@orion-js/env 4.0.0-next.3 → 4.0.0-next.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.cjs +27 -10
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.js +25 -8
  4. package/dist/index.js.map +1 -1
  5. package/package.json +2 -3
package/dist/index.cjs CHANGED
@@ -70,26 +70,43 @@ var getConfig = (envPath) => {
70
70
  };
71
71
 
72
72
  // src/crypto/tweetnacl.ts
73
- var import_tweetnacl = require("tweetnacl");
74
- var import_tweetnacl_util = require("tweetnacl-util");
73
+ var import_tweetnacl_es6 = __toESM(require("tweetnacl-es6"), 1);
74
+
75
+ // src/crypto/util.ts
76
+ function validateBase64(s) {
77
+ if (!/^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/.test(s)) {
78
+ throw new TypeError("invalid encoding");
79
+ }
80
+ }
81
+ var encodeUTF8 = (arr) => {
82
+ let i;
83
+ const s = [];
84
+ for (i = 0; i < arr.length; i++) s.push(String.fromCharCode(arr[i]));
85
+ return decodeURIComponent(escape(s.join("")));
86
+ };
87
+ var decodeBase64 = (s) => {
88
+ validateBase64(s);
89
+ return new Uint8Array(Array.prototype.slice.call(Buffer.from(s, "base64"), 0));
90
+ };
91
+
92
+ // src/crypto/tweetnacl.ts
75
93
  var decrypt = (aSecretKey, bPublicKey, messageWithNonce) => {
76
- const messageWithNonceAsUint8Array = (0, import_tweetnacl_util.decodeBase64)(messageWithNonce);
77
- const nonce = messageWithNonceAsUint8Array.slice(0, import_tweetnacl.box.nonceLength);
78
- const message = messageWithNonceAsUint8Array.slice(import_tweetnacl.box.nonceLength, messageWithNonce.length);
79
- const decrypted = import_tweetnacl.box.open(message, nonce, bPublicKey, aSecretKey);
94
+ const messageWithNonceAsUint8Array = decodeBase64(messageWithNonce);
95
+ const nonce = messageWithNonceAsUint8Array.slice(0, import_tweetnacl_es6.default.box.nonceLength);
96
+ const message = messageWithNonceAsUint8Array.slice(import_tweetnacl_es6.default.box.nonceLength, messageWithNonce.length);
97
+ const decrypted = import_tweetnacl_es6.default.box.open(message, nonce, bPublicKey, aSecretKey);
80
98
  if (!decrypted) {
81
99
  throw new Error("Could not decrypt message");
82
100
  }
83
- const base64DecryptedMessage = (0, import_tweetnacl_util.encodeUTF8)(decrypted);
101
+ const base64DecryptedMessage = encodeUTF8(decrypted);
84
102
  return base64DecryptedMessage;
85
103
  };
86
104
 
87
105
  // src/crypto/index.ts
88
- var import_tweetnacl_util2 = require("tweetnacl-util");
89
106
  function decrypt2(decryptKey, encrypted) {
90
- const decryptSecretKey = (0, import_tweetnacl_util2.decodeBase64)(decryptKey);
107
+ const decryptSecretKey = decodeBase64(decryptKey);
91
108
  const [messagePubKeyHex, encryptedMessage] = encrypted.split(":");
92
- const messagePubKey = (0, import_tweetnacl_util2.decodeBase64)(messagePubKeyHex);
109
+ const messagePubKey = decodeBase64(messagePubKeyHex);
93
110
  return decrypt(decryptSecretKey, messagePubKey, encryptedMessage);
94
111
  }
95
112
 
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/index.ts","../src/cli/add/getConfig.ts","../src/files/index.ts","../src/crypto/tweetnacl.ts","../src/crypto/index.ts","../src/environment/getVariables.ts","../src/environment/getDts.ts","../src/environment/load.ts","../src/environment/index.ts","../src/internalGetEnv.ts"],"sourcesContent":["export * from './environment'\nexport * from './internalGetEnv'\n","import YAML from 'yaml'\nimport {Config} from '../../environment/getVariables'\nimport {readFile} from '../../files'\n\nexport const getConfig = (envPath: string): Config => {\n const configFile = readFile(envPath)\n\n if (!configFile) {\n throw new Error('No config file found at path ' + envPath)\n }\n\n return YAML.parse(configFile)\n}\n","import fs from 'node:fs'\nimport path from 'node:path'\n\nexport function readFile(filePath: string) {\n if (!fs.existsSync(filePath)) return null\n\n return fs.readFileSync(filePath).toString()\n}\n\nexport function writeFile(path: string, content: string) {\n ensureDirectory(path)\n fs.writeFileSync(path, content)\n}\n\nexport function ensureDirectory(filePath) {\n const dirname = path.dirname(filePath)\n if (fs.existsSync(dirname)) return true\n ensureDirectory(dirname)\n fs.mkdirSync(dirname)\n}\n","import {box, randomBytes} from 'tweetnacl'\nimport {decodeUTF8, encodeUTF8, encodeBase64, decodeBase64} from 'tweetnacl-util'\n\nconst newNonce = () => randomBytes(box.nonceLength)\nexport const generateKeyPair = () => box.keyPair()\n\nexport const encrypt = (bSecretKey: Uint8Array, aPublicKey: Uint8Array, message: string) => {\n const nonce = newNonce()\n const messageUint8 = decodeUTF8(message)\n const encrypted = box(messageUint8, nonce, aPublicKey, bSecretKey)\n\n const fullMessage = new Uint8Array(nonce.length + encrypted.length)\n fullMessage.set(nonce)\n fullMessage.set(encrypted, nonce.length)\n\n const base64FullMessage = encodeBase64(fullMessage)\n return base64FullMessage\n}\n\nexport const decrypt = (\n aSecretKey: Uint8Array,\n bPublicKey: Uint8Array,\n messageWithNonce: string\n) => {\n const messageWithNonceAsUint8Array = decodeBase64(messageWithNonce)\n const nonce = messageWithNonceAsUint8Array.slice(0, box.nonceLength)\n const message = messageWithNonceAsUint8Array.slice(box.nonceLength, messageWithNonce.length)\n\n const decrypted = box.open(message, nonce, bPublicKey, aSecretKey)\n\n if (!decrypted) {\n throw new Error('Could not decrypt message')\n }\n\n const base64DecryptedMessage = encodeUTF8(decrypted)\n return base64DecryptedMessage\n}\n","import {generateKeyPair, encrypt as tweetEncrypt, decrypt as tweetDecrypt} from './tweetnacl'\nimport {encodeBase64, decodeBase64} from 'tweetnacl-util'\n\nexport function generateKeys() {\n const {publicKey, secretKey} = generateKeyPair()\n\n const encryptKeyHex = encodeBase64(publicKey)\n const decryptKeyHex = encodeBase64(secretKey)\n\n return {\n encryptKey: encryptKeyHex,\n decryptKey: decryptKeyHex\n }\n}\n\n/**\n * Creates a temporal keypair just to encrypt one message.