@dotenvx/next-env 2.0.2 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +172 -56
- package/package.json +2 -2
package/dist/index.cjs
CHANGED
|
@@ -5350,7 +5350,7 @@ var require_dist = __commonJS({
|
|
|
5350
5350
|
const isAEAD = algorithm === "aes-256-gcm" || algorithm === "chacha20-poly1305";
|
|
5351
5351
|
const authTagLength = isAEAD ? AEAD_TAG_LENGTH : 0;
|
|
5352
5352
|
const options = isAEAD ? { authTagLength } : void 0;
|
|
5353
|
-
const
|
|
5353
|
+
const encrypt2 = (plainText) => {
|
|
5354
5354
|
const cipher = (0, node_crypto_1.createCipheriv)(algorithm, key, nonce, options);
|
|
5355
5355
|
if (isAEAD && AAD !== void 0) {
|
|
5356
5356
|
cipher.setAAD(AAD);
|
|
@@ -5375,7 +5375,7 @@ var require_dist = __commonJS({
|
|
|
5375
5375
|
return (0, utils_1.concatBytes)(updated, finalized);
|
|
5376
5376
|
};
|
|
5377
5377
|
return {
|
|
5378
|
-
encrypt,
|
|
5378
|
+
encrypt: encrypt2,
|
|
5379
5379
|
decrypt: decrypt2
|
|
5380
5380
|
};
|
|
5381
5381
|
};
|
|
@@ -5768,13 +5768,13 @@ var require_dist = __commonJS({
|
|
|
5768
5768
|
"use strict";
|
|
5769
5769
|
Object.defineProperty(exports22, "__esModule", { value: true });
|
|
5770
5770
|
exports22.PublicKey = exports22.PrivateKey = exports22.ECIES_CONFIG = void 0;
|
|
5771
|
-
exports22.encrypt =
|
|
5771
|
+
exports22.encrypt = encrypt2;
|
|
5772
5772
|
exports22.decrypt = decrypt2;
|
|
5773
5773
|
var utils_1 = require_utils();
|
|
5774
5774
|
var config_js_1 = require_config();
|
|
5775
5775
|
var index_js_1 = require_keys();
|
|
5776
5776
|
var index_js_2 = require_utils4();
|
|
5777
|
-
function
|
|
5777
|
+
function encrypt2(receiverRawPK, data, config = config_js_1.ECIES_CONFIG) {
|
|
5778
5778
|
const curve = config.ellipticCurve;
|
|
5779
5779
|
const ephemeralSK = new index_js_1.PrivateKey(void 0, curve);
|
|
5780
5780
|
const receiverPK = receiverRawPK instanceof Uint8Array ? new index_js_1.PublicKey(receiverRawPK, curve) : index_js_1.PublicKey.fromHex(receiverRawPK, curve);
|
|
@@ -5889,6 +5889,9 @@ var require_dist = __commonJS({
|
|
|
5889
5889
|
"src/encrypted.js"(exports22, module22) {
|
|
5890
5890
|
var PREFIX = "encrypted:";
|
|
5891
5891
|
function encrypted2(value) {
|
|
5892
|
+
if (!value) {
|
|
5893
|
+
return false;
|
|
5894
|
+
}
|
|
5892
5895
|
return value.startsWith(PREFIX);
|
|
5893
5896
|
}
|
|
5894
5897
|
module22.exports = encrypted2;
|
|
@@ -5900,8 +5903,9 @@ var require_dist = __commonJS({
|
|
|
5900
5903
|
var { decrypt: eciesDecrypt } = require_dist2();
|
|
5901
5904
|
var Errors = require_errors();
|
|
5902
5905
|
var encrypted2 = require_encrypted();
|
|
5903
|
-
function decrypt2(privateKeyHex, encryptedValue) {
|
|
5904
|
-
|
|
5906
|
+
function decrypt2(privateKeyHex, encryptedValue, options = {}) {
|
|
5907
|
+
