]) {

package/src/lib/services/get.js

@@ -2,19 +2,28 @@ const Run = require('./run')
 const Errors = require('./../helpers/errors')
 
 class Get {
-  constructor (key, envs = [], overload = false, all = false, envKeysFilepath = null, opsOn = true) {
+  constructor (key, envs = [], overload = false, all = false, envKeysFilepath = null, noOps = false) {
     this.key = key
     this.envs = envs
     this.overload = overload
     this.all = all
     this.envKeysFilepath = envKeysFilepath
-    this.opsOn = opsOn
+    this.noOps = noOps
   }
 
-  run () {
+  runSync () {
     const processEnv = { ...process.env }
-    const { processedEnvs } = new Run(this.envs, this.overload, processEnv, this.envKeysFilepath, this.opsOn).run()
+    const { processedEnvs } = new Run(this.envs, this.overload, processEnv, this.envKeysFilepath, this.noOps).runSync()
+    return this._result(processedEnvs, processEnv)
+  }
+
+  async run () {
+    const processEnv = { ...process.env }
+    const { processedEnvs } = await new Run(this.envs, this.overload, processEnv, this.envKeysFilepath, this.noOps).run()
+    return this._result(processedEnvs, processEnv)
+  }
 
+  _result (processedEnvs, processEnv) {
     const errors = []
     for (const processedEnv of processedEnvs) {
       for (const error of processedEnv.errors) {
@@ -32,27 +41,27 @@ class Get {
       }
 
       return { parsed, errors }
-    } else {
-      // if user wants to return ALL envs (even prior set on machine)
-      if (this.all) {
-        return { parsed: processEnv, errors }
-      }
+    }
 
-      // typical scenario - return only envs that were identified in the .env file
-      // iterate over all processedEnvs.parsed and grab from processEnv
-      /** @type {Record<string, string>} */
-      const parsed = {}
-      for (const processedEnv of processedEnvs) {
-        // parsed means we saw the key in a file or --env flag. this effectively filters out any preset machine envs - while still respecting complex evaluating, expansion, and overload. in other words, the value might be the machine value because the key was displayed in a .env file
-        if (processedEnv.parsed) {
-          for (const key of Object.keys(processedEnv.parsed)) {
-            parsed[key] = processEnv[key]
-          }
+    // if user wants to return ALL envs (even prior set on machine)
+    if (this.all) {
+      return { parsed: processEnv, errors }
+    }
+
+    // typical scenario - return only envs that were identified in the .env file
+    // iterate over all processedEnvs.parsed and grab from processEnv
+    /** @type {Record<string, string>} */
+    const parsed = {}
+    for (const processedEnv of processedEnvs) {
+      // parsed means we saw the key in a file or --env flag. this effectively filters out any preset machine envs - while still respecting complex evaluating, expansion, and overload. in other words, the value might be the machine value because the key was displayed in a .env file
+      if (processedEnv.parsed) {
+        for (const key of Object.keys(processedEnv.parsed)) {
+          parsed[key] = processEnv[key]
         }
       }
-
-      return { parsed, errors }
     }
+
+    return { parsed, errors }
   }
 }
 

package/src/lib/services/keypair.js

@@ -1,22 +1,38 @@
 const {
   keyNames,
-  keyValues
+  keyValues,
+  keyValuesSync
 } = require('./../helpers/keyResolution')
 
 class Keypair {
-  constructor (envFile = '.env', envKeysFilepath = null, opsOn = false) {
+  constructor (envFile = '.env', envKeysFilepath = null, noOps = false) {
     this.envFile = envFile
     this.envKeysFilepath = envKeysFilepath
-    this.opsOn = opsOn
+    this.noOps = noOps
   }
 