\n * Saves the public key in the result so that the message can be decrypted.\n */\nexport function encrypt(encryptKey: string, message: string) {\n const encryptPublicKey = decodeBase64(encryptKey)\n const tempPair = generateKeyPair()\n const encrypted = tweetEncrypt(tempPair.secretKey, encryptPublicKey, message)\n const hexTempPublic = encodeBase64(tempPair.publicKey)\n return `${hexTempPublic}:${encrypted}`\n}\n\n/**\n * Ecrypts a message using the decrypt key\n */\nexport function decrypt(decryptKey: string, encrypted: string) {\n const decryptSecretKey = decodeBase64(decryptKey)\n const [messagePubKeyHex, encryptedMessage] = encrypted.split(':')\n const messagePubKey = decodeBase64(messagePubKeyHex)\n\n return tweetDecrypt(decryptSecretKey, messagePubKey, encryptedMessage)\n}\n","import {decrypt} from '../crypto'\n\nexport interface Config {\n version: string\n publicKey: string\n cleanKeys: {\n [key: string]: string\n }\n encryptedKeys: {\n [key: string]: string\n }\n readFromSecret?: {\n [key: string]: string[]\n }\n}\n\nexport interface Variables {\n [key: string]: string\n}\n\nfunction readSecrets(readFromSecret): {variables: Variables; secretKey: string} {\n const variables: Variables = {}\n let secretKey = null\n if (!readFromSecret) return {variables, secretKey}\n for (const secretName in readFromSecret) {\n const keys = readFromSecret[secretName]\n if (!process.env[secretName]) {\n console.warn(\n `@orion/env could not find the secret \"${secretName}\" in the environment. Related variables will be undefined.`\n )\n continue\n }\n\n try {\n const values = JSON.parse(process.env[secretName])\n if (values.ORION_ENV_SECRET_KEY) {\n secretKey = values.ORION_ENV_SECRET_KEY\n }\n for (const key of keys) {\n if (values[key]) {\n variables[key] = values[key]\n } else {\n console.warn(\n `@orion/env could not find the variable \"${key}\" in the secret \"${secretName}\". Related variables will be undefined.`\n )\n }\n }\n } catch (error) {\n console.warn(\n `'@orion/env found a the secret \"${secretName}\" variable in the environment but it is not a valid JSON. Related variables will be undefined.'`\n )\n }\n }\n return {variables, secretKey: secretKey}\n} \n\nexport function getVariables(config: Config, secretKey?: string): Variables {\n const {cleanKeys, encryptedKeys, readFromSecret} = config\n const {variables, secretKey: foundSecretKey} = readSecrets(readFromSecret)\n let decryptKey = foundSecretKey || secretKey\n if (!decryptKey) {\n throw new Error(\n 'Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not defined'\n )\n }\n\n for (const key in cleanKeys) {\n const value = cleanKeys[key]\n variables[key] = value\n }\n\n for (const key in encryptedKeys) {\n const encrypted = encryptedKeys[key]\n try {\n variables[key] = decrypt(decryptKey, encrypted)\n } catch (error) {\n throw new Error(\n `Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not the right key for \"${key}\"`\n )\n }\n }\n return variables\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {readFile, writeFile} from '../files'\nimport {Config} from './getVariables'\n\nexport function getDts(config: Config) {\n const keys = [\n ...Object.keys(config.cleanKeys),\n ...Object.keys(config.encryptedKeys),\n ...Object.values(config.readFromSecret).flat()\n ]\n return `declare module '@orion-js/env' {\n export const env: {\n${keys.map(key => ` ${key}: string`).join('\\n')}\n }\n}\n`\n}\n\nexport function writeDtsFile(config: Config, path: string) {\n const currentFile = readFile(path)\n const dts = getDts(config)\n if (currentFile !== dts) {\n writeFile(path, dts)\n }\n}\n\nexport function writeDtsFileFromConfigFile(configFilePath: string, path: string) {\n const config = getConfig(configFilePath)\n writeDtsFile(config, path)\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {getVariables} from './getVariables'\n\nexport interface LoadEnvOptions {\n // Secret password used to decrypt the encrypted env file. Default: process.env.ORION_ENV_SECRET_KEY\n secretKey?: string\n // Location of the file to read. Default: process.env.ORION_ENV_FILE_PATH\n envFilePath?: string\n // Set to true to set the environment variables even if the variable was already set. Default: process.env.ORION_ENV_OVERRIDE\n override?: boolean\n}\n\nconst defaultOptions: LoadEnvOptions = {\n secretKey: process.env.ORION_ENV_SECRET_KEY,\n envFilePath: process.env.ORION_ENV_FILE_PATH,\n override: !!process.env.ORION_ENV_OVERRIDE\n}\n\nexport function loadEnv(passedOptions: LoadEnvOptions = {}) {\n const options = {...defaultOptions, ...passedOptions}\n const data = getConfig(options.envFilePath)\n const variables = getVariables(data, options.secretKey)\n\n for (const key in variables) {\n const variable = variables[key]\n\n if (!Object.prototype.hasOwnProperty.call(process.env, key)) {\n process.env[key] = variable\n } else {\n if (options.override) {\n process.env[key] = variable\n }\n\n if (options.override) {\n console.log(`\"${key}\" is already defined in \\`process.env\\` and WAS overwritten`)\n } else {\n console.log(`\"${key}\" is already defined in \\`process.env\\` and was NOT overwritten`)\n }\n }\n }\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {getVariables} from './getVariables'\nexport * from './getDts'\nexport * from './load'\n\nexport interface Variables {\n [key: string]: string\n}\n\nlet variables: Variables = {}\n\nconst g = global as any\n\nconst secretKey = process.env.ORION_ENV_SECRET_KEY\nconst envFilePath = process.env.ORION_ENV_FILE_PATH\n\nexport const readEnv = () => {\n const data = getConfig(envFilePath)\n return getVariables(data, secretKey)\n}\n\nif (g.