npm - @fentz26/envcp - Versions diffs - 1.0.3 → 1.0.5 - Mend

@fentz26/envcp 1.0.3 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/README.md +12 -5
package/dist/adapters/base.d.ts.map +1 -1
package/dist/adapters/base.js +12 -2
package/dist/adapters/base.js.map +1 -1
package/dist/cli/index.js +345 -106
package/dist/cli/index.js.map +1 -1
package/dist/config/manager.d.ts +5 -5
package/dist/config/manager.d.ts.map +1 -1
package/dist/config/manager.js +204 -44
package/dist/config/manager.js.map +1 -1
package/dist/types.d.ts +13 -0
package/dist/types.d.ts.map +1 -1
package/dist/types.js +3 -0
package/dist/types.js.map +1 -1
package/package.json +1 -1

package/dist/cli/index.js CHANGED Viewed

@@ -10,6 +10,12 @@ import { maskValue, validatePassword, encrypt, decrypt, generateRecoveryKey, cre
 async function withSession(fn) {
     const projectPath = process.cwd();
     const config = await loadConfig(projectPath);
+    // Passwordless mode: no session, no password
+    if (config.encryption?.enabled === false) {
+        const storage = new StorageManager(path.join(projectPath, config.storage.path), false);
+        await fn(storage, '', config, projectPath);
+        return;
+    }
     const sessionManager = new SessionManager(path.join(projectPath, config.session?.path || '.envcp/.session'), config.session?.timeout_minutes || 30, config.session?.max_extensions || 5);
     await sessionManager.init();
     let session = await sessionManager.load();
@@ -41,111 +47,139 @@ program
     .command('init')
     .description('Initialize EnvCP in the current project')
     .option('-p, --project <name>', 'Project name')
-    .option('-e, --encrypted', 'Enable encryption', true)
+    .option('--no-encrypt', 'Skip encryption (passwordless mode)')
     .option('--skip-env', 'Skip .env auto-import')
     .option('--skip-mcp', 'Skip MCP auto-registration')
     .action(async (options) => {
     const projectPath = process.cwd();
     const projectName = options.project || path.basename(projectPath);
     console.log(chalk.blue('Initializing EnvCP...'));
+    console.log('');
     const config = await initConfig(projectPath, projectName);
-    // Security mode selection
-    const { securityMode } = await inquirer.prompt([
-        {
-            type: 'list',
-            name: 'securityMode',
-            message: 'Security mode:',
-            choices: [
-                { name: 'Recoverable - Generate a recovery key (recommended)', value: 'recoverable' },
-                { name: 'Hard-lock - Lose password = lose everything (maximum security)', value: 'hard-lock' },
-            ],
-            default: 'recoverable',
+    // Single security question (or skip if --no-encrypt)
+    let securityChoice;
+    if (options.encrypt === false) {
+        securityChoice = 'none';
+    }
+    else {
+        const { mode } = await inquirer.prompt([
+            {
+                type: 'list',
+                name: 'mode',
+                message: 'How would you like to secure your variables?',
+                choices: [
+                    { name: 'No encryption (fastest setup, for local dev)', value: 'none' },
+                    { name: 'Encrypted with recovery key (recommended)', value: 'recoverable' },
+                    { name: 'Encrypted hard-lock (max security, no recovery)', value: 'hard-lock' },
+                ],
+                default: 'recoverable',
+            }
+        ]);
+        securityChoice = mode;
+    }
+    // Apply security choice to config
+    if (securityChoice === 'none') {
+        config.encryption = { enabled: false };
+        config.storage.encrypted = false;
+        config.security = { mode: 'recoverable', recovery_file: '.envcp/.recovery' };
+    }
+    else {
+        config.encryption = { enabled: true };
+        config.storage.encrypted = true;
+        config.security = { mode: securityChoice, recovery_file: '.envcp/.recovery' };
+    }
+    // For encrypted modes: get password now
+    let pwd = '';
+    if (securityChoice !== 'none') {
+        const { password } = await inquirer.prompt([
+            { type: 'password', name: 'password', message: 'Set encryption password:', mask: '*' }
+        ]);
+        const { confirm } = await inquirer.prompt([
+            { type: 'password', name: 'confirm', message: 'Confirm password:', mask: '*' }
+        ]);
+        if (password !== confirm) {
+            console.log(chalk.red('Passwords do not match. Aborting.'));