const value = options.prefix === false ? `${encrypted2.PREFIX}${encryptedValue}` : encryptedValue;
|
|
5908
|
+
if (!encrypted2(value)) {
|
|
5905
5909
|
return encryptedValue;
|
|
5906
5910
|
}
|
|
5907
5911
|
if (!privateKeyHex || privateKeyHex.length < 1) {
|
|
@@ -5909,7 +5913,7 @@ var require_dist = __commonJS({
|
|
|
5909
5913
|
}
|
|
5910
5914
|
try {
|
|
5911
5915
|
const privateKey = Buffer.from(privateKeyHex, "hex");
|
|
5912
|
-
const ciphertext = Buffer.from(
|
|
5916
|
+
const ciphertext = Buffer.from(value.substring(encrypted2.PREFIX.length), "base64");
|
|
5913
5917
|
return Buffer.from(eciesDecrypt(privateKey, ciphertext)).toString("utf8");
|
|
5914
5918
|
} catch (e) {
|
|
5915
5919
|
if (e.message === "Invalid private key") {
|
|
@@ -5935,6 +5939,21 @@ var require_dist = __commonJS({
|
|
|
5935
5939
|
module22.exports = derive2;
|
|
5936
5940
|
}
|
|
5937
5941
|
});
|
|
5942
|
+
var require_encrypt = __commonJS2({
|
|
5943
|
+
"src/encrypt.js"(exports22, module22) {
|
|
5944
|
+
var { encrypt: eciesEncrypt } = require_dist2();
|
|
5945
|
+
var { PREFIX } = require_encrypted();
|
|
5946
|
+
function encrypt2(publicKeyHex, value, options = {}) {
|
|
5947
|
+
const ciphertext = eciesEncrypt(publicKeyHex, Buffer.from(value));
|
|
5948
|
+
const encoded = Buffer.from(ciphertext, "hex").toString("base64");
|
|
5949
|
+
if (options.prefix === false) {
|
|
5950
|
+
return encoded;
|
|
5951
|
+
}
|
|
5952
|
+
return `${PREFIX}${encoded}`;
|
|
5953
|
+
}
|
|
5954
|
+
module22.exports = encrypt2;
|
|
5955
|
+
}
|
|
5956
|
+
});
|
|
5938
5957
|
var require_evaluate = __commonJS2({
|
|
5939
5958
|
"src/evaluate.js"(exports22, module22) {
|
|
5940
5959
|
var { execSync } = require("child_process");
|
|
@@ -5942,9 +5961,9 @@ var require_dist = __commonJS({
|
|
|
5942
5961
|
function chomp(value) {
|
|
5943
5962
|
return value.replace(/[\r\n]+$/, "");
|
|
5944
5963
|
}
|
|
5945
|
-
function evaluate2(value,
|
|
5946
|
-
const processEnv2 =
|
|
5947
|
-
const runningParsed =
|
|
5964
|
+
function evaluate2(value, options) {
|
|
5965
|
+
const processEnv2 = options.processEnv || process.env;
|
|
5966
|
+
const runningParsed = options.runningParsed || {};
|
|
5948
5967
|
const matches = value.match(/\$\(([^)]+(?:\)[^(]*)*)\)/g) || [];
|
|
5949
5968
|
return matches.reduce((newValue, match) => {
|
|
5950
5969
|
const command = match.slice(2, -1);
|
|
@@ -5963,11 +5982,11 @@ var require_dist = __commonJS({
|
|
|
5963
5982
|
});
|
|
5964
5983
|
var require_expand = __commonJS2({
|
|
5965
5984
|
"src/expand.js"(exports22, module22) {
|
|
5966
|
-
function expand2(value,
|
|
5967
|
-
const overload =
|
|
5968
|
-
const processEnv2 =
|
|
5969
|
-
const runningParsed =
|
|
5970
|
-
const literals =
|
|
5985
|
+
function expand2(value, options) {
|
|
5986
|
+
const overload = options.overload;
|
|
5987
|
+