__orion_env_final__) {\n variables = g.__orion_env_final__\n} else if (envFilePath) {\n variables = readEnv()\n}\n\ng.__orion_env_final__ = variables\n\nconst env = variables\n\nexport {env}\n","import {env} from '.'\n\nexport const internalGetEnv = (orionEnvName: string, processEnvName: string): string | null => {\n if (env[orionEnvName]) {\n return env[orionEnvName]\n }\n\n if (process.env[processEnvName]) {\n return process.env[processEnvName]\n }\n\n return null\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,kBAAiB;;;ACAjB,qBAAe;AACf,uBAAiB;AAEV,SAAS,SAAS,UAAkB;AACzC,MAAI,CAAC,eAAAA,QAAG,WAAW,QAAQ,EAAG,QAAO;AAErC,SAAO,eAAAA,QAAG,aAAa,QAAQ,EAAE,SAAS;AAC5C;AAEO,SAAS,UAAUC,OAAc,SAAiB;AACvD,kBAAgBA,KAAI;AACpB,iBAAAD,QAAG,cAAcC,OAAM,OAAO;AAChC;AAEO,SAAS,gBAAgB,UAAU;AACxC,QAAM,UAAU,iBAAAA,QAAK,QAAQ,QAAQ;AACrC,MAAI,eAAAD,QAAG,WAAW,OAAO,EAAG,QAAO;AACnC,kBAAgB,OAAO;AACvB,iBAAAA,QAAG,UAAU,OAAO;AACtB;;;ADfO,IAAM,YAAY,CAAC,YAA4B;AACpD,QAAM,aAAa,SAAS,OAAO;AAEnC,MAAI,CAAC,YAAY;AACf,UAAM,IAAI,MAAM,kCAAkC,OAAO;AAAA,EAC3D;AAEA,SAAO,YAAAE,QAAK,MAAM,UAAU;AAC9B;;;AEZA,uBAA+B;AAC/B,4BAAiE;AAkB1D,IAAM,UAAU,CACrB,YACA,YACA,qBACG;AACH,QAAM,mCAA+B,oCAAa,gBAAgB;AAClE,QAAM,QAAQ,6BAA6B,MAAM,GAAG,qBAAI,WAAW;AACnE,QAAM,UAAU,6BAA6B,MAAM,qBAAI,aAAa,iBAAiB,MAAM;AAE3F,QAAM,YAAY,qBAAI,KAAK,SAAS,OAAO,YAAY,UAAU;AAEjE,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,MAAM,2BAA2B;AAAA,EAC7C;AAEA,QAAM,6BAAyB,kCAAW,SAAS;AACnD,SAAO;AACT;;;ACnCA,IAAAC,yBAAyC;AA6BlC,SAASC,SAAQ,YAAoB,WAAmB;AAC7D,QAAM,uBAAmB,qCAAa,UAAU;AAChD,QAAM,CAAC,kBAAkB,gBAAgB,IAAI,UAAU,MAAM,GAAG;AAChE,QAAM,oBAAgB,qCAAa,gBAAgB;AAEnD,SAAO,QAAa,kBAAkB,eAAe,gBAAgB;AACvE;;;AChBA,SAAS,YAAY,gBAA2D;AAC9E,QAAMC,aAAuB,CAAC;AAC9B,MAAIC,aAAY;AAChB,MAAI,CAAC,eAAgB,QAAO,EAAC,WAAAD,YAAW,WAAAC,WAAS;AACjD,aAAW,cAAc,gBAAgB;AACvC,UAAM,OAAO,eAAe,UAAU;AACtC,QAAI,CAAC,QAAQ,IAAI,UAAU,GAAG;AAC5B,cAAQ;AAAA,QACN,yCAAyC,UAAU;AAAA,MACrD;AACA;AAAA,IACF;AAEA,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,QAAQ,IAAI,UAAU,CAAC;AACjD,UAAI,OAAO,sBAAsB;AAC/B,QAAAA,aAAY,OAAO;AAAA,MACrB;AACA,iBAAW,OAAO,MAAM;AACtB,YAAI,OAAO,GAAG,GAAG;AACf,UAAAD,WAAU,GAAG,IAAI,OAAO,GAAG;AAAA,QAC7B,OAAO;AACL,kBAAQ;AAAA,YACN,2CAA2C,GAAG,oBAAoB,UAAU;AAAA,UAC9E;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,cAAQ;AAAA,QACN,mCAAmC,UAAU;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AACA,SAAO,EAAC,WAAAA,YAAW,WAAWC,WAAS;AACzC;AAEO,SAAS,aAAa,QAAgBA,YAA+B;AAC1E,QAAM,EAAC,WAAW,eAAe,eAAc,IAAI;AACnD,QAAM,EAAC,WAAAD,YAAW,WAAW,eAAc,IAAI,YAAY,cAAc;AACzE,MAAI,aAAa,kBAAkBC;AACnC,MAAI,CAAC,YAAY;AACf,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAEA,aAAW,OAAO,WAAW;AAC3B,UAAM,QAAQ,UAAU,GAAG;AAC3B,IAAAD,WAAU,GAAG,IAAI;AAAA,EACnB;AAEA,aAAW,OAAO,eAAe;AAC/B,UAAM,YAAY,cAAc,GAAG;AACnC,QAAI;AACF,MAAAA,WAAU,GAAG,IAAIE,SAAQ,YAAY,SAAS;AAAA,IAChD,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,iGAAiG,GAAG;AAAA,MACtG;AAAA,IACF;AAAA,EACF;AACA,SAAOF;AACT;;;AC9EO,SAAS,OAAO,QAAgB;AACrC,QAAM,OAAO;AAAA,IACX,GAAG,OAAO,KAAK,OAAO,SAAS;AAAA,IAC/B,GAAG,OAAO,KAAK,OAAO,aAAa;AAAA,IACnC,GAAG,OAAO,OAAO,OAAO,cAAc,EAAE,KAAK;AAAA,EAC/C;AACA,SAAO;AAAA;AAAA,EAEP,KAAK,IAAI,SAAO,OAAO,GAAG,UAAU,EAAE,KAAK,IAAI,CAAC;AAAA;AAAA;AAAA;AAIlD;AAEO,SAAS,aAAa,QAAgBG,OAAc;AACzD,QAAM,cAAc,SAASA,KAAI;AACjC,QAAM,MAAM,OAAO,MAAM;AACzB,MAAI,gBAAgB,KAAK;AACvB,cAAUA,OAAM,GAAG;AAAA,EACrB;AACF;AAEO,SAAS,2BAA2B,gBAAwBA,OAAc;AAC/E,QAAM,SAAS,UAAU,cAAc;AACvC,eAAa,QAAQA,KAAI;AAC3B;;;ACjBA,IAAM,iBAAiC;AAAA,EACrC,WAAW,QAAQ,IAAI;AAAA,EACvB,aAAa,QAAQ,IAAI;AAAA,EACzB,UAAU,CAAC,CAAC,QAAQ,IAAI;AAC1B;AAEO,SAAS,QAAQ,gBAAgC,CAAC,GAAG;AAC1D,QAAM,UAAU,EAAC,GAAG,gBAAgB,GAAG,cAAa;AACpD,QAAM,OAAO,UAAU,QAAQ,WAAW;AAC1C,QAAMC,aAAY,aAAa,MAAM,QAAQ,SAAS;AAEtD,aAAW,OAAOA,YAAW;AAC3B,UAAM,WAAWA,WAAU,GAAG;AAE9B,QAAI,CAAC,OAAO,UAAU,eAAe,KAAK,QAAQ,KAAK,GAAG,GAAG;AAC3D,cAAQ,IAAI,GAAG,IAAI;AAAA,IACrB,OAAO;AACL,UAAI,QAAQ,UAAU;AACpB,gBAAQ,IAAI,GAAG,IAAI;AAAA,MACrB;AAEA,UAAI,QAAQ,UAAU;AACpB,gBAAQ,IAAI,IAAI,GAAG,6DAA6D;AAAA,MAClF,OAAO;AACL,gBAAQ,IAAI,IAAI,GAAG,iEAAiE;AAAA,MACtF;AAAA,IACF;AAAA,EACF;AACF;;;AC/BA,IAAI,YAAuB,CAAC;AAE5B,IAAM,IAAI;AAEV,IAAM,YAAY,QAAQ,IAAI;AAC9B,IAAM,cAAc,QAAQ,IAAI;AAEzB,IAAM,UAAU,MAAM;AAC3B,QAAM,OAAO,UAAU,WAAW;AAClC,SAAO,aAAa,MAAM,SAAS;AACrC;AAEA,IAAI,EAAE,qBAAqB;AACzB,cAAY,EAAE;AAChB,WAAW,aAAa;AACtB,cAAY,QAAQ;AACtB;AAEA,EAAE,sBAAsB;AAExB,IAAM,MAAM;;;AC3BL,IAAM,iBAAiB,CAAC,cAAsB,mBAA0C;AAC7F,MAAI,IAAI,YAAY,GAAG;AACrB,WAAO,IAAI,YAAY;AAAA,EACzB;AAEA,MAAI,QAAQ,IAAI,cAAc,GAAG;AAC/B,WAAO,QAAQ,IAAI,cAAc;AAAA,EACnC;AAEA,SAAO;AACT;","names":["fs","path","YAML","import_tweetnacl_util","decrypt","variables","secretKey","decrypt","path","variables"]}
1