+            return;
         }
-    ]);
-    config.security = { mode: securityMode, recovery_file: '.envcp/.recovery' };
+        pwd = password;
+    }
     await saveConfig(config, projectPath);
-    console.log(chalk.green('EnvCP initialized successfully!'));
+    const modeLabel = securityChoice === 'none' ? 'no encryption' : securityChoice;
+    console.log(chalk.green('EnvCP initialized!'));
     console.log(chalk.gray(`  Project: ${config.project}`));
-    console.log(chalk.gray(`  Storage: ${config.storage.path}`));
-    console.log(chalk.gray(`  Encrypted: ${config.storage.encrypted}`));
-    console.log(chalk.gray(`  Security: ${securityMode}`));
-    console.log(chalk.gray(`  Session timeout: ${config.session?.timeout_minutes || 30} minutes`));
-    console.log(chalk.gray(`  AI active check: ${config.access?.allow_ai_active_check ? 'enabled' : 'disabled'}`));
-    // Auto-import .env file
+    console.log(chalk.gray(`  Security: ${modeLabel}`));
+    if (securityChoice !== 'none') {
+        console.log(chalk.gray(`  Session timeout: ${config.session?.timeout_minutes || 30} minutes`));
+    }
+    // Auto-import .env
     if (!options.skipEnv) {
         const envPath = path.join(projectPath, '.env');
         if (await fs.pathExists(envPath)) {
-            const { importEnv } = await inquirer.prompt([
-                { type: 'confirm', name: 'importEnv', message: 'Found .env file. Import variables into EnvCP?', default: true }
-            ]);
-            if (importEnv) {
-                const { password: pwd } = await inquirer.prompt([
-                    { type: 'password', name: 'password', message: 'Set encryption password:', mask: '*' }
-                ]);
-                const { confirm } = await inquirer.prompt([
-                    { type: 'password', name: 'confirm', message: 'Confirm password:', mask: '*' }
-                ]);
-                if (pwd !== confirm) {
-                    console.log(chalk.red('Passwords do not match. Skipping .env import.'));
+            const envContent = await fs.readFile(envPath, 'utf8');
+            const vars = parseEnvFile(envContent);
+            const count = Object.keys(vars).length;
+            if (count > 0) {
+                const storage = new StorageManager(path.join(projectPath, config.storage.path), config.storage.encrypted);
+                if (pwd)
+                    storage.setPassword(pwd);
+                const now = new Date().toISOString();
+                for (const [name, value] of Object.entries(vars)) {
+                    await storage.set(name, {
+                        name, value,
+                        encrypted: config.storage.encrypted,
+                        created: now, updated: now,
+                        sync_to_env: true,
+                    });
                 }
-                else {
-                    const envContent = await fs.readFile(envPath, 'utf8');
-                    const vars = parseEnvFile(envContent);
-                    const count = Object.keys(vars).length;
-                    if (count > 0) {
-                        const storage = new StorageManager(path.join(projectPath, config.storage.path), config.storage.encrypted);
-                        storage.setPassword(pwd);
-                        const now = new Date().toISOString();
-                        for (const [name, value] of Object.entries(vars)) {
-                            await storage.set(name, {
-                                name,
-                                value,
-                                encrypted: config.storage.encrypted,
-                                created: now,
-                                updated: now,
-                                sync_to_env: true,
-                            });
-                        }
-                        // Create session so user doesn't have to unlock immediately
-                        const sessionManager = new SessionManager(path.join(projectPath, config.session?.path || '.envcp/.session'), config.session?.timeout_minutes || 30, config.session?.max_extensions || 5);
-                        await sessionManager.init();
-                        await sessionManager.create(pwd);
-                        // Generate recovery key if recoverable mode
-                        if (securityMode === 'recoverable') {
-                            const recoveryKey = generateRecoveryKey();
-                            const recoveryData = createRecoveryData(pwd, recoveryKey);
