npm - @keywaysh/cli - Versions diffs - 0.1.15 → 0.2.0 - Mend

@keywaysh/cli 0.1.15 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +141 -227
package/dist/{auth-QLPQ24HZ.js → auth-64V3RWUK.js} +1 -1
package/dist/{chunk-F4C46224.js → chunk-IVZM2JTT.js} +0 -1
package/dist/cli.js +857 -868
package/package.json +3 -4

package/README.md CHANGED Viewed

@@ -1,168 +1,127 @@
 <div align="center">
   <h1>Keyway CLI</h1>
-  <strong>The simplest way to sync your project's environment variables.</strong><br/>
-  Stop sending <code>.env</code> files on Slack. One command and you're in sync.
-  <br/><br/>
-  <a href="https://keyway.sh">keyway.sh</a> ·
-  <a href="https://github.com/keywaysh/cli">GitHub</a> ·
-  <a href="https://www.npmjs.com/package/@keywaysh/cli">NPM</a> ·
+  <p><strong>Sync .env files across your team in 30 seconds.</strong></p>
+  <p>Stop sharing secrets on Slack. One command and everyone's in sync.</p>
+  <br/>
+[![npm version](https://img.shields.io/npm/v/@keywaysh/cli.svg?style=flat-square)](https://www.npmjs.com/package/@keywaysh/cli)
+[![npm downloads](https://img.shields.io/npm/dm/@keywaysh/cli.svg?style=flat-square)](https://www.npmjs.com/package/@keywaysh/cli)
+[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg?style=flat-square)](https://opensource.org/licenses/MIT)
+[![.env by Keyway](https://keyway.sh/badge.svg?repo=keywaysh/cli)](https://keyway.sh)
+  <br/>
+  <a href="https://keyway.sh">Website</a> •
+  <a href="https://docs.keyway.sh">Docs</a> •
+  <a href="https://keyway.sh/security">Security</a> •
   <a href="https://status.keyway.sh">Status</a>
-  <br/><br/>
-[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
-[![npm version](https://img.shields.io/npm/v/@keywaysh/cli.svg)](https://www.npmjs.com/package/@keywaysh/cli)
 </div>
-## Why Keyway?
-Most devs store secrets in... chaotic places:
-- Slack
-- Notion
-- Discord
-- Google Docs
-- Lost `.env` files
-- Messages you can't find anymore
-- Machine of the dev who left the project
-**Keyway fixes that.**
+<br/>
-If you have GitHub access to a repo → you have access to its secrets.
-No invites. No dashboards. No complex config.
-Just one command that works.
-## Install
+## Quick Start (30 seconds)
+**1. Setup your project:**
 ```bash
 npm install -g @keywaysh/cli
-```
-## Quick Start
-Inside any project connected to GitHub:
-```bash
-keyway login
 keyway init
 ```
-What happens:
-1. Keyway authenticates via GitHub OAuth
-2. Detects your GitHub repo
-3. Creates a vault for this repo
-4. Asks if you want to sync your `.env`
-Then any teammate can simply run:
+**2. Teammates pull secrets:**
 ```bash
 keyway pull
 ```
-And boom: your `.env` is recreated locally.
-## Commands
-### `keyway login`
-Authenticate with GitHub through the Keyway OAuth/device flow.
-```bash
-keyway login
-```
-If you prefer using a fine-grained PAT:
+**3. Deploy to Vercel:**
 ```bash
-keyway login --token
+keyway sync vercel
 ```
-### `keyway init`
+<br/>
-Initialize a vault for the current repository.
+<details>
+<summary><strong>See it in action</strong></summary>
-```bash
-keyway init
 ```
+$ keyway init
+✓ Logged in as @nicolas
+✓ Detected repo: acme/backend
+✓ Vault created
+? Push your .env to the vault? Yes
+✓ 12 secrets encrypted and stored
-Creates a vault, pushes your `.env`, and sets everything up.
+$ keyway pull
+✓ .env synced (12 secrets)
+```
-### `keyway push`
+</details>
-Push your local `.env` to the vault.
+<br/>
-```bash
-# Push to development (default)
-keyway push
+## Why Keyway?
-# Push to a specific environment
-keyway push --env production
+Your secrets are probably in:
-# Push a different file
-keyway push --file .env.staging --env staging
-```
+- 💬 Slack DMs
+- 📝 Notion pages
+- 📧 Old emails
+- 🤷 The laptop of the dev who left
-Useful when:
-- you added a new variable
-- you rotated a key
-- you fixed a staging/production mismatch
+**Keyway fixes that.** If you have GitHub repo access → you have secret access. No invites, no dashboards, no YAML.