+ {"version":3,"sources":["../src/index.ts","../src/cli/add/getConfig.ts","../src/files/index.ts","../src/crypto/tweetnacl.ts","../src/crypto/util.ts","../src/crypto/index.ts","../src/environment/getVariables.ts","../src/environment/getDts.ts","../src/environment/load.ts","../src/environment/index.ts","../src/internalGetEnv.ts"],"sourcesContent":["export * from './environment'\nexport * from './internalGetEnv'\n","import YAML from 'yaml'\nimport {Config} from '../../environment/getVariables'\nimport {readFile} from '../../files'\n\nexport const getConfig = (envPath: string): Config => {\n const configFile = readFile(envPath)\n\n if (!configFile) {\n throw new Error('No config file found at path ' + envPath)\n }\n\n return YAML.parse(configFile)\n}\n","import fs from 'node:fs'\nimport path from 'node:path'\n\nexport function readFile(filePath: string) {\n if (!fs.existsSync(filePath)) return null\n\n return fs.readFileSync(filePath).toString()\n}\n\nexport function writeFile(path: string, content: string) {\n ensureDirectory(path)\n fs.writeFileSync(path, content)\n}\n\nexport function ensureDirectory(filePath) {\n const dirname = path.dirname(filePath)\n if (fs.existsSync(dirname)) return true\n ensureDirectory(dirname)\n fs.mkdirSync(dirname)\n}\n","import nacl from 'tweetnacl-es6'\nimport {decodeUTF8, encodeUTF8, encodeBase64, decodeBase64} from './util'\n\nconst newNonce = () => nacl.randomBytes(nacl.box.nonceLength)\nexport const generateKeyPair = () => nacl.box.keyPair()\n\nexport const encrypt = (bSecretKey: Uint8Array, aPublicKey: Uint8Array, message: string) => {\n const nonce = newNonce()\n const messageUint8 = decodeUTF8(message)\n const encrypted = nacl.box(messageUint8, nonce, aPublicKey, bSecretKey)\n\n const fullMessage = new Uint8Array(nonce.length + encrypted.length)\n fullMessage.set(nonce)\n fullMessage.set(encrypted, nonce.length)\n\n const base64FullMessage = encodeBase64(fullMessage)\n return base64FullMessage\n}\n\nexport const decrypt = (\n aSecretKey: Uint8Array,\n bPublicKey: Uint8Array,\n messageWithNonce: string,\n) => {\n const messageWithNonceAsUint8Array = decodeBase64(messageWithNonce)\n const nonce = messageWithNonceAsUint8Array.slice(0, nacl.box.nonceLength)\n const message = messageWithNonceAsUint8Array.slice(nacl.box.nonceLength, messageWithNonce.length)\n\n const decrypted = nacl.box.open(message, nonce, bPublicKey, aSecretKey)\n\n if (!decrypted) {\n throw new Error('Could not decrypt message')\n }\n\n const base64DecryptedMessage = encodeUTF8(decrypted)\n return base64DecryptedMessage\n}\n","// Written in 2014-2016 by Dmitry Chestnykh and Devi Mandiri.\n// Public domain.\n\nimport {WithImplicitCoercion} from 'node:buffer'\n\nfunction validateBase64(s: string) {\n if (!/^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/.test(s)) {\n throw new TypeError('invalid encoding')\n }\n}\n\nexport const decodeUTF8 = (s: string | number | boolean) => {\n if (typeof s !== 'string') throw new TypeError('expected string')\n let i: number\n const d = unescape(encodeURIComponent(s))\n const b = new Uint8Array(d.length)\n for (i = 0; i < d.length; i++) b[i] = d.charCodeAt(i)\n return b\n}\n\nexport const encodeUTF8 = (arr: string | any[]) => {\n let i: number\n const s = []\n for (i = 0; i < arr.length; i++) s.push(String.fromCharCode(arr[i]))\n return decodeURIComponent(escape(s.join('')))\n}\n\nexport const encodeBase64 = (arr: Uint8Array<any>) => Buffer.from(arr).toString('base64')\n\nexport const decodeBase64 = (s: WithImplicitCoercion<string>) => {\n validateBase64(s as any)\n return new Uint8Array(Array.prototype.slice.call(Buffer.from(s, 'base64'), 0))\n}\n","import {generateKeyPair, encrypt as tweetEncrypt, decrypt as tweetDecrypt} from './tweetnacl'\nimport {encodeBase64, decodeBase64} from './util'\n\nexport function generateKeys() {\n const {publicKey, secretKey} = generateKeyPair()\n\n const encryptKeyHex = encodeBase64(publicKey)\n const decryptKeyHex = encodeBase64(secretKey)\n\n return {\n encryptKey: encryptKeyHex,\n decryptKey: decryptKeyHex,\n }\n}\n\n/**\n * Creates a temporal keypair just to encrypt one message.\n * Saves the public key in the result so that the message can be decrypted.\n */\nexport function encrypt(encryptKey: string, message: string) {\n const encryptPublicKey = decodeBase64(encryptKey)\n const tempPair = generateKeyPair()\n const encrypted = tweetEncrypt(tempPair.secretKey, encryptPublicKey, message)\n const hexTempPublic = encodeBase64(tempPair.publicKey)\n return `${hexTempPublic}:${encrypted}`\n}\n\n/**\n * Ecrypts a message using the decrypt key\n */\nexport function decrypt(decryptKey: string, encrypted: string) {\n const decryptSecretKey = decodeBase64(decryptKey)\n const [messagePubKeyHex, encryptedMessage] = encrypted.split(':')\n const messagePubKey = decodeBase64(messagePubKeyHex)\n\n return tweetDecrypt(decryptSecretKey, messagePubKey, encryptedMessage)\n}\n","import {decrypt} from '../crypto'\n\nexport interface Config {\n version: string\n publicKey: string\n cleanKeys: {\n [key: string]: string\n }\n encryptedKeys: {\n [key: string]: string\n }\n readFromSecret?: {\n [key: string]: string[]\n }\n}\n\nexport interface Variables {\n [key: string]: string\n}\n\nfunction readSecrets(readFromSecret): {variables: Variables; secretKey: string} {\n const variables: Variables = {}\n let secretKey = null\n if (!readFromSecret) return {variables, secretKey}\n for (const secretName in readFromSecret) {\n const keys = readFromSecret[secretName]\n if (!process.env[secretName]) {\n console.warn(\n `@orion/env could not find the secret \"${secretName}\" in the environment. Related variables will be undefined.