-  run () {
+  runSync () {
     const out = {}
 
     const filepaths = this._filepaths()
     for (const filepath of filepaths) {
       const { publicKeyName, privateKeyName } = keyNames(filepath)
-      const { publicKeyValue, privateKeyValue } = keyValues(filepath, { keysFilepath: this.envKeysFilepath, opsOn: this.opsOn })
+      const { publicKeyValue, privateKeyValue } = keyValuesSync(filepath, { keysFilepath: this.envKeysFilepath, noOps: this.noOps })
+
+      out[publicKeyName] = publicKeyValue
+      out[privateKeyName] = privateKeyValue
+    }
+
+    return out
+  }
+
+  async run () {
+    const out = {}
+
+    const filepaths = this._filepaths()
+    for (const filepath of filepaths) {
+      const { publicKeyName, privateKeyName } = keyNames(filepath)
+      const { publicKeyValue, privateKeyValue } = await keyValues(filepath, { keysFilepath: this.envKeysFilepath, noOps: this.noOps })
 
       out[publicKeyName] = publicKeyValue
       out[privateKeyName] = privateKeyValue

package/src/lib/services/prebuild.js

@@ -7,7 +7,6 @@ const Ls = require('../services/ls')
 const Errors = require('../helpers/errors')
 
 const isFullyEncrypted = require('./../helpers/isFullyEncrypted')
-const packageJson = require('./../helpers/packageJson')
 const MISSING_DOCKERIGNORE = '.env.keys' // by default only ignore .env.keys. all other .env* files COULD be included - as long as they are encrypted
 
 class Prebuild {
@@ -26,12 +25,12 @@ class Prebuild {
     // 1. check for .dockerignore file
     if (!fsx.existsSync('.dockerignore')) {
       const warning = new Errors({
-        message: `[dotenvx@${packageJson.version}][prebuild] .dockerignore missing`,
+        message: '.dockerignore missing',
         help: 'fix: [touch .dockerignore]'
       }).custom()
       warnings.push(warning)
     } else {
-      dockerignore = fsx.readFileX('.dockerignore')
+      dockerignore = fsx.readFileXSync('.dockerignore')
     }
 
     // 2. check .env* files against .dockerignore file
@@ -47,22 +46,22 @@ class Prebuild {
       if (ig.ignores(file)) {
         if (file === '.env.example' || file === '.env.x') {
           const warning = new Errors({
-            message: `[dotenvx@${packageJson.version}][prebuild] ${file} (currently ignored but should not be)`,
+            message: `${file} ignored (should not be)`,
             help: `fix: [dotenvx ext gitignore --pattern !${file}]`
           }).custom()
           warnings.push(warning)
         }
       } else {
         if (file !== '.env.example' && file !== '.env.x') {
-          const src = fsx.readFileX(file)
+          const src = fsx.readFileXSync(file)
           const encrypted = isFullyEncrypted(src)
 
           // if contents are encrypted don't raise an error
           if (!encrypted) {
-            let errorMsg = `[dotenvx@${packageJson.version}][prebuild] ${file} not protected (encrypted or dockerignored)`
+            let errorMsg = `${file} not encrypted/dockerignored`
             let errorHelp = `fix: [dotenvx encrypt -f ${file}] or [dotenvx ext gitignore --pattern ${file}]`
             if (file.includes('.env.keys')) {
-              errorMsg = `[dotenvx@${packageJson.version}][prebuild] ${file} not protected (dockerignored)`
+              errorMsg = `${file} not dockerignored`
               errorHelp = `fix: [dotenvx ext gitignore --pattern ${file}]`
             }
 
@@ -72,11 +71,7 @@ class Prebuild {
       }
     })
 
-    let successMessage = `[dotenvx@${packageJson.version}][prebuild] .env files (${count}) protected (encrypted or dockerignored)`
-
-    if (count === 0) {
-      successMessage = `[dotenvx@${packageJson.version}][prebuild] zero .env files`
-    }
+    let successMessage = count === 0 ? '▣ no .env files' : `▣ encrypted/dockerignored (${count})`
     if (warnings.length > 0) {
       successMessage += ` with warnings (${warnings.length})`
     }

package/src/lib/services/precommit.js

@@ -6,7 +6,6 @@ const ignore = require('ignore')
 const Ls = require('../services/ls')
 
 const isFullyEncrypted = require('./../helpers/isFullyEncrypted')
-const packageJson = require('./../helpers/packageJson')
 const InstallPrecommitHook = require('./../helpers/installPrecommitHook')
 const Errors = require('./../helpers/errors')
 const childProcess = require('child_process')
@@ -39,12 +38,12 @@ class Precommit {
       // 1. check for .gitignore file
       if (!fsx.existsSync('.gitignore')) {
         const warning = new Errors({
-          message: `[dotenvx@${packageJson.version}][precommit] .gitignore missing`,
+          message: '.gitignore missing',
           help: 'fix: [touch .gitignore]'
         }).custom()
         warnings.push(warning)
       } else {
-        gitignore = fsx.readFileX('.gitignore')
+        gitignore = fsx.readFileXSync('.gitignore')
       }
 