-                            const recoveryPath = path.join(projectPath, config.security?.recovery_file || '.envcp/.recovery');
-                            await fs.writeFile(recoveryPath, recoveryData, 'utf8');
-                            console.log('');
-                            console.log(chalk.yellow.bold('  RECOVERY KEY (save this somewhere safe!):'));
-                            console.log(chalk.yellow.bold(`  ${recoveryKey}`));
-                            console.log(chalk.gray('  This key is shown ONCE. If you lose it, you cannot recover your password.'));
-                            console.log('');
-                        }
-                        console.log(chalk.green(`  Imported ${count} variables from .env`));
-                        console.log(chalk.gray(`  Variables: ${Object.keys(vars).join(', ')}`));
-                    }
-                    else {
-                        console.log(chalk.yellow('  .env file is empty, nothing to import'));
-                    }
+                // Create session for encrypted mode
+                if (pwd) {
+                    const sessionManager = new SessionManager(path.join(projectPath, config.session?.path || '.envcp/.session'), config.session?.timeout_minutes || 30, config.session?.max_extensions || 5);
+                    await sessionManager.init();
+                    await sessionManager.create(pwd);
                 }
+                console.log(chalk.green(`  Imported ${count} variables from .env`));
+                console.log(chalk.gray(`  Variables: ${Object.keys(vars).join(', ')}`));
             }
         }
     }
-    // Auto-register MCP config
+    // Generate recovery key for encrypted recoverable mode
+    if (securityChoice === 'recoverable' && pwd) {
+        const recoveryKey = generateRecoveryKey();
+        const recoveryData = createRecoveryData(pwd, recoveryKey);
+        const recoveryPath = path.join(projectPath, config.security.recovery_file);
+        await fs.writeFile(recoveryPath, recoveryData, 'utf8');
+        console.log('');
+        console.log(chalk.yellow.bold('  RECOVERY KEY (save this somewhere safe!):'));
+        console.log(chalk.yellow.bold(`  ${recoveryKey}`));
+        console.log(chalk.gray('  This key is shown ONCE. If you lose it, you cannot recover your password.'));
+    }
+    // Auto-register MCP in all detected tools
     if (!options.skipMcp) {
-        const registered = await registerMcpConfig(projectPath);
-        if (registered.length > 0) {
-            console.log(chalk.green('  MCP auto-registered:'));
-            for (const name of registered) {
-                console.log(chalk.gray(`    - ${name}`));
+        const result = await registerMcpConfig(projectPath);
+        console.log('');
+        if (result.registered.length > 0) {
+            console.log(chalk.green('  MCP registered:'));
+            for (const name of result.registered) {
+                console.log(chalk.gray(`    + ${name}`));
             }
         }
-        else {
-            console.log(chalk.gray('  No AI tool configs detected for MCP auto-registration'));
-            console.log(chalk.gray('  You can manually add EnvCP to your AI tool config later'));
+        if (result.alreadyConfigured.length > 0) {
+            for (const name of result.alreadyConfigured) {
+                console.log(chalk.gray(`    = ${name} (already configured)`));
+            }
+        }
+        if (result.manual.length > 0) {
+            console.log(chalk.gray('  Manual setup needed:'));
+            for (const name of result.manual) {
+                console.log(chalk.gray(`    ? ${name}`));
+            }
+        }
+        if (result.registered.length === 0 && result.alreadyConfigured.length === 0) {
+            console.log(chalk.gray('  No AI tools detected for auto-registration'));
         }
     }
+    console.log('');
+    console.log(chalk.green('Done! Your AI tools can now use EnvCP.'));
 });
 program
     .command('unlock')
@@ -470,7 +504,8 @@ program
 program
     .command('sync')
     .description('Sync variables to .env file')
-    .action(async () => {
+    .option('--dry-run', 'Preview changes without writing')
+    .action(async (options) => {
     await withSession(async (storage, _password, config, projectPath) => {
         if (!config.sync.enabled) {
             console.log(chalk.yellow('Sync is disabled in configuration'));
@@ -486,6 +521,49 @@ program