const processEnv2 = options.processEnv || process.env;
|
|
5988
|
+
const runningParsed = options.runningParsed || {};
|
|
5989
|
+
const literals = options.literals || {};
|
|
5971
5990
|
let env = { ...runningParsed, ...processEnv2 };
|
|
5972
5991
|
if (overload) {
|
|
5973
5992
|
env = { ...processEnv2, ...runningParsed };
|
|
@@ -6010,6 +6029,19 @@ var require_dist = __commonJS({
|
|
|
6010
6029
|
module22.exports = expand2;
|
|
6011
6030
|
}
|
|
6012
6031
|
});
|
|
6032
|
+
var require_keypair = __commonJS2({
|
|
6033
|
+
"src/keypair.js"(exports22, module22) {
|
|
6034
|
+
var { PrivateKey } = require_dist2();
|
|
6035
|
+
function keypair2() {
|
|
6036
|
+
const kp = new PrivateKey();
|
|
6037
|
+
return {
|
|
6038
|
+
publicKey: kp.publicKey.toHex(),
|
|
6039
|
+
privateKey: Buffer.from(kp.secret).toString("hex")
|
|
6040
|
+
};
|
|
6041
|
+
}
|
|
6042
|
+
module22.exports = keypair2;
|
|
6043
|
+
}
|
|
6044
|
+
});
|
|
6013
6045
|
var require_scan = __commonJS2({
|
|
6014
6046
|
"src/scan.js"(exports22, module22) {
|
|
6015
6047
|
function trimmer(value) {
|
|
@@ -6038,26 +6070,33 @@ var require_dist = __commonJS({
|
|
|
6038
6070
|
}
|
|
6039
6071
|
return q;
|
|
6040
6072
|
}
|
|
6041
|
-
function clean(value, quote) {
|
|
6073
|
+
function clean(value, quote, options) {
|
|
6042
6074
|
let v = trimmer(value);
|
|
6043
6075
|
v = v.replace(/^(['"`])([\s\S]*)\1$/mg, "$2");
|
|
6044
|
-
if (quote === '"') {
|
|
6076
|
+
if (quote === '"' && options.expandDoubleQuotedNewlines !== false) {
|
|
6045
6077
|
v = v.replace(/\\n/g, "\n");
|
|
6046
6078
|
v = v.replace(/\\r/g, "\r");
|
|
6047
6079
|
v = v.replace(/\\t/g, " ");
|
|
6048
6080
|
}
|
|
6049
6081
|
return v;
|
|
6050
6082
|
}
|
|
6051
|
-
function scan2(src, transform) {
|
|
6083
|
+
function scan2(src, options = {}, transform) {
|
|
6084
|
+
if (typeof options === "function") {
|
|
6085
|
+
transform = options;
|
|
6086
|
+
options = {};
|
|
6087
|
+
}
|
|
6052
6088
|
const LINE = /(?:^|^)\s*(?:export\s+)?([\w.-]+)(?:\s*=\s*?|:\s+?)(\s*'(?:\\'|[^'])*'|\s*"(?:\\"|[^"])*"|\s*`(?:\\`|[^`])*`|[^#\r\n]+)?\s*(?:#.*)?(?:$|$)/mg;
|
|
6053
6089
|
const parsed = {};
|
|
6054
|
-
|
|
6090
|
+
let lines = (src || "").toString();
|
|
6091
|
+
if (options.convertWindowsNewlines !== false) {
|
|
6092
|
+
lines = lines.replace(/\r\n?/mg, "\n");
|
|
6093
|
+
}
|
|
6055
6094
|
let match;
|
|
6056
6095
|
while ((match = LINE.exec(lines)) !== null) {
|
|
6057
6096
|
const name = match[1];
|
|
6058
6097
|
const raw = match[2];
|
|
6059
6098
|
const quote = getQuote(raw);
|
|
6060
|
-
const value = clean(raw, quote);
|
|
6099
|
+
const value = clean(raw, quote, options);
|
|
6061
6100
|
let parsedValue = value;
|
|
6062
6101
|
if (typeof transform === "function") {
|
|
6063
6102
|
parsedValue = transform({
|
|