`,\n )\n continue\n }\n\n try {\n const values = JSON.parse(process.env[secretName])\n if (values.ORION_ENV_SECRET_KEY) {\n secretKey = values.ORION_ENV_SECRET_KEY\n }\n for (const key of keys) {\n if (values[key]) {\n variables[key] = values[key]\n } else {\n console.warn(\n `@orion/env could not find the variable \"${key}\" in the secret \"${secretName}\". Related variables will be undefined.`,\n )\n }\n }\n } catch (error) {\n console.warn(\n `'@orion/env found a the secret \"${secretName}\" variable in the environment but it is not a valid JSON. Related variables will be undefined.'`,\n )\n }\n }\n return {variables, secretKey: secretKey}\n}\n\nexport function getVariables(config: Config, secretKey?: string): Variables {\n const {cleanKeys, encryptedKeys, readFromSecret} = config\n const {variables, secretKey: foundSecretKey} = readSecrets(readFromSecret)\n let decryptKey = foundSecretKey || secretKey\n if (!decryptKey) {\n throw new Error(\n 'Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not defined',\n )\n }\n\n for (const key in cleanKeys) {\n const value = cleanKeys[key]\n variables[key] = value\n }\n\n for (const key in encryptedKeys) {\n const encrypted = encryptedKeys[key]\n try {\n variables[key] = decrypt(decryptKey, encrypted)\n } catch (error) {\n throw new Error(\n `Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not the right key for \"${key}\"`,\n )\n }\n }\n return variables\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {readFile, writeFile} from '../files'\nimport {Config} from './getVariables'\n\nexport function getDts(config: Config) {\n const keys = [\n ...Object.keys(config.cleanKeys),\n ...Object.keys(config.encryptedKeys),\n ...Object.values(config.readFromSecret).flat(),\n ]\n return `declare module '@orion-js/env' {\n export const env: {\n${keys.map(key => ` ${key}: string`).join('\\n')}\n }\n}\n`\n}\n\nexport function writeDtsFile(config: Config, path: string) {\n const currentFile = readFile(path)\n const dts = getDts(config)\n if (currentFile !== dts) {\n writeFile(path, dts)\n }\n}\n\nexport function writeDtsFileFromConfigFile(configFilePath: string, path: string) {\n const config = getConfig(configFilePath)\n writeDtsFile(config, path)\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {getVariables} from './getVariables'\n\nexport interface LoadEnvOptions {\n // Secret password used to decrypt the encrypted env file. Default: process.env.ORION_ENV_SECRET_KEY\n secretKey?: string\n // Location of the file to read. Default: process.env.ORION_ENV_FILE_PATH\n envFilePath?: string\n // Set to true to set the environment variables even if the variable was already set. Default: process.env.ORION_ENV_OVERRIDE\n override?: boolean\n}\n\nconst defaultOptions: LoadEnvOptions = {\n secretKey: process.env.ORION_ENV_SECRET_KEY,\n envFilePath: process.env.ORION_ENV_FILE_PATH,\n override: !!process.env.ORION_ENV_OVERRIDE,\n}\n\nexport function loadEnv(passedOptions: LoadEnvOptions = {}) {\n const options = {...defaultOptions, ...passedOptions}\n const data = getConfig(options.envFilePath)\n const variables = getVariables(data, options.secretKey)\n\n for (const key in variables) {\n const variable = variables[key]\n\n if (!Object.prototype.hasOwnProperty.call(process.env, key)) {\n process.env[key] = variable\n } else {\n if (options.override) {\n process.env[key] = variable\n }\n\n if (options.override) {\n console.log(`\"${key}\" is already defined in \\`process.env\\` and WAS overwritten`)\n } else {\n console.log(`\"${key}\" is already defined in \\`process.env\\` and was NOT overwritten`)\n }\n }\n }\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {getVariables} from './getVariables'\nexport * from './getDts'\nexport * from './load'\n\nexport interface Variables {\n [key: string]: string\n}\n\nlet variables: Variables = {}\n\nconst g = global as any\n\nconst secretKey = process.env.ORION_ENV_SECRET_KEY\nconst envFilePath = process.env.ORION_ENV_FILE_PATH\n\nexport const readEnv = () => {\n const data = getConfig(envFilePath)\n return getVariables(data, secretKey)\n}\n\nif (g.__orion_env_final__) {\n variables = g.__orion_env_final__\n} else if (envFilePath) {\n variables = readEnv()\n}\n\ng.__orion_env_final__ = variables\n\nconst env = variables\n\nexport {env}\n","import {env} from '.'\n\nexport const internalGetEnv = (orionEnvName: string, processEnvName: string): string | null => {\n if (env[orionEnvName]) {\n return env[orionEnvName]\n }\n\n if (process.env[processEnvName]) {\n return process.env[processEnvName]\n }\n\n return null\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,kBAAiB;;;ACAjB,qBAAe;AACf,uBAAiB;AAEV,SAAS,SAAS,UAAkB;AACzC,MAAI,CAAC,eAAAA,QAAG,WAAW,QAAQ,EAAG,QAAO;AAErC,SAAO,eAAAA,QAAG,aAAa,QAAQ,EAAE,SAAS;AAC5C;AAEO,SAAS,UAAUC,OAAc,SAAiB;AACvD,kBAAgBA,KAAI;AACpB,iBAAAD,QAAG,cAAcC,OAAM,OAAO;AAChC;AAEO,SAAS,gBAAgB,UAAU;AACxC,QAAM,UAAU,iBAAAA,QAAK,QAAQ,QAAQ;AACrC,MAAI,eAAAD,QAAG,WAAW,OAAO,EAAG,QAAO;AACnC,kBAAgB,OAAO;AACvB,iBAAAA,QAAG,UAAU,OAAO;AACtB;;;ADfO,IAAM,YAAY,CAAC,YAA4B;AACpD,QAAM,aAAa,SAAS,OAAO;AAEnC,MAAI,CAAC,YAAY;AACf,UAAM,IAAI,MAAM,kCAAkC,OAAO;AAAA,EAC3D;AAEA,SAAO,YAAAE,QAAK,MAAM,UAAU;AAC9B;;;AEZA,2BAAiB;;;ACKjB,SAAS,eAAe,GAAW;AACjC,MAAI,CAAC,mEAAmE,KAAK,CAAC,GAAG;AAC/E,UAAM,IAAI,UAAU,kBAAkB;AAAA,EACxC;AACF;AAWO,IAAM,aAAa,CAAC,QAAwB;AACjD,MAAI;AACJ,QAAM,IAAI,CAAC;AACX,OAAK,IAAI,GAAG,IAAI,IAAI,QAAQ,IAAK,GAAE,KAAK,OAAO,aAAa,IAAI,CAAC,CAAC,CAAC;AACnE,SAAO,mBAAmB,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;AAC9C;AAIO,IAAM,eAAe,CAAC,