             const val = needsQuoting ? `"${variable.value.replace(/\\/g, '\\\\').replace(/"/g, '\\"')}"` : variable.value;
             lines.push(`${name}=${val}`);
         }
+        if (options.dryRun) {
+            const envPath = path.join(projectPath, config.sync.target);
+            const existing = {};
+            if (await fs.pathExists(envPath)) {
+                const content = await fs.readFile(envPath, 'utf8');
+                Object.assign(existing, parseEnvFile(content));
+            }
+            const newVars = [];
+            const updated = [];
+            const removed = [];
+            for (const [name, variable] of Object.entries(variables)) {
+                if (name in existing) {
+                    if (existing[name] !== variable.value)
+                        updated.push(name);
+                }
+                else {
+                    newVars.push(name);
+                }
+            }
+            const storeNames = new Set(Object.keys(variables));
+            for (const name of Object.keys(existing)) {
+                if (!storeNames.has(name))
+                    removed.push(name);
+            }
+            console.log(chalk.blue(`Dry run: sync to ${config.sync.target}\n`));
+            if (newVars.length > 0) {
+                for (const n of newVars)
+                    console.log(chalk.green(`  + ${n} = ${maskValue(variables[n].value)}`));
+            }
+            if (updated.length > 0) {
+                for (const n of updated)
+                    console.log(chalk.yellow(`  ~ ${n} = ${maskValue(variables[n].value)}`));
+            }
+            if (removed.length > 0) {
+                for (const n of removed)
+                    console.log(chalk.red(`  - ${n}`));
+            }
+            if (newVars.length === 0 && updated.length === 0 && removed.length === 0) {
+                console.log(chalk.gray('  No changes'));
+            }
+            console.log(chalk.gray('\nNo files were modified.'));
+            return;
+        }
         await fs.writeFile(path.join(projectPath, config.sync.target), lines.join('\n'), 'utf8');
         console.log(chalk.green(`Synced ${lines.length} variables to ${config.sync.target}`));
     });
@@ -501,33 +579,50 @@ program
     .action(async (options) => {
     const projectPath = process.cwd();
     const config = await loadConfig(projectPath);
-    const sessionManager = new SessionManager(path.join(projectPath, config.session?.path || '.envcp/.session'), config.session?.timeout_minutes || 30, config.session?.max_extensions || 5);
-    await sessionManager.init();
-    let session = await sessionManager.load();
-    let password = options.password;
-    if (!session && !password) {
-        const answer = await inquirer.prompt([
-            { type: 'password', name: 'password', message: 'Enter password:', mask: '*' }
-        ]);
-        password = answer.password;
-        const validation = validatePassword(password, config.password || {});
-        if (!validation.valid) {
-            console.log(chalk.red(validation.error));
-            return;
-        }
-        session = await sessionManager.create(password);
-    }
-    password = sessionManager.getPassword() || password;
     const mode = options.mode;
     const port = parseInt(options.port, 10);
     const host = options.host;
     const apiKey = options.apiKey;
-    // MCP mode uses stdio
-    if (mode === 'mcp') {
-        const { EnvCPServer } = await import('../mcp/server.js');
-        const server = new EnvCPServer(config, projectPath, password);
-        await server.start();
-        return;
+    let password = options.password || '';
+    // Passwordless mode: skip all session/password logic
+    if (config.encryption?.enabled === false) {
+        if (mode === 'mcp') {
+            const { EnvCPServer } = await import('../mcp/server.js');
+            const server = new EnvCPServer(config, projectPath);
+            await server.start();
+            return;
+        }
+    }
+    else {
+        // Encrypted mode: need password
+        const sessionManager = new SessionManager(path.join(projectPath, config.session?.path || '.envcp/.session'), config.session?.timeout_minutes || 30, config.session?.max_extensions || 5);
+        await sessionManager.init();
+        let session = await sessionManager.load();
+        if (!session && !password) {
+            // MCP mode uses stdio — can't prompt interactively
