@dotenvx/next-env 2.0.3 → 2.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.cjs +245 -55
  2. package/package.json +2 -2
package/dist/index.cjs CHANGED
@@ -5889,6 +5889,9 @@ var require_dist = __commonJS({
5889
5889
  "src/encrypted.js"(exports22, module22) {
5890
5890
  var PREFIX = "encrypted:";
5891
5891
  function encrypted2(value) {
5892
+ if (!value) {
5893
+ return false;
5894
+ }
5892
5895
  return value.startsWith(PREFIX);
5893
5896
  }
5894
5897
  module22.exports = encrypted2;
@@ -5958,9 +5961,9 @@ var require_dist = __commonJS({
5958
5961
  function chomp(value) {
5959
5962
  return value.replace(/[\r\n]+$/, "");
5960
5963
  }
5961
- function evaluate2(value, opts) {
5962
- const processEnv2 = opts.processEnv || process.env;
5963
- const runningParsed = opts.runningParsed || {};
5964
+ function evaluate2(value, options) {
5965
+ const processEnv2 = options.processEnv || process.env;
5966
+ const runningParsed = options.runningParsed || {};
5964
5967
  const matches = value.match(/\$\(([^)]+(?:\)[^(]*)*)\)/g) || [];
5965
5968
  return matches.reduce((newValue, match) => {
5966
5969
  const command = match.slice(2, -1);
@@ -5979,11 +5982,11 @@ var require_dist = __commonJS({
5979
5982
  });
5980
5983
  var require_expand = __commonJS2({
5981
5984
  "src/expand.js"(exports22, module22) {
5982
- function expand2(value, opts) {
5983
- const overload = opts.overload;
5984
- const processEnv2 = opts.processEnv || process.env;
5985
- const runningParsed = opts.runningParsed || {};
5986
- const literals = opts.literals || {};
5985
+ function expand2(value, options) {
5986
+ const overload = options.overload;
5987
+ const processEnv2 = options.processEnv || process.env;
5988
+ const runningParsed = options.runningParsed || {};
5989
+ const literals = options.literals || {};
5987
5990
  let env = { ...runningParsed, ...processEnv2 };
5988
5991
  if (overload) {
5989
5992
  env = { ...processEnv2, ...runningParsed };
@@ -6026,6 +6029,19 @@ var require_dist = __commonJS({
6026
6029
  module22.exports = expand2;
6027
6030
  }
6028
6031
  });
6032
+ var require_keypair = __commonJS2({
6033
+ "src/keypair.js"(exports22, module22) {
6034
+ var { PrivateKey } = require_dist2();
6035
+ function keypair2() {
6036
+ const kp = new PrivateKey();
6037
+ return {
6038
+ publicKey: kp.publicKey.toHex(),
6039
+ privateKey: Buffer.from(kp.secret).toString("hex")
6040
+ };
6041
+ }
6042
+ module22.exports = keypair2;
6043
+ }
6044
+ });
6029
6045
  var require_scan = __commonJS2({
6030
6046
  "src/scan.js"(exports22, module22) {
6031
6047
  function trimmer(value) {
@@ -6054,26 +6070,33 @@ var require_dist = __commonJS({
6054
6070
  }
6055
6071
  return q;
6056
6072
  }
6057
- function clean(value, quote) {
6073
+ function clean(value, quote, options) {
6058
6074
  let v = trimmer(value);
6059
6075
  v = v.replace(/^(['"`])([\s\S]*)\1$/mg, "$2");
6060
- if (quote === '"') {
6076
+ if (quote === '"' && options.expandDoubleQuotedNewlines !== false) {
6061
6077
  v = v.replace(/\\n/g, "\n");
6062
6078
  v = v.replace(/\\r/g, "\r");
6063
6079
  v = v.replace(/\\t/g, " ");
6064
6080
  }
6065
6081
  return v;
6066
6082
  }
6067
- function scan2(src, transform) {
6083
+ function scan2(src, options = {}, transform) {
6084
+ if (typeof options === "function") {
6085
+ transform = options;