       // 2. check .env* files against .gitignore file
@@ -63,22 +62,22 @@ class Precommit {
           if (ig.ignores(file)) {
             if (file === '.env.example' || file === '.env.x') {
               const warning = new Errors({
-                message: `[dotenvx@${packageJson.version}][precommit] ${file} (currently ignored but should not be)`,
+                message: `${file} ignored (should not be)`,
                 help: `fix: [dotenvx ext gitignore --pattern !${file}]`
               }).custom()
               warnings.push(warning)
             }
           } else {
             if (file !== '.env.example' && file !== '.env.x') {
-              const src = fsx.readFileX(file)
+              const src = fsx.readFileXSync(file)
               const encrypted = isFullyEncrypted(src)
 
               // if contents are encrypted don't raise an error
               if (!encrypted) {
-                let errorMsg = `[dotenvx@${packageJson.version}][precommit] ${file} not protected (encrypted or gitignored)`
+                let errorMsg = `${file} not encrypted/gitignored`
                 let errorHelp = `fix: [dotenvx encrypt -f ${file}] or [dotenvx ext gitignore --pattern ${file}]`
                 if (file.includes('.env.keys')) {
-                  errorMsg = `[dotenvx@${packageJson.version}][precommit] ${file} not protected (gitignored)`
+                  errorMsg = `${file} not gitignored`
                   errorHelp = `fix: [dotenvx ext gitignore --pattern ${file}]`
                 }
 
@@ -89,10 +88,7 @@ class Precommit {
         }
       })
 
-      let successMessage = `[dotenvx@${packageJson.version}][precommit] .env files (${count}) protected (encrypted or gitignored)`
-      if (count === 0) {
-        successMessage = `[dotenvx@${packageJson.version}][precommit] zero .env files`
-      }
+      let successMessage = count === 0 ? '▣ no .env files' : `▣ encrypted/gitignored (${count})`
       if (warnings.length > 0) {
         successMessage += ` with warnings (${warnings.length})`
       }

package/src/lib/services/rotate.js

@@ -29,12 +29,12 @@ const dotenvParse = require('./../helpers/dotenvParse')
 const detectEncoding = require('./../helpers/detectEncoding')
 
 class Rotate {
-  constructor (envs = [], key = [], excludeKey = [], envKeysFilepath = null, opsOn = false) {
+  constructor (envs = [], key = [], excludeKey = [], envKeysFilepath = null, noOps = false) {
     this.envs = determine(envs, process.env)
     this.key = key
     this.excludeKey = excludeKey
     this.envKeysFilepath = envKeysFilepath
-    this.opsOn = opsOn
+    this.noOps = noOps
 
     this.processedEnvs = []
     this.changedFilepaths = new Set()
@@ -43,7 +43,7 @@ class Rotate {
     this.envKeysSources = {}
   }
 
-  run () {
+  async run () {
     // example
     // envs [
     //   { type: 'envFile', value: '.env' }
@@ -57,7 +57,7 @@ class Rotate {
 
     for (const env of this.envs) {
       if (env.type === TYPE_ENV_FILE) {
-        this._rotateEnvFile(env.value)
+        await this._rotateEnvFile(env.value)
       }
     }
 
@@ -68,7 +68,7 @@ class Rotate {
     }
   }
 
-  _rotateEnvFile (envFilepath) {
+  async _rotateEnvFile (envFilepath) {
     const row = {}
     row.keys = []
     row.type = TYPE_ENV_FILE
@@ -78,38 +78,38 @@ class Rotate {
     row.envFilepath = envFilepath
 
     try {
-      const encoding = detectEncoding(filepath)
-      let envSrc = fsx.readFileX(filepath, { encoding })
+      const encoding = await detectEncoding(filepath)
+      let envSrc = await fsx.readFileX(filepath, { encoding })
       const envParsed = dotenvParse(envSrc)
 
       const { publicKeyName, privateKeyName } = keyNames(envFilepath)
-      const { privateKeyValue } = keyValues(envFilepath, { keysFilepath: this.envKeysFilepath, opsOn: this.opsOn })
+      const { privateKeyValue } = await keyValues(envFilepath, { keysFilepath: this.envKeysFilepath, noOps: this.noOps })
 
       let newPublicKey
       let newPrivateKey
       let envKeysFilepath
       let envKeysSrc
 