+            if (mode === 'mcp') {
+                process.stderr.write('Error: No active session. Run `envcp unlock` first, or use --password flag.\n');
+                process.exit(1);
+            }
+            const answer = await inquirer.prompt([
+                { type: 'password', name: 'password', message: 'Enter password:', mask: '*' }
+            ]);
+            password = answer.password;
+            const validation = validatePassword(password, config.password || {});
+            if (!validation.valid) {
+                console.log(chalk.red(validation.error));
+                return;
+            }
+            session = await sessionManager.create(password);
+        }
+        password = sessionManager.getPassword() || password;
+        // MCP mode uses stdio
+        if (mode === 'mcp') {
+            const { EnvCPServer } = await import('../mcp/server.js');
+            const server = new EnvCPServer(config, projectPath, password);
+            await server.start();
+            return;
+        }
     }
     // HTTP-based modes
     const { UnifiedServer } = await import('../server/unified.js');
@@ -645,6 +740,7 @@ program
     .command('import <file>')
     .description('Import variables from an encrypted export file')
     .option('--merge', 'Merge with existing variables (default: replace)')
+    .option('--dry-run', 'Preview what would be imported without writing')
     .action(async (file, options) => {
     await withSession(async (storage) => {
         if (!await fs.pathExists(file)) {
@@ -678,6 +774,42 @@ program
                 console.log(chalk.gray(`  Exported: ${meta.timestamp}`));
             console.log(chalk.gray(`  Variables: ${meta.count || Object.keys(variables).length}`));
         }
+        if (options.dryRun) {
+            const current = await storage.load();
+            const importNames = Object.keys(variables);
+            console.log(chalk.blue(`\nDry run: import ${options.merge ? '(merge)' : '(replace)'}\n`));
+            const newVars = [];
+            const updated = [];
+            for (const name of importNames) {
+                if (name in current) {
+                    if (current[name].value !== variables[name].value)
+                        updated.push(name);
+                }
+                else {
+                    newVars.push(name);
+                }
+            }
+            if (!options.merge) {
+                const removed = Object.keys(current).filter(n => !importNames.includes(n));
+                if (removed.length > 0) {
+                    for (const n of removed)
+                        console.log(chalk.red(`  - ${n} (will be removed)`));
+                }
+            }
+            if (newVars.length > 0) {
+                for (const n of newVars)
+                    console.log(chalk.green(`  + ${n} = ${maskValue(variables[n].value)}`));
+            }
+            if (updated.length > 0) {
+                for (const n of updated)
+                    console.log(chalk.yellow(`  ~ ${n} = ${maskValue(variables[n].value)}`));
+            }
+            if (newVars.length === 0 && updated.length === 0) {
+                console.log(chalk.gray('  No changes'));
+            }
+            console.log(chalk.gray('\nNo files were modified.'));
+            return;
+        }
         const { confirm } = await inquirer.prompt([
             { type: 'confirm', name: 'confirm', message: options.merge ? 'Merge into current store?' : 'Replace current store?', default: false }
         ]);
@@ -781,5 +913,112 @@ program
         }
     });
 });
+program
+    .command('doctor')
+    .description('Diagnose common issues and check system health')
+    .action(async () => {
+    const projectPath = process.cwd();
+    const checks = [];
+    // 1. Config check
+    try {
+        const config = await loadConfig(projectPath);
+        checks.push({ name: 'Config', status: 'pass', detail: `Loaded (project: ${config.project || 'unnamed'})` });
+        // 2. Encryption mode
+        const encrypted = config.encryption?.enabled !== false;
+        checks.push({ name: 'Encryption', status: 'pass', detail: encrypted ? `Enabled (${config.storage.algorithm})` : 'Disabled (passwordless)' });
+        // 3. Security mode
+        checks.push({ name: 'Security mode', status: 'pass', detail: config.security?.mode || 'recoverable' });
+        // 4. Store file
+        const storePath = path.join(projectPath, config.storage.path);