6086
+ options = {};
6087
+ }
6068
6088
  const LINE = /(?:^|^)\s*(?:export\s+)?([\w.-]+)(?:\s*=\s*?|:\s+?)(\s*'(?:\\'|[^'])*'|\s*"(?:\\"|[^"])*"|\s*`(?:\\`|[^`])*`|[^#\r\n]+)?\s*(?:#.*)?(?:$|$)/mg;
6069
6089
  const parsed = {};
6070
- const lines = (src || "").toString().replace(/\r\n?/mg, "\n");
6090
+ let lines = (src || "").toString();
6091
+ if (options.convertWindowsNewlines !== false) {
6092
+ lines = lines.replace(/\r\n?/mg, "\n");
6093
+ }
6071
6094
  let match;
6072
6095
  while ((match = LINE.exec(lines)) !== null) {
6073
6096
  const name = match[1];
6074
6097
  const raw = match[2];
6075
6098
  const quote = getQuote(raw);
6076
- const value = clean(raw, quote);
6099
+ const value = clean(raw, quote, options);
6077
6100
  let parsedValue = value;
6078
6101
  if (typeof transform === "function") {
6079
6102
  parsedValue = transform({
@@ -6082,7 +6105,8 @@ var require_dist = __commonJS({
6082
6105
  quote
6083
6106
  });
6084
6107
  }
6085
- parsed[name] = parsedValue;
6108
+ parsed[name] = parsed[name] || [];
6109
+ parsed[name].push(parsedValue);
6086
6110
  }
6087
6111
  return {
6088
6112
  parsed
@@ -6096,72 +6120,201 @@ var require_dist = __commonJS({
6096
6120
  var fs2 = require("fs");
6097
6121
  var derive2 = require_derive();
6098
6122
  var scan2 = require_scan();
6099
- function keysFromFile(filepath = ".env.keys") {
6123
+ async function keysFromFile(filepath = ".env.keys") {
6124
+ try {
6125
+ const src = await fs2.promises.readFile(filepath, "utf8");
6126
+ const { parsed } = scan2(src);
6127
+ const result = [];
6128
+ for (const name in parsed) {
6129
+ if (name.startsWith("DOTENV_PRIVATE_KEY")) {
6130
+ result.push(parsed[name][parsed[name].length - 1]);
6131
+ }
6132
+ }
6133
+ return result;
6134
+ } catch (_e) {
6135
+ return [];
6136
+ }
6137
+ }
6138
+ function keysFromFileSync(filepath = ".env.keys") {
6100
6139
  try {
6101
6140
  const src = fs2.readFileSync(filepath, "utf8");
6102
6141
  const { parsed } = scan2(src);
6103
- return parsed;
6142
+ const result = [];
6143
+ for (const name in parsed) {
6144
+ if (name.startsWith("DOTENV_PRIVATE_KEY")) {
6145
+ result.push(parsed[name][parsed[name].length - 1]);
6146
+ }
6147
+ }
6148
+ return result;
6104
6149
  } catch (_e) {
6105
- return {};
6150
+ return [];
6106
6151
  }
6107
6152
  }
6108
- function keyring2() {
6109
- const mem = {};
6110
- const processEnv2 = process.env;
6111
- const keysFilepath = ".env.keys";
6112
- const sources = {
6113
- ...keysFromFile(keysFilepath),
6114
- ...processEnv2
6115
- // process.env wins
6116
- };
6117
- for (const name in sources) {
6153
+ async function keyring2(options = {}) {
6154
+ const ring = options.ring || {};
6155
+ const provider = options.provider;
6156
+ const processEnv2 = options.processEnv || process.env;
6157
+ const keysFilepaths = Array.isArray(options.fk) ? options.fk : [options.fk || ".env.keys"];
6158
+ const privateKeyValues = [];
6159
+ for (const filepath of keysFilepaths) {
6160
+ privateKeyValues.push(...await keysFromFile(filepath));
6161
+ }
6162
+ for (const name in processEnv2) {
6118
6163
  if (name.startsWith("DOTENV_PRIVATE_KEY")) {
6119
- try {
6120
- const privateKeyHex = sources[name];
6121
- const publicKeyHex = derive2(privateKeyHex);
6122
- mem[publicKeyHex] = privateKeyHex;
6123
- } catch (_e) {