MAAoC;AAC/D,iBAAe,CAAQ;AACvB,SAAO,IAAI,WAAW,MAAM,UAAU,MAAM,KAAK,OAAO,KAAK,GAAG,QAAQ,GAAG,CAAC,CAAC;AAC/E;;;ADbO,IAAM,UAAU,CACrB,YACA,YACA,qBACG;AACH,QAAM,+BAA+B,aAAa,gBAAgB;AAClE,QAAM,QAAQ,6BAA6B,MAAM,GAAG,qBAAAC,QAAK,IAAI,WAAW;AACxE,QAAM,UAAU,6BAA6B,MAAM,qBAAAA,QAAK,IAAI,aAAa,iBAAiB,MAAM;AAEhG,QAAM,YAAY,qBAAAA,QAAK,IAAI,KAAK,SAAS,OAAO,YAAY,UAAU;AAEtE,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,MAAM,2BAA2B;AAAA,EAC7C;AAEA,QAAM,yBAAyB,WAAW,SAAS;AACnD,SAAO;AACT;;;AENO,SAASC,SAAQ,YAAoB,WAAmB;AAC7D,QAAM,mBAAmB,aAAa,UAAU;AAChD,QAAM,CAAC,kBAAkB,gBAAgB,IAAI,UAAU,MAAM,GAAG;AAChE,QAAM,gBAAgB,aAAa,gBAAgB;AAEnD,SAAO,QAAa,kBAAkB,eAAe,gBAAgB;AACvE;;;AChBA,SAAS,YAAY,gBAA2D;AAC9E,QAAMC,aAAuB,CAAC;AAC9B,MAAIC,aAAY;AAChB,MAAI,CAAC,eAAgB,QAAO,EAAC,WAAAD,YAAW,WAAAC,WAAS;AACjD,aAAW,cAAc,gBAAgB;AACvC,UAAM,OAAO,eAAe,UAAU;AACtC,QAAI,CAAC,QAAQ,IAAI,UAAU,GAAG;AAC5B,cAAQ;AAAA,QACN,yCAAyC,UAAU;AAAA,MACrD;AACA;AAAA,IACF;AAEA,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,QAAQ,IAAI,UAAU,CAAC;AACjD,UAAI,OAAO,sBAAsB;AAC/B,QAAAA,aAAY,OAAO;AAAA,MACrB;AACA,iBAAW,OAAO,MAAM;AACtB,YAAI,OAAO,GAAG,GAAG;AACf,UAAAD,WAAU,GAAG,IAAI,OAAO,GAAG;AAAA,QAC7B,OAAO;AACL,kBAAQ;AAAA,YACN,2CAA2C,GAAG,oBAAoB,UAAU;AAAA,UAC9E;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,cAAQ;AAAA,QACN,mCAAmC,UAAU;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AACA,SAAO,EAAC,WAAAA,YAAW,WAAWC,WAAS;AACzC;AAEO,SAAS,aAAa,QAAgBA,YAA+B;AAC1E,QAAM,EAAC,WAAW,eAAe,eAAc,IAAI;AACnD,QAAM,EAAC,WAAAD,YAAW,WAAW,eAAc,IAAI,YAAY,cAAc;AACzE,MAAI,aAAa,kBAAkBC;AACnC,MAAI,CAAC,YAAY;AACf,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAEA,aAAW,OAAO,WAAW;AAC3B,UAAM,QAAQ,UAAU,GAAG;AAC3B,IAAAD,WAAU,GAAG,IAAI;AAAA,EACnB;AAEA,aAAW,OAAO,eAAe;AAC/B,UAAM,YAAY,cAAc,GAAG;AACnC,QAAI;AACF,MAAAA,WAAU,GAAG,IAAIE,SAAQ,YAAY,SAAS;AAAA,IAChD,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,iGAAiG,GAAG;AAAA,MACtG;AAAA,IACF;AAAA,EACF;AACA,SAAOF;AACT;;;AC9EO,SAAS,OAAO,QAAgB;AACrC,QAAM,OAAO;AAAA,IACX,GAAG,OAAO,KAAK,OAAO,SAAS;AAAA,IAC/B,GAAG,OAAO,KAAK,OAAO,aAAa;AAAA,IACnC,GAAG,OAAO,OAAO,OAAO,cAAc,EAAE,KAAK;AAAA,EAC/C;AACA,SAAO;AAAA;AAAA,EAEP,KAAK,IAAI,SAAO,OAAO,GAAG,UAAU,EAAE,KAAK,IAAI,CAAC;AAAA;AAAA;AAAA;AAIlD;AAEO,SAAS,aAAa,QAAgBG,OAAc;AACzD,QAAM,cAAc,SAASA,KAAI;AACjC,QAAM,MAAM,OAAO,MAAM;AACzB,MAAI,gBAAgB,KAAK;AACvB,cAAUA,OAAM,GAAG;AAAA,EACrB;AACF;AAEO,SAAS,2BAA2B,gBAAwBA,OAAc;AAC/E,QAAM,SAAS,UAAU,cAAc;AACvC,eAAa,QAAQA,KAAI;AAC3B;;;ACjBA,IAAM,iBAAiC;AAAA,EACrC,WAAW,QAAQ,IAAI;AAAA,EACvB,aAAa,QAAQ,IAAI;AAAA,EACzB,UAAU,CAAC,CAAC,QAAQ,IAAI;AAC1B;AAEO,SAAS,QAAQ,gBAAgC,CAAC,GAAG;AAC1D,QAAM,UAAU,EAAC,GAAG,gBAAgB,GAAG,cAAa;AACpD,QAAM,OAAO,UAAU,QAAQ,WAAW;AAC1C,QAAMC,aAAY,aAAa,MAAM,QAAQ,SAAS;AAEtD,aAAW,OAAOA,YAAW;AAC3B,UAAM,WAAWA,WAAU,GAAG;AAE9B,QAAI,CAAC,OAAO,UAAU,eAAe,KAAK,QAAQ,KAAK,GAAG,GAAG;AAC3D,cAAQ,IAAI,GAAG,IAAI;AAAA,IACrB,OAAO;AACL,UAAI,QAAQ,UAAU;AACpB,gBAAQ,IAAI,GAAG,IAAI;AAAA,MACrB;AAEA,UAAI,QAAQ,UAAU;AACpB,gBAAQ,IAAI,IAAI,GAAG,6DAA6D;AAAA,MAClF,OAAO;AACL,gBAAQ,IAAI,IAAI,GAAG,iEAAiE;AAAA,MACtF;AAAA,IACF;AAAA,EACF;AACF;;;AC/BA,IAAI,YAAuB,CAAC;AAE5B,IAAM,IAAI;AAEV,IAAM,YAAY,QAAQ,IAAI;AAC9B,IAAM,cAAc,QAAQ,IAAI;AAEzB,IAAM,UAAU,MAAM;AAC3B,QAAM,OAAO,UAAU,WAAW;AAClC,SAAO,aAAa,MAAM,SAAS;AACrC;AAEA,IAAI,EAAE,qBAAqB;AACzB,cAAY,EAAE;AAChB,WAAW,aAAa;AACtB,cAAY,QAAQ;AACtB;AAEA,EAAE,sBAAsB;AAExB,IAAM,MAAM;;;AC3BL,IAAM,iBAAiB,CAAC,cAAsB,mBAA0C;AAC7F,MAAI,IAAI,YAAY,GAAG;AACrB,WAAO,IAAI,YAAY;AAAA,EACzB;AAEA,MAAI,QAAQ,IAAI,cAAc,GAAG;AAC/B,WAAO,QAAQ,IAAI,cAAc;AAAA,EACnC;AAEA,SAAO;AACT;","names":["fs","path","YAML","nacl","decrypt","variables","secretKey","decrypt","path","variables"]}
package/dist/index.js CHANGED
@@ -29,13 +29,31 @@ var getConfig = (envPath) => {
29
29
  };
30
30
 
31
31
  // src/crypto/tweetnacl.ts
32
- import { box, randomBytes } from "tweetnacl";
33
- import { decodeUTF8, encodeUTF8, encodeBase64, decodeBase64 } from "tweetnacl-util";
32
+ import nacl from "tweetnacl-es6";
33
+
34
+ // src/crypto/util.ts
35
+ function validateBase64(s) {
36
+ if (!/^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/.test(s)) {
37
+ throw new TypeError("invalid encoding");
38
+ }
39
+ }
40
+ var encodeUTF8 = (arr) => {
41
+ let i;
42
+ const s = [];
43
+ for (i = 0; i < arr.length; i++) s.push(String.fromCharCode(arr[i]));
44
+ return decodeURIComponent(escape(s.join("")));
45
+ };
46
+ var decodeBase64 = (s) => {
47
+ validateBase64(s);
48
+ return new Uint8Array(Array.prototype.slice.call(Buffer.from(s, "base64"), 0));
49
+ };
50
+
51
+ // src/crypto/tweetnacl.ts
34
52
  var decrypt = (aSecretKey, bPublicKey, messageWithNonce) => {
35
53
  const messageWithNonceAsUint8Array = decodeBase64(messageWithNonce);
36
- const nonce = messageWithNonceAsUint8Array.slice(0, box.nonceLength);
37
- const message = messageWithNonceAsUint8Array.slice(box.nonceLength, messageWithNonce.length);
38
- const decrypted = box.open(message, nonce, bPublicKey, aSecretKey);
54
+ const nonce = messageWithNonceAsUint8Array.slice(0, nacl.box.nonceLength);
55
+ const message = messageWithNonceAsUint8Array.slice(nacl.box.nonceLength, messageWithNonce.length);
56
+ const decrypted = nacl.box.open(message, nonce, bPublicKey, aSecretKey);
39
57
  if (!decrypted) {
40
58
  throw new Error("Could not decrypt message");
41
59
  }
@@ -44,11 +62,10 @@ var decrypt = (aSecretKey, bPublicKey, messageWithNonce) => {
44
62
  };
45
63
 
46
64
  // src/crypto/index.ts
47
- import { encodeBase64 as encodeBase642, decodeBase64 as decodeBase642 } from "tweetnacl-util";
48
65
  function decrypt2(decryptKey, encrypted) {