@@ -6066,7 +6105,8 @@ var require_dist = __commonJS({
|
|
|
6066
6105
|
quote
|
|
6067
6106
|
});
|
|
6068
6107
|
}
|
|
6069
|
-
parsed[name] =
|
|
6108
|
+
parsed[name] = parsed[name] || [];
|
|
6109
|
+
parsed[name].push(parsedValue);
|
|
6070
6110
|
}
|
|
6071
6111
|
return {
|
|
6072
6112
|
parsed
|
|
@@ -6084,35 +6124,57 @@ var require_dist = __commonJS({
|
|
|
6084
6124
|
try {
|
|
6085
6125
|
const src = fs2.readFileSync(filepath, "utf8");
|
|
6086
6126
|
const { parsed } = scan2(src);
|
|
6087
|
-
|
|
6127
|
+
const result = [];
|
|
6128
|
+
for (const name in parsed) {
|
|
6129
|
+
if (name.startsWith("DOTENV_PRIVATE_KEY")) {
|
|
6130
|
+
result.push(parsed[name][parsed[name].length - 1]);
|
|
6131
|
+
}
|
|
6132
|
+
}
|
|
6133
|
+
return result;
|
|
6088
6134
|
} catch (_e) {
|
|
6089
|
-
return
|
|
6135
|
+
return [];
|
|
6090
6136
|
}
|
|
6091
6137
|
}
|
|
6092
|
-
function keyring2() {
|
|
6093
|
-
const
|
|
6094
|
-
const processEnv2 = process.env;
|
|
6095
|
-
const
|
|
6096
|
-
const
|
|
6097
|
-
|
|
6098
|
-
|
|
6099
|
-
|
|
6100
|
-
};
|
|
6101
|
-
for (const name in sources) {
|
|
6138
|
+
function keyring2(options = {}) {
|
|
6139
|
+
const ring = options.ring || {};
|
|
6140
|
+
const processEnv2 = options.processEnv || process.env;
|
|
6141
|
+
const keysFilepaths = Array.isArray(options.fk) ? options.fk : [options.fk || ".env.keys"];
|
|
6142
|
+
const privateKeyValues = keysFilepaths.reduce((acc, filepath) => {
|
|
6143
|
+
return acc.concat(keysFromFile(filepath));
|
|
6144
|
+
}, []);
|
|
6145
|
+
for (const name in processEnv2) {
|
|
6102
6146
|
if (name.startsWith("DOTENV_PRIVATE_KEY")) {
|
|
6103
|
-
|
|
6104
|
-
|
|
6105
|
-
|
|
6106
|
-
|
|
6107
|
-
|
|
6108
|
-
|
|
6147
|
+
privateKeyValues.push(processEnv2[name]);
|
|
6148
|
+
}
|
|
6149
|
+
}
|
|
6150
|
+
for (const privateKeyHex of privateKeyValues) {
|
|
6151
|
+
try {
|
|
6152
|
+
const publicKeyHex = derive2(privateKeyHex);
|
|
6153
|
+
ring[publicKeyHex] = privateKeyHex;
|
|
6154
|
+
} catch (_e) {
|
|
6109
6155
|
}
|
|
6110
6156
|
}
|
|
6111
|
-
return
|
|
6157
|
+
return ring;
|
|
6112
6158
|
}
|
|
6113
6159
|
module22.exports = keyring2;
|
|
6114
6160
|
}
|
|
6115
6161
|
});
|
|
6162
|
+
var require_publickeys = __commonJS2({
|
|
6163
|
+
"src/publickeys.js"(exports22, module22) {
|
|
6164
|
+
var scan2 = require_scan();
|
|
6165
|
+
function publickeys2(src) {
|
|
6166
|
+
const { parsed } = scan2(src);
|
|
6167
|
+
const result = [];
|
|
6168
|
+
for (const name in parsed) {
|
|
6169
|
+
if (name.startsWith("DOTENV_PUBLIC_KEY")) {
|
|
6170
|
+
result.push(parsed[name][parsed[name].length - 1]);
|
|
6171
|
+
}
|
|
6172
|
+
}
|
|
6173
|
+
return result;
|
|
6174
|
+
}
|
|
6175
|
+
module22.exports = publickeys2;
|
|
6176
|
+
}
|
|
6177
|
+
});
|
|
6116
6178
|
var require_parse = __commonJS2({