+        if (await fs.pathExists(storePath)) {
+            const stat = await fs.stat(storePath);
+            checks.push({ name: 'Store file', status: 'pass', detail: `Exists (${stat.size} bytes)` });
+        }
+        else {
+            checks.push({ name: 'Store file', status: 'warn', detail: 'Not found (no variables stored yet)' });
+        }
+        // 5. Session status
+        if (encrypted) {
+            const sessionManager = new SessionManager(path.join(projectPath, config.session?.path || '.envcp/.session'), config.session?.timeout_minutes || 30, config.session?.max_extensions || 5);
+            await sessionManager.init();
+            const session = await sessionManager.load();
+            if (session) {
+                const remaining = sessionManager.getRemainingTime();
+                checks.push({ name: 'Session', status: 'pass', detail: `Active (${remaining}min remaining)` });
+            }
+            else {
+                checks.push({ name: 'Session', status: 'warn', detail: 'No active session — run `envcp unlock`' });
+            }
+        }
+        else {
+            checks.push({ name: 'Session', status: 'pass', detail: 'Not needed (passwordless mode)' });
+        }
+        // 6. Recovery file
+        if (config.security?.mode === 'recoverable') {
+            const recoveryPath = path.join(projectPath, config.security.recovery_file || '.envcp/.recovery');
+            if (await fs.pathExists(recoveryPath)) {
+                checks.push({ name: 'Recovery file', status: 'pass', detail: 'Present' });
+            }
+            else {
+                checks.push({ name: 'Recovery file', status: 'warn', detail: 'Missing — password recovery will not work' });
+            }
+        }
+        else if (config.security?.mode === 'hard-lock') {
+            checks.push({ name: 'Recovery file', status: 'pass', detail: 'N/A (hard-lock mode)' });
+        }
+        // 7. .envcp directory
+        const envcpDir = path.join(projectPath, '.envcp');
+        if (await fs.pathExists(envcpDir)) {
+            checks.push({ name: '.envcp directory', status: 'pass', detail: 'Exists' });
+        }
+        else {
+            checks.push({ name: '.envcp directory', status: 'fail', detail: 'Missing — run `envcp init`' });
+        }
+        // 8. .gitignore check
+        const gitignorePath = path.join(projectPath, '.gitignore');
+        if (await fs.pathExists(gitignorePath)) {
+            const gitignore = await fs.readFile(gitignorePath, 'utf8');
+            if (gitignore.includes('.envcp/')) {
+                checks.push({ name: '.gitignore', status: 'pass', detail: '.envcp/ is ignored' });
+            }
+            else {
+                checks.push({ name: '.gitignore', status: 'warn', detail: '.envcp/ not in .gitignore — secrets may be committed' });
+            }
+        }
+        else {
+            checks.push({ name: '.gitignore', status: 'warn', detail: 'No .gitignore found' });
+        }
+        // 9. MCP registration
+        const mcpResult = await registerMcpConfig(projectPath);
+        const totalMcp = mcpResult.registered.length + mcpResult.alreadyConfigured.length;
+        if (totalMcp > 0) {
+            checks.push({ name: 'MCP registration', status: 'pass', detail: `${mcpResult.alreadyConfigured.length} tool(s) configured` });
+        }
+        else {
+            checks.push({ name: 'MCP registration', status: 'warn', detail: 'No AI tools detected' });
+        }
+    }
+    catch (error) {
+        checks.push({ name: 'Config', status: 'fail', detail: `Failed to load: ${error.message}` });
+    }
+    // Print results
+    console.log(chalk.blue('\nEnvCP Doctor\n'));
+    for (const check of checks) {
+        const icon = check.status === 'pass' ? chalk.green('PASS') : check.status === 'warn' ? chalk.yellow('WARN') : chalk.red('FAIL');
+        console.log(`  [${icon}] ${check.name}: ${chalk.gray(check.detail)}`);
+    }
+    const fails = checks.filter(c => c.status === 'fail').length;
+    const warns = checks.filter(c => c.status === 'warn').length;
+    console.log('');
+    if (fails > 0) {
+        console.log(chalk.red(`${fails} issue(s) need attention.`));
+    }
+    else if (warns > 0) {
+        console.log(chalk.yellow(`All checks passed with ${warns} warning(s).`));
+    }
+    else {
+        console.log(chalk.green('All checks passed.'));
+    }
+});
 program.parse();
 //# sourceMappingURL=index.js.map