49
- const decryptSecretKey = decodeBase642(decryptKey);
66
+ const decryptSecretKey = decodeBase64(decryptKey);
50
67
  const [messagePubKeyHex, encryptedMessage] = encrypted.split(":");
51
- const messagePubKey = decodeBase642(messagePubKeyHex);
68
+ const messagePubKey = decodeBase64(messagePubKeyHex);
52
69
  return decrypt(decryptSecretKey, messagePubKey, encryptedMessage);
53
70
  }
54
71
 
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/cli/add/getConfig.ts","../src/files/index.ts","../src/crypto/tweetnacl.ts","../src/crypto/index.ts","../src/environment/getVariables.ts","../src/environment/getDts.ts","../src/environment/load.ts","../src/environment/index.ts","../src/internalGetEnv.ts"],"sourcesContent":["import YAML from 'yaml'\nimport {Config} from '../../environment/getVariables'\nimport {readFile} from '../../files'\n\nexport const getConfig = (envPath: string): Config => {\n const configFile = readFile(envPath)\n\n if (!configFile) {\n throw new Error('No config file found at path ' + envPath)\n }\n\n return YAML.parse(configFile)\n}\n","import fs from 'node:fs'\nimport path from 'node:path'\n\nexport function readFile(filePath: string) {\n if (!fs.existsSync(filePath)) return null\n\n return fs.readFileSync(filePath).toString()\n}\n\nexport function writeFile(path: string, content: string) {\n ensureDirectory(path)\n fs.writeFileSync(path, content)\n}\n\nexport function ensureDirectory(filePath) {\n const dirname = path.dirname(filePath)\n if (fs.existsSync(dirname)) return true\n ensureDirectory(dirname)\n fs.mkdirSync(dirname)\n}\n","import {box, randomBytes} from 'tweetnacl'\nimport {decodeUTF8, encodeUTF8, encodeBase64, decodeBase64} from 'tweetnacl-util'\n\nconst newNonce = () => randomBytes(box.nonceLength)\nexport const generateKeyPair = () => box.keyPair()\n\nexport const encrypt = (bSecretKey: Uint8Array, aPublicKey: Uint8Array, message: string) => {\n const nonce = newNonce()\n const messageUint8 = decodeUTF8(message)\n const encrypted = box(messageUint8, nonce, aPublicKey, bSecretKey)\n\n const fullMessage = new Uint8Array(nonce.length + encrypted.length)\n fullMessage.set(nonce)\n fullMessage.set(encrypted, nonce.length)\n\n const base64FullMessage = encodeBase64(fullMessage)\n return base64FullMessage\n}\n\nexport const decrypt = (\n aSecretKey: Uint8Array,\n bPublicKey: Uint8Array,\n messageWithNonce: string\n) => {\n const messageWithNonceAsUint8Array = decodeBase64(messageWithNonce)\n const nonce = messageWithNonceAsUint8Array.slice(0, box.nonceLength)\n const message = messageWithNonceAsUint8Array.slice(box.nonceLength, messageWithNonce.length)\n\n const decrypted = box.open(message, nonce, bPublicKey, aSecretKey)\n\n if (!decrypted) {\n throw new Error('Could not decrypt message')\n }\n\n const base64DecryptedMessage = encodeUTF8(decrypted)\n return base64DecryptedMessage\n}\n","import {generateKeyPair, encrypt as tweetEncrypt, decrypt as tweetDecrypt} from './tweetnacl'\nimport {encodeBase64, decodeBase64} from 'tweetnacl-util'\n\nexport function generateKeys() {\n const {publicKey, secretKey} = generateKeyPair()\n\n const encryptKeyHex = encodeBase64(publicKey)\n const decryptKeyHex = encodeBase64(secretKey)\n\n return {\n encryptKey: encryptKeyHex,\n decryptKey: decryptKeyHex\n }\n}\n\n/**\n * Creates a temporal keypair just to encrypt one message.\n * Saves the public key in the result so that the message can be decrypted.\n */\nexport function encrypt(encryptKey: string, message: string) {\n const encryptPublicKey = decodeBase64(encryptKey)\n const tempPair = generateKeyPair()\n const encrypted = tweetEncrypt(tempPair.secretKey, encryptPublicKey, message)\n const hexTempPublic = encodeBase64(tempPair.publicKey)\n return `${hexTempPublic}:${encrypted}`\n}\n\n/**\n * Ecrypts a message using the decrypt key\n */\nexport function decrypt(decryptKey: string, encrypted: string) {\n const decryptSecretKey = decodeBase64(decryptKey)\n const [messagePubKeyHex, encryptedMessage] = encrypted.split(':')\n const messagePubKey = decodeBase64(messagePubKeyHex)\n\n return tweetDecrypt(decryptSecretKey, messagePubKey, encryptedMessage)\n}\n","import {decrypt} from '../crypto'\n\nexport interface Config {\n version: string\n publicKey: string\n cleanKeys: {\n [key: string]: string\n }\n encryptedKeys: {\n [key: string]: string\n }\n readFromSecret?: {\n [key: string]: string[]\n }\n}\n\nexport interface Variables {\n [key: string]: string\n}\n\nfunction readSecrets(readFromSecret): {variables: Variables; secretKey: string} {\n const variables: Variables = {}\n let secretKey = null\n if (!readFromSecret) return {variables, secretKey}\n for (const secretName in readFromSecret) {\n const keys = readFromSecret[secretName]\n if (!process.env[secretName]) {\n console.warn(\n `@orion/env could not find the secret \"${secretName}\" in the environment. Related variables will be undefined.`\n )\n continue\n }\n\n try {\n const values = JSON.parse(process.env[secretName])\n if (values.ORION_ENV_SECRET_KEY) {\n secretKey = values.ORION_ENV_SECRET_KEY\n }\n for (const key of keys) {\n if (values[key]) {\n variables[key] = values[key]\n } else {\n console.warn(\n `@orion/env could not find the variable \"${key}\" in the secret \"${secretName}\". Related variables will be undefined.`\n )\n }\n }\n } catch (error) {\n console.warn(\n `'@orion/env found a the secret \"${secretName}\" variable in the environment but it is not a valid JSON. Related variables will be undefined.'