|
|
6117
6179
|
"src/parse.js"(exports22, module22) {
|
|
6118
6180
|
var decrypt2 = require_decrypt();
|
|
@@ -6120,32 +6182,56 @@ var require_dist = __commonJS({
|
|
|
6120
6182
|
var encrypted2 = require_encrypted();
|
|
6121
6183
|
var evaluate2 = require_evaluate();
|
|
6122
6184
|
var expand2 = require_expand();
|
|
6185
|
+
var publickeys2 = require_publickeys();
|
|
6123
6186
|
var scan2 = require_scan();
|
|
6124
6187
|
function resolveEscapeSequences(value) {
|
|
6125
6188
|
return value.replace(/\\\$/g, "$");
|
|
6126
6189
|
}
|
|
6127
|
-
function
|
|
6128
|
-
const
|
|
6129
|
-
const
|
|
6130
|
-
|
|
6190
|
+
function decryptWithKeyring(ring, value, publicKeyHexes) {
|
|
6191
|
+
const tried = {};
|
|
6192
|
+
for (const publicKeyHex of publicKeyHexes) {
|
|
6193
|
+
const privateKeyHex = ring[publicKeyHex];
|
|
6194
|
+
if (!privateKeyHex) {
|
|
6195
|
+
continue;
|
|
6196
|
+
}
|
|
6197
|
+
tried[privateKeyHex] = true;
|
|
6198
|
+
try {
|
|
6199
|
+
return decrypt2(privateKeyHex, value);
|
|
6200
|
+
} catch (_e) {
|
|
6201
|
+
}
|
|
6202
|
+
}
|
|
6203
|
+
for (const privateKeyHex of Object.values(ring)) {
|
|
6204
|
+
if (!privateKeyHex || tried[privateKeyHex]) {
|
|
6205
|
+
continue;
|
|
6206
|
+
}
|
|
6207
|
+
try {
|
|
6208
|
+
return decrypt2(privateKeyHex, value);
|
|
6209
|
+
} catch (_e) {
|
|
6210
|
+
}
|
|
6211
|
+
}
|
|
6212
|
+
return value;
|
|
6213
|
+
}
|
|
6214
|
+
function parse22(src, options = {}) {
|
|
6215
|
+
const overload = options.overload;
|
|
6216
|
+
const processEnv2 = options.processEnv || process.env;
|
|
6217
|
+
const publicKeyHexes = publickeys2(src);
|
|
6218
|
+
let ring = {};
|
|
6219
|
+
for (const publicKeyHex of publicKeyHexes) {
|
|
6220
|
+
ring[publicKeyHex] = "";
|
|
6221
|
+
}
|
|
6222
|
+
ring = keyring2({ processEnv: processEnv2, ring });
|
|
6131
6223
|
function inProcessEnv(name) {
|
|
6132
6224
|
return Object.prototype.hasOwnProperty.call(processEnv2, name);
|
|
6133
6225
|
}
|
|
6134
|
-
|
|
6135
|
-
|
|
6136
|
-
|
|
6137
|
-
|
|
6226
|
+
const runningParsed = {};
|
|
6227
|
+
const literals = {};
|
|
6228
|
+
const parsed = {};
|
|
6229
|
+
scan2(src, ({ name, value, quote }) => {
|
|
6138
6230
|
let parsedValue = value;
|
|
6139
|
-
if (name.startsWith("DOTENV_PUBLIC_KEY")) {
|
|
6140
|
-
publicKeyHex = parsedValue;
|
|
6141
|
-
}
|
|
6142
6231
|
if (!overload && inProcessEnv(name)) {
|
|
6143
6232
|
parsedValue = processEnv2[name];
|
|
6144
6233
|
}
|
|
6145
|
-
|
|
6146
|
-
parsedValue = decrypt2(ring[publicKeyHex], parsedValue);
|
|
6147
|
-
} catch (_e) {
|
|
6148
|
-
}
|
|
6234
|
+
parsedValue = decryptWithKeyring(ring, parsedValue, publicKeyHexes);
|
|
6149
6235
|
const encryptedPrefixed = encrypted2(parsedValue);
|
|
6150
6236
|
let evaled = false;
|
|
6151
6237
|