-      if (this.opsOn) {
-        const kp = opsKeypair()
+      if (!this.noOps) {
+        const kp = await opsKeypair()
         newPublicKey = kp.publicKey
         newPrivateKey = kp.privateKey
 
-        row.privateKeyAdded = false // TODO: change to localPrivateKeyAdded
+        row.localPrivateKeyAdded = false
+        row.remotePrivateKeyAdded = true
       } else {
-        envKeysFilepath = path.join(path.dirname(filepath), '.env.keys')
-        if (this.envKeysFilepath) {
-          envKeysFilepath = path.resolve(this.envKeysFilepath)
-        }
-        row.envKeysFilepath = envKeysFilepath
-        this.envKeysSources[envKeysFilepath] ||= fsx.readFileX(envKeysFilepath, { encoding: detectEncoding(envKeysFilepath) })
+        row.envKeysFilepath = this.envKeysFilepath || path.join(path.dirname(envFilepath), '.env.keys')
+        envKeysFilepath = path.resolve(row.envKeysFilepath)
+        const encodingForKeys = await detectEncoding(envKeysFilepath)
+        this.envKeysSources[envKeysFilepath] ||= await fsx.readFileX(envKeysFilepath, { encoding: encodingForKeys })
         envKeysSrc = this.envKeysSources[envKeysFilepath]
 
         const kp = localKeypair()
         newPublicKey = kp.publicKey
         newPrivateKey = kp.privateKey
 
-        row.privateKeyAdded = true
+        row.localPrivateKeyAdded = true
+        row.remotePrivateKeyAdded = false
       }
 
       // .env
@@ -145,7 +145,7 @@ class Rotate {
       row.privateKeyName = privateKeyName
       row.privateKey = newPrivateKey
 
-      if (!this.opsOn) {
+      if (this.noOps) {
         // keys src only for ops
         envKeysSrc = append(envKeysSrc, privateKeyName, newPrivateKey) // append privateKey
         this.envKeysSources[envKeysFilepath] = envKeysSrc
@@ -155,7 +155,13 @@ class Rotate {
       this.changedFilepaths.add(envFilepath)
     } catch (e) {
       if (e.code === 'ENOENT') {
-        row.error = new Errors({ envFilepath, filepath }).missingEnvFile()
+        const missingPath = e.path ? path.resolve(e.path) : null
+        const expectedEnvKeysPath = row.envKeysFilepath ? path.resolve(row.envKeysFilepath) : null
+        if (this.noOps && expectedEnvKeysPath && missingPath === expectedEnvKeysPath) {
+          row.error = new Errors({ envKeysFilepath: row.envKeysFilepath }).missingEnvKeysFile()
+        } else {
+          row.error = new Errors({ envFilepath, filepath }).missingEnvFile()
+        }
       } else {
         row.error = e
       }

package/src/lib/services/run.js

@@ -7,10 +7,12 @@ const TYPE_ENV_FILE = 'envFile'
 const Parse = require('./../helpers/parse')
 const Errors = require('./../helpers/errors')
 const detectEncoding = require('./../helpers/detectEncoding')
+const detectEncodingSync = require('./../helpers/detectEncodingSync')
 
 const {
   keyNames,
-  keyValues
+  keyValues,
+  keyValuesSync
 } = require('./../helpers/keyResolution')
 
 const {
@@ -18,12 +20,12 @@ const {
 } = require('./../helpers/envResolution')
 
 class Run {
-  constructor (envs = [], overload = false, processEnv = process.env, envKeysFilepath = null, opsOn = false) {
+  constructor (envs = [], overload = false, processEnv = process.env, envKeysFilepath = null, noOps = false) {
     this.envs = determine(envs, processEnv)
     this.overload = overload
     this.processEnv = processEnv
     this.envKeysFilepath = envKeysFilepath
-    this.opsOn = opsOn
+    this.noOps = noOps
 
     this.processedEnvs = []
     this.readableFilepaths = new Set()
@@ -32,7 +34,7 @@ class Run {
     this.beforeEnv = { ...this.processEnv }
   }
 