`\n )\n }\n }\n return {variables, secretKey: secretKey}\n} \n\nexport function getVariables(config: Config, secretKey?: string): Variables {\n const {cleanKeys, encryptedKeys, readFromSecret} = config\n const {variables, secretKey: foundSecretKey} = readSecrets(readFromSecret)\n let decryptKey = foundSecretKey || secretKey\n if (!decryptKey) {\n throw new Error(\n 'Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not defined'\n )\n }\n\n for (const key in cleanKeys) {\n const value = cleanKeys[key]\n variables[key] = value\n }\n\n for (const key in encryptedKeys) {\n const encrypted = encryptedKeys[key]\n try {\n variables[key] = decrypt(decryptKey, encrypted)\n } catch (error) {\n throw new Error(\n `Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not the right key for \"${key}\"`\n )\n }\n }\n return variables\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {readFile, writeFile} from '../files'\nimport {Config} from './getVariables'\n\nexport function getDts(config: Config) {\n const keys = [\n ...Object.keys(config.cleanKeys),\n ...Object.keys(config.encryptedKeys),\n ...Object.values(config.readFromSecret).flat()\n ]\n return `declare module '@orion-js/env' {\n export const env: {\n${keys.map(key => ` ${key}: string`).join('\\n')}\n }\n}\n`\n}\n\nexport function writeDtsFile(config: Config, path: string) {\n const currentFile = readFile(path)\n const dts = getDts(config)\n if (currentFile !== dts) {\n writeFile(path, dts)\n }\n}\n\nexport function writeDtsFileFromConfigFile(configFilePath: string, path: string) {\n const config = getConfig(configFilePath)\n writeDtsFile(config, path)\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {getVariables} from './getVariables'\n\nexport interface LoadEnvOptions {\n // Secret password used to decrypt the encrypted env file. Default: process.env.ORION_ENV_SECRET_KEY\n secretKey?: string\n // Location of the file to read. Default: process.env.ORION_ENV_FILE_PATH\n envFilePath?: string\n // Set to true to set the environment variables even if the variable was already set. Default: process.env.ORION_ENV_OVERRIDE\n override?: boolean\n}\n\nconst defaultOptions: LoadEnvOptions = {\n secretKey: process.env.ORION_ENV_SECRET_KEY,\n envFilePath: process.env.ORION_ENV_FILE_PATH,\n override: !!process.env.ORION_ENV_OVERRIDE\n}\n\nexport function loadEnv(passedOptions: LoadEnvOptions = {}) {\n const options = {...defaultOptions, ...passedOptions}\n const data = getConfig(options.envFilePath)\n const variables = getVariables(data, options.secretKey)\n\n for (const key in variables) {\n const variable = variables[key]\n\n if (!Object.prototype.hasOwnProperty.call(process.env, key)) {\n process.env[key] = variable\n } else {\n if (options.override) {\n process.env[key] = variable\n }\n\n if (options.override) {\n console.log(`\"${key}\" is already defined in \\`process.env\\` and WAS overwritten`)\n } else {\n console.log(`\"${key}\" is already defined in \\`process.env\\` and was NOT overwritten`)\n }\n }\n }\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {getVariables} from './getVariables'\nexport * from './getDts'\nexport * from './load'\n\nexport interface Variables {\n [key: string]: string\n}\n\nlet variables: Variables = {}\n\nconst g = global as any\n\nconst secretKey = process.env.ORION_ENV_SECRET_KEY\nconst envFilePath = process.env.ORION_ENV_FILE_PATH\n\nexport const readEnv = () => {\n const data = getConfig(envFilePath)\n return getVariables(data, secretKey)\n}\n\nif (g.__orion_env_final__) {\n variables = g.__orion_env_final__\n} else if (envFilePath) {\n variables = readEnv()\n}\n\ng.__orion_env_final__ = variables\n\nconst env = variables\n\nexport {env}\n","import {env} from '.'\n\nexport const internalGetEnv = (orionEnvName: string, processEnvName: string): string | null => {\n if (env[orionEnvName]) {\n return env[orionEnvName]\n }\n\n if (process.env[processEnvName]) {\n return process.env[processEnvName]\n }\n\n return null\n}\n"],"mappings":";AAAA,OAAO,UAAU;;;ACAjB,OAAO,QAAQ;AACf,OAAO,UAAU;AAEV,SAAS,SAAS,UAAkB;AACzC,MAAI,CAAC,GAAG,WAAW,QAAQ,EAAG,QAAO;AAErC,SAAO,GAAG,aAAa,QAAQ,EAAE,SAAS;AAC5C;AAEO,SAAS,UAAUA,OAAc,SAAiB;AACvD,kBAAgBA,KAAI;AACpB,KAAG,cAAcA,OAAM,OAAO;AAChC;AAEO,SAAS,gBAAgB,UAAU;AACxC,QAAM,UAAU,KAAK,QAAQ,QAAQ;AACrC,MAAI,GAAG,WAAW,OAAO,EAAG,QAAO;AACnC,kBAAgB,OAAO;AACvB,KAAG,UAAU,OAAO;AACtB;;;ADfO,IAAM,YAAY,CAAC,YAA4B;AACpD,QAAM,aAAa,SAAS,OAAO;AAEnC,MAAI,CAAC,YAAY;AACf,UAAM,IAAI,MAAM,kCAAkC,OAAO;AAAA,EAC3D;AAEA,SAAO,KAAK,MAAM,UAAU;AAC9B;;;AEZA,SAAQ,KAAK,mBAAkB;AAC/B,SAAQ,YAAY,YAAY,cAAc,oBAAmB;AAkB1D,IAAM,UAAU,CACrB,YACA,YACA,qBACG;AACH,QAAM,+BAA+B,aAAa,gBAAgB;AAClE,QAAM,QAAQ,6BAA6B,MAAM,GAAG,IAAI,WAAW;AACnE,QAAM,UAAU,6BAA6B,MAAM,IAAI,aAAa,iBAAiB,MAAM;AAE3F,QAAM,YAAY,IAAI,KAAK,SAAS,OAAO,YAAY,UAAU;AAEjE,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,MAAM,2BAA2B;AAAA,EAC7C;AAEA,QAAM,yBAAyB,WAAW,SAAS;AACnD,SAAO;AACT;;;ACnCA,SAAQ,gBAAAC,eAAc,gBAAAC,qBAAmB;AA6BlC,SAASC,SAAQ,YAAoB,WAAmB;AAC7D,QAAM,mBAAmBC,cAAa,UAAU;AAChD,QAAM,CAAC,kBAAkB,gBAAgB,IAAI,UAAU,MAAM,GAAG;AAChE,QAAM,gBAAgBA,cAAa,gBAAgB;AAEnD,SAAO,QAAa,kBAAkB,eAAe,gBAAgB;AACvE;;;AChBA,SAAS,YAAY,gBAA2D;AAC9E,QAAMC,aAAuB,CAAC;AAC9B,MAAIC,aAAY;AAChB,MAAI,CAAC,eAAgB,QAAO,EAAC,WAAAD,YAAW,WAAAC,WAAS;AACjD,aAAW,cAAc,gBAAgB;AACvC,UAAM,OAAO,eAAe,UAAU;AACtC,QAAI,CAAC,QAAQ,IAAI,UAAU,GAAG;AAC5B,cAAQ;AAAA,QACN,yCAAyC,UAAU;AAAA,MACrD;AACA;AAAA,IACF;AAEA,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