6164
+ privateKeyValues.push(processEnv2[name]);
6165
+ }
6166
+ }
6167
+ for (const privateKeyHex of privateKeyValues) {
6168
+ try {
6169
+ const publicKeyHex = derive2(privateKeyHex);
6170
+ ring[publicKeyHex] = privateKeyHex;
6171
+ } catch (_e) {
6172
+ }
6173
+ }
6174
+ if (typeof provider === "function") {
6175
+ for (const publicKeyHex in ring) {
6176
+ if (ring[publicKeyHex]) {
6177
+ continue;
6178
+ }
6179
+ const privateKeyHex = await provider(publicKeyHex);
6180
+ if (privateKeyHex) {
6181
+ ring[publicKeyHex] = privateKeyHex;
6182
+ }
6183
+ }
6184
+ }
6185
+ return ring;
6186
+ }
6187
+ function keyringSync2(options = {}) {
6188
+ const ring = options.ring || {};
6189
+ const provider = options.provider;
6190
+ const processEnv2 = options.processEnv || process.env;
6191
+ const keysFilepaths = Array.isArray(options.fk) ? options.fk : [options.fk || ".env.keys"];
6192
+ const privateKeyValues = keysFilepaths.reduce((acc, filepath) => {
6193
+ return acc.concat(keysFromFileSync(filepath));
6194
+ }, []);
6195
+ for (const name in processEnv2) {
6196
+ if (name.startsWith("DOTENV_PRIVATE_KEY")) {
6197
+ privateKeyValues.push(processEnv2[name]);
6198
+ }
6199
+ }
6200
+ for (const privateKeyHex of privateKeyValues) {
6201
+ try {
6202
+ const publicKeyHex = derive2(privateKeyHex);
6203
+ ring[publicKeyHex] = privateKeyHex;
6204
+ } catch (_e) {
6205
+ }
6206
+ }
6207
+ if (typeof provider === "function") {
6208
+ for (const publicKeyHex in ring) {
6209
+ if (ring[publicKeyHex]) {
6210
+ continue;
6211
+ }
6212
+ const privateKeyHex = provider(publicKeyHex);
6213
+ if (privateKeyHex) {
6214
+ ring[publicKeyHex] = privateKeyHex;
6124
6215
  }
6125
6216
  }
6126
6217
  }
6127
- return mem;
6218
+ return ring;
6128
6219
  }
6129
6220
  module22.exports = keyring2;
6221
+ module22.exports.sync = keyringSync2;
6222
+ }
6223
+ });
6224
+ var require_publickeys = __commonJS2({
6225
+ "src/publickeys.js"(exports22, module22) {
6226
+ var scan2 = require_scan();
6227
+ function publickeys2(src) {
6228
+ const { parsed } = scan2(src);
6229
+ const result = [];
6230
+ for (const name in parsed) {
6231
+ if (name.startsWith("DOTENV_PUBLIC_KEY")) {
6232
+ result.push(parsed[name][parsed[name].length - 1]);
6233
+ }
6234
+ }
6235
+ return result;
6236
+ }
6237
+ module22.exports = publickeys2;
6130
6238
  }
6131
6239
  });
6132
6240
  var require_parse = __commonJS2({
6133
6241
  "src/parse.js"(exports22, module22) {
6134
6242
  var decrypt2 = require_decrypt();
6135
6243
  var keyring2 = require_keyring();
6244
+ var keyringSync2 = require_keyring().sync;
6136
6245
  var encrypted2 = require_encrypted();
6137
6246
  var evaluate2 = require_evaluate();
6138
6247
  var expand2 = require_expand();
6248
+ var publickeys2 = require_publickeys();
6139
6249
  var scan2 = require_scan();
6140
6250
  function resolveEscapeSequences(value) {
6141
6251
  return value.replace(/\\\$/g, "$");
6142
6252
  }
6143
- function parse22(src, opts = {}) {
6144
- const overload = opts.overload;
6145
- const processEnv2 = opts.processEnv || process.env;
6146
- const ring = keyring2();
6253
+ function decryptWithKeyring(ring, value, publicKeyHexes) {
6254
+ const tried = {};
6255
+ for (const publicKeyHex of publicKeyHexes) {
6256
+ const privateKeyHex = ring[publicKeyHex];
6257
+ if (!privateKeyHex) {