if (!encryptedPrefixed && quote !== "'" && (!inProcessEnv(name) || processEnv2[name] === parsedValue)) {
|
|
@@ -6165,6 +6251,7 @@ var require_dist = __commonJS({
|
|
|
6165
6251
|
literals[name] = parsedValue;
|
|
6166
6252
|
}
|
|
6167
6253
|
runningParsed[name] = parsedValue;
|
|
6254
|
+
parsed[name] = parsedValue;
|
|
6168
6255
|
if (Object.prototype.hasOwnProperty.call(processEnv2, name) && !overload) {
|
|
6169
6256
|
} else {
|
|
6170
6257
|
}
|
|
@@ -6177,23 +6264,52 @@ var require_dist = __commonJS({
|
|
|
6177
6264
|
module22.exports = parse22;
|
|
6178
6265
|
}
|
|
6179
6266
|
});
|
|
6267
|
+
var require_sealed = __commonJS2({
|
|
6268
|
+
"src/sealed.js"(exports22, module22) {
|
|
6269
|
+
var encrypted2 = require_encrypted();
|
|
6270
|
+
var scan2 = require_scan();
|
|
6271
|
+
function publicKey(name) {
|
|
6272
|
+
return name.startsWith("DOTENV_PUBLIC_KEY");
|
|
6273
|
+
}
|
|
6274
|
+
function sealed2(src) {
|
|
6275
|
+
const { parsed } = scan2(src);
|
|
6276
|
+
for (const [name, values] of Object.entries(parsed)) {
|
|
6277
|
+
for (const value of values) {
|
|
6278
|
+
if (!encrypted2(value) && !publicKey(name)) {
|
|
6279
|
+
return false;
|
|
6280
|
+
}
|
|
6281
|
+
}
|
|
6282
|
+
}
|
|
6283
|
+
return true;
|
|
6284
|
+
}
|
|
6285
|
+
module22.exports = sealed2;
|
|
6286
|
+
}
|
|
6287
|
+
});
|
|
6180
6288
|
var decrypt = require_decrypt();
|
|
6181
6289
|
var derive = require_derive();
|
|
6290
|
+
var encrypt = require_encrypt();
|
|
6182
6291
|
var encrypted = require_encrypted();
|
|
6183
6292
|
var evaluate = require_evaluate();
|
|
6184
6293
|
var expand = require_expand();
|
|
6294
|
+
var keypair = require_keypair();
|
|
6185
6295
|
var keyring = require_keyring();
|
|
6186
6296
|
var parse2 = require_parse();
|
|
6297
|
+
var publickeys = require_publickeys();
|
|
6187
6298
|
var scan = require_scan();
|
|
6299
|
+
var sealed = require_sealed();
|
|
6188
6300
|
module2.exports = {
|
|
6189
6301
|
decrypt,
|
|
6190
6302
|
derive,
|
|
6303
|
+
encrypt,
|
|
6191
6304
|
encrypted,
|
|
6192
6305
|
evaluate,
|
|
6193
6306
|
expand,
|
|
6307
|
+
keypair,
|
|
6194
6308
|
keyring,
|
|
6195
6309
|
parse: parse2,
|
|
6196
|
-
|
|
6310
|
+
publickeys,
|
|
6311
|
+
scan,
|
|
6312
|
+
sealed
|
|
6197
6313
|
};
|
|
6198
6314
|
}
|
|
6199
6315
|
});
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dotenvx/next-env",
|
|
3
|
-
"version": "2.0
|
|
3
|
+
"version": "2.1.0",
|
|
4
4
|
"description": "dotenvx drop-in replacement for @next/env",
|
|
5
5
|
"license": "BSD-3-Clause",
|
|
6
6
|
"repository": {
|
|
@@ -23,7 +23,7 @@
|
|
|
23
23
|
"prepublishOnly": "npm pack --dry-run"
|
|
24
24
|
},
|
|
25
25
|
"devDependencies": {
|
|
26
|
-
"@dotenvx/primitives": "0.
|
|
26
|
+
"@dotenvx/primitives": "^0.9.0",
|
|
27
27
|
"esbuild": "^0.28.1"
|
|
28
28
|
}
|
|
29
29
|
}
|