-  run () {
+  runSync () {
     // example
     // envs [
     //   { type: 'env', value: 'HELLO=one' },
@@ -42,7 +44,33 @@ class Run {
 
     for (const env of this.envs) {
       if (env.type === TYPE_ENV_FILE) {
-        this._injectEnvFile(env.value)
+        this._injectEnvFileSync(env.value)
+      } else if (env.type === TYPE_ENV) {
+        this._injectEnv(env.value)
+      }
+    }
+
+    return {
+      processedEnvs: this.processedEnvs,
+      readableStrings: [...this.readableStrings],
+      readableFilepaths: [...this.readableFilepaths],
+      uniqueInjectedKeys: [...this.uniqueInjectedKeys],
+      beforeEnv: this.beforeEnv,
+      afterEnv: { ...this.processEnv }
+    }
+  }
+
+  async run () {
+    // example
+    // envs [
+    //   { type: 'env', value: 'HELLO=one' },
+    //   { type: 'envFile', value: '.env' },
+    //   { type: 'env', value: 'HELLO=three' }
+    // ]
+
+    for (const env of this.envs) {
+      if (env.type === TYPE_ENV_FILE) {
+        await this._injectEnvFile(env.value)
       } else if (env.type === TYPE_ENV) {
         this._injectEnv(env.value)
       }
@@ -90,19 +118,64 @@ class Run {
     this.processedEnvs.push(row)
   }
 
-  _injectEnvFile (envFilepath) {
+  _injectEnvFileSync (envFilepath) {
+    const row = {}
+    row.type = TYPE_ENV_FILE
+    row.filepath = envFilepath
+
+    const filepath = path.resolve(envFilepath)
+    try {
+      const encoding = detectEncodingSync(filepath)
+      const src = fsx.readFileXSync(filepath, { encoding })
+      this.readableFilepaths.add(envFilepath)
+
+      const { privateKeyName } = keyNames(filepath)
+      const { privateKeyValue } = keyValuesSync(filepath, { keysFilepath: this.envKeysFilepath, noOps: this.noOps })
+
+      const {
+        parsed,
+        errors,
+        injected,
+        preExisted
+      } = new Parse(src, privateKeyValue, this.processEnv, this.overload, privateKeyName).run()
+
+      row.privateKeyName = privateKeyName
+      row.privateKey = privateKeyValue
+      row.src = src
+      row.parsed = parsed
+      row.errors = errors
+      row.injected = injected
+      row.preExisted = preExisted
+
+      this.inject(row.parsed) // inject
+
+      for (const key of Object.keys(injected)) {
+        this.uniqueInjectedKeys.add(key) // track uniqueInjectedKeys across multiple files
+      }
+    } catch (e) {
+      if (e.code === 'ENOENT' || e.code === 'EISDIR') {
+        row.errors = [new Errors({ envFilepath, filepath }).missingEnvFile()]
+      } else {
+        row.errors = [e]
+      }
+    }
+
+    this.processedEnvs.push(row)
+  }
+
+  async _injectEnvFile (envFilepath) {
     const row = {}
     row.type = TYPE_ENV_FILE
     row.filepath = envFilepath
 
     const filepath = path.resolve(envFilepath)
     try {
-      const encoding = detectEncoding(filepath)
-      const src = fsx.readFileX(filepath, { encoding })
+      const encoding = await detectEncoding(filepath)
+      const src = await fsx.readFileX(filepath, { encoding })
       this.readableFilepaths.add(envFilepath)
 
       const { privateKeyName } = keyNames(filepath)
-      const { privateKeyValue } = keyValues(filepath, { keysFilepath: this.envKeysFilepath, opsOn: this.opsOn })
+      const { privateKeyValue } = await keyValues(filepath, { keysFilepath: this.envKeysFilepath, noOps: this.noOps })
 
       const {
         parsed,