6258
+ continue;
6259
+ }
6260
+ tried[privateKeyHex] = true;
6261
+ try {
6262
+ return decrypt2(privateKeyHex, value);
6263
+ } catch (_e) {
6264
+ }
6265
+ }
6266
+ for (const privateKeyHex of Object.values(ring)) {
6267
+ if (!privateKeyHex || tried[privateKeyHex]) {
6268
+ continue;
6269
+ }
6270
+ try {
6271
+ return decrypt2(privateKeyHex, value);
6272
+ } catch (_e) {
6273
+ }
6274
+ }
6275
+ return value;
6276
+ }
6277
+ async function parse2(src, options = {}) {
6278
+ const { overload, processEnv: processEnv2, fk, provider, publicKeyHexes, ring: initialRing } = keyringOptions(src, options);
6279
+ const ring = await keyring2({ processEnv: processEnv2, ring: initialRing, fk, provider });
6280
+ return parseWithRing(src, { overload, processEnv: processEnv2, ring, publicKeyHexes });
6281
+ }
6282
+ function parseSync22(src, options = {}) {
6283
+ const { overload, processEnv: processEnv2, fk, provider, publicKeyHexes, ring: initialRing } = keyringOptions(src, options);
6284
+ const ring = keyringSync2({ processEnv: processEnv2, ring: initialRing, fk, provider });
6285
+ return parseWithRing(src, { overload, processEnv: processEnv2, ring, publicKeyHexes });
6286
+ }
6287
+ function keyringOptions(src, options = {}) {
6288
+ const overload = options.overload;
6289
+ const processEnv2 = options.processEnv || process.env;
6290
+ const fk = options.fk;
6291
+ const provider = options.provider;
6292
+ const publicKeyHexes = publickeys2(src);
6293
+ const ring = {};
6294
+ for (const publicKeyHex of publicKeyHexes) {
6295
+ ring[publicKeyHex] = "";
6296
+ }
6297
+ return { overload, processEnv: processEnv2, fk, provider, publicKeyHexes, ring };
6298
+ }
6299
+ function parseWithRing(src, options = {}) {
6300
+ const overload = options.overload;
6301
+ const processEnv2 = options.processEnv || process.env;
6302
+ const ring = options.ring || {};
6303
+ const publicKeyHexes = options.publicKeyHexes || [];
6147
6304
  function inProcessEnv(name) {
6148
6305
  return Object.prototype.hasOwnProperty.call(processEnv2, name);
6149
6306
  }
6150
- let publicKeyHex;
6151
- let runningParsed = {};
6152
- let literals = {};
6153
- const { parsed } = scan2(src, ({ name, value, quote }) => {
6307
+ const runningParsed = {};
6308
+ const literals = {};
6309
+ const parsed = {};
6310
+ const injected = {};
6311
+ const existed = {};
6312
+ scan2(src, ({ name, value, quote }) => {
6154
6313
  let parsedValue = value;
6155
- if (name.startsWith("DOTENV_PUBLIC_KEY")) {
6156
- publicKeyHex = parsedValue;
6157
- }
6158
6314
  if (!overload && inProcessEnv(name)) {
6159
6315
  parsedValue = processEnv2[name];
6160
6316
  }
6161
- try {
6162
- parsedValue = decrypt2(ring[publicKeyHex], parsedValue);
6163
- } catch (_e) {
6164
- }
6317
+ parsedValue = decryptWithKeyring(ring, parsedValue, publicKeyHexes);
6165
6318
  const encryptedPrefixed = encrypted2(parsedValue);
6166
6319
  let evaled = false;
6167
6320
  if (!encryptedPrefixed && quote !== "'" && (!inProcessEnv(name) || processEnv2[name] === parsedValue)) {
@@ -6181,16 +6334,43 @@ var require_dist = __commonJS({
6181
6334
  literals[name] = parsedValue;
6182
6335
  }
6183
6336
  runningParsed[name] = parsedValue;
6337
+ parsed[name] = parsedValue;
6184
6338
  if (Object.prototype.hasOwnProperty.call(processEnv2, name) && !overload) {