-### `keyway pull`
+<br/>
-Pull secrets from the vault and write them to `.env`.
+## Install
 ```bash
-# Pull development environment (default)
-keyway pull
+# npm
+npm install -g @keywaysh/cli
-# Pull from a specific environment
-keyway pull --env production
+# pnpm
+pnpm add -g @keywaysh/cli
-# Pull to a different file
-keyway pull --file .env.local
-```
+# yarn
+yarn global add @keywaysh/cli
-Perfect for:
-- onboarding a new dev
-- syncing your local environment
-- switching between machines
+# bun
+bun add -g @keywaysh/cli
+```
-### `keyway doctor`
+<br/>
-Diagnostic command to check your setup.
+## Commands
-```bash
-keyway doctor
+| Command | What it does |
+|---------|--------------|
+| `keyway login` | Authenticate with GitHub |
+| `keyway init` | Create a vault for this repo |
+| `keyway push` | Upload `.env` to vault |
+| `keyway pull` | Download secrets to `.env` |
+| `keyway sync vercel` | Deploy secrets to Vercel |
+| `keyway doctor` | Debug your setup |
-# Output as JSON (for CI/CD)
-keyway doctor --json
+<br/>
-# Strict mode (treat warnings as failures)
-keyway doctor --strict
-```
+### Push & Pull
-**Checks performed:**
-- Node.js version (≥18.0.0 required)
-- Git installation and repository status
-- API connectivity
-- File system write permissions
-- `.gitignore` configuration
-- System clock synchronization
+```bash
+# Push your local .env
+keyway push
-### `keyway logout`
+# Push to a specific environment
+keyway push --env production
-Clear stored Keyway credentials.
+# Pull secrets
+keyway pull
-```bash
-keyway logout
+# Pull from production
+keyway pull --env production
 ```
-### `keyway sync`
+<br/>
-**One command to deploy your secrets everywhere.**
+### Sync to Providers
-Sync your vault to Vercel, Netlify, and more. No more copy-pasting environment variables between dashboards.
+Deploy your secrets to Vercel, Netlify, or Railway with one command:
 ```bash
 keyway sync vercel
@@ -170,153 +129,108 @@ keyway sync netlify
 keyway sync railway
 ```
-The CLI handles everything:
-1. OAuth connection (first time only)
-2. Project auto-detection
-3. Smart diff (only updates what changed)
-Your local `.env`, Vercel, Netlify, Railway — all in sync with one command.
-## Security
-Keyway is designed to be **simple and secure** — a major upgrade from Slack or Notion, without the complexity of Hashicorp Vault or AWS Secrets Manager.
-**What we do:**
-- AES-256-GCM encryption server-side and client-side token storage
-- TLS everywhere (HTTPS enforced)
-- GitHub read-only permissions
-- No access to your code
-- Secrets stored encrypted at rest
-- No analytics on secret values (only metadata)
-- Encrypted token storage with file permissions
-**What we don't do:**
-- No zero-trust enterprise model
-- No access to your cloud infrastructure
-- No access to your production deployment keys
-For detailed security information, see [SECURITY.md](./SECURITY.md) and [keyway.sh/security](https://keyway.sh/security)
-## Who is this for?
-Keyway is perfect for:
-- Solo developers
-- Small teams
-- Side-projects
-- Early SaaS
-- Agencies managing many repos
-- Rapid prototyping
+First time: OAuth flow. After that: instant sync.
-**Not designed for:**
-- Banks
-- Governments
-- Enterprise zero-trust teams
-  *(you're looking for Vault, Doppler, or AWS Secrets Manager)*
+<br/>
-## Example Workflow
+## Real-World Workflows
+**New dev joins the team:**
 ```bash
-git clone git@github.com:acme/backend.git
-cd backend
+git clone git@github.com:acme/app.git
+cd app
 keyway pull
-# ✓ secrets pulled
-npm run dev
+npm run dev  # Ready to code
 ```
-Add a new secret:
+**Rotate an API key:**
 ```bash
-echo "STRIPE_KEY=sk_live_xxx" >> .env
+# Update .env locally, then:
 keyway push
-# ✓ 1 secret updated
+# Done. Everyone pulls the update.