6339
+ existed[name] = processEnv2[name];
6185
6340
  } else {
6341
+ injected[name] = parsed[name];
6186
6342
  }
6187
6343
  return parsedValue;
6188
6344
  });
6189
6345
  return {
6190
- parsed
6346
+ parsed,
6347
+ injected,
6348
+ existed
6191
6349
  };
6192
6350
  }
6193
- module22.exports = parse22;
6351
+ module22.exports = parse2;
6352
+ module22.exports.sync = parseSync22;
6353
+ }
6354
+ });
6355
+ var require_sealed = __commonJS2({
6356
+ "src/sealed.js"(exports22, module22) {
6357
+ var encrypted2 = require_encrypted();
6358
+ var scan2 = require_scan();
6359
+ function publicKey(name) {
6360
+ return name.startsWith("DOTENV_PUBLIC_KEY");
6361
+ }
6362
+ function sealed2(src) {
6363
+ const { parsed } = scan2(src);
6364
+ for (const [name, values] of Object.entries(parsed)) {
6365
+ for (const value of values) {
6366
+ if (!encrypted2(value) && !publicKey(name)) {
6367
+ return false;
6368
+ }
6369
+ }
6370
+ }
6371
+ return true;
6372
+ }
6373
+ module22.exports = sealed2;
6194
6374
  }
6195
6375
  });
6196
6376
  var decrypt = require_decrypt();
@@ -6199,9 +6379,14 @@ var require_dist = __commonJS({
6199
6379
  var encrypted = require_encrypted();
6200
6380
  var evaluate = require_evaluate();
6201
6381
  var expand = require_expand();
6382
+ var keypair = require_keypair();
6202
6383
  var keyring = require_keyring();
6203
- var parse2 = require_parse();
6384
+ var keyringSync = require_keyring().sync;
6385
+ var parse = require_parse();
6386
+ var parseSync2 = require_parse().sync;
6387
+ var publickeys = require_publickeys();
6204
6388
  var scan = require_scan();
6389
+ var sealed = require_sealed();
6205
6390
  module2.exports = {
6206
6391
  decrypt,
6207
6392
  derive,
@@ -6209,9 +6394,14 @@ var require_dist = __commonJS({
6209
6394
  encrypted,
6210
6395
  evaluate,
6211
6396
  expand,
6397
+ keypair,
6212
6398
  keyring,
6213
- parse: parse2,
6214
- scan
6399
+ keyringSync,
6400
+ parse,
6401
+ parseSync: parseSync2,
6402
+ publickeys,
6403
+ scan,
6404
+ sealed
6215
6405
  };
6216
6406
  }
6217
6407
  });
@@ -6219,7 +6409,7 @@ var require_dist = __commonJS({
6219
6409
  // index.cjs
6220
6410
  var fs = require("fs");
6221
6411
  var path = require("path");
6222
- var { parse } = require_dist();
6412
+ var { parseSync } = require_dist();
6223
6413
  var initialEnv;
6224
6414
  var combinedEnv;
6225
6415
  var parsedEnv;
@@ -6261,7 +6451,7 @@ function processEnv(loadedEnvFiles, dir, log = console, forceReload = false, onR
6261
6451
  const parsed = {};
6262
6452
  for (const envFile of loadedEnvFiles) {
6263
6453
  try {
6264
- const result = parse(envFile.contents);
6454
+ const result = parseSync(envFile.contents);
6265
6455
  if (result.parsed && !previousLoadedEnvFiles.some(
6266
6456
  (item) => item.contents === envFile.contents && item.path === envFile.path
6267
6457
  )) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@dotenvx/next-env",
3
- "version": "2.0.3",
3
+ "version": "2.1.1",
4
4
  "description": "dotenvx drop-in replacement for @next/env",
5
5
  "license": "BSD-3-Clause",
6
6
  "repository": {
@@ -23,7 +23,7 @@
23
23
  "prepublishOnly": "npm pack --dry-run"
24
24
  },
25
25
  "devDependencies": {
26
- "@dotenvx/primitives": "^0.6.0",
26
+ "@dotenvx/primitives": "^1.0.0",
27
27
  "esbuild": "^0.28.1"
28
28
  }
29
29
  }