 ```
-## Configuration
-### GitHub Token (alternative to login)
-If you cannot use the login flow, set a GitHub token manually:
+**Deploy to production:**
 ```bash
-# Environment variable
-export GITHUB_TOKEN=your_github_personal_access_token
-# Or via git config
-git config --global github.token your_github_personal_access_token
+keyway push --env production
+keyway sync vercel
 ```
-### API URL
+<br/>
-By default, Keyway uses the production API. To point to another API:
+## Security
-```bash
-export KEYWAY_API_URL=http://localhost:3000
-```
+Keyway is a **major upgrade from Slack** without the complexity of Vault or AWS Secrets Manager.
-### Disable Telemetry
+| Feature | Status |
+|---------|--------|
+| AES-256-GCM encryption | ✅ |
+| Encrypted at rest | ✅ |
+| TLS 1.3 everywhere | ✅ |
+| GitHub-based access control | ✅ |
+| No access to your code | ✅ |
+| SOC2 / enterprise compliance | ❌ |
-```bash
-export KEYWAY_DISABLE_TELEMETRY=1
-```
+**We never track secret values.** Only metadata (command usage, repo names).
-## Privacy & Analytics
+→ [Full security details](https://keyway.sh/security)
-**NEVER tracked:**
-- Secret names or values
-- Environment variable content
-- Access tokens
-- File contents
+<br/>
-**Only tracked:**
-- Command usage (init, push, pull)
-- Repository names (public info)
-- Error messages (sanitized)
+## Who is this for?
-## Troubleshooting
+**Perfect for:**
+- Solo devs
+- Small teams (2-20)
+- Side projects
+- Agencies
+- Early-stage startups
-### "Not in a git repository"
+**Not for:**
+- Banks, governments, enterprises needing SOC2/zero-trust
+- (Try Vault, Doppler, or AWS Secrets Manager)
-```bash
-git init
-git remote add origin git@github.com:your-org/your-repo.git
-```
+<br/>
-### "GitHub token not found"
+## Configuration
 ```bash
-keyway login
-# or
-export GITHUB_TOKEN=your_token
-```
+# Use a different API
+export KEYWAY_API_URL=https://your-api.com
-### "Vault not found"
-```bash
-keyway init
+# Disable telemetry
+export KEYWAY_DISABLE_TELEMETRY=1
 ```
-### "You do not have access to this repository"
+<br/>
-Make sure you're a collaborator or admin on the GitHub repository.
+## Troubleshooting
-## TL;DR
+| Error | Fix |
+|-------|-----|
+| "Not in a git repository" | Run `git init && git remote add origin ...` |
+| "Vault not found" | Run `keyway init` |
+| "No access to repository" | Check you're a GitHub collaborator |
-```bash
-npm i -g @keywaysh/cli
-keyway login
-keyway init
-keyway pull
-```
+Run `keyway doctor` for full diagnostics.
-No more Slack. No more outdated `.env`.
-Your team stays perfectly in sync.
+<br/>
-## Support
+## Links
-- **Issues**: [github.com/keywaysh/cli/issues](https://github.com/keywaysh/cli/issues)
-- **Email**: hello@keyway.sh
-- **Website**: [keyway.sh](https://keyway.sh)
+- **Website:** [keyway.sh](https://keyway.sh)
+- **Docs:** [docs.keyway.sh](https://docs.keyway.sh)
+- **Issues:** [GitHub Issues](https://github.com/keywaysh/cli/issues)
+- **Email:** hello@keyway.sh
+<br/>
 ## License
-MIT © Nicolas Ritouet
+MIT © [Nicolas Ritouet](https://github.com/nicolasritouet)
+---
+<div align="center">
+  <sub>Built with ☕ by <a href="https://keyway.sh">Keyway</a></sub>
+</div>

package/dist/{auth-QLPQ24HZ.js → auth-64V3RWUK.js} RENAMED Viewed

@@ -3,7 +3,7 @@ import {
   getAuthFilePath,
   getStoredAuth,
   saveAuthToken
-} from "./chunk-F4C46224.js";
+} from "./chunk-IVZM2JTT.js";
 export {
   clearAuth,
   getAuthFilePath,

package/dist/{chunk-F4C46224.js → chunk-IVZM2JTT.js} RENAMED Viewed

@@ -72,7 +72,6 @@ async function getStoredAuth() {
     }
     return auth;
   } catch {
-    console.error("Failed to decrypt stored auth, clearing...");
     clearAuth();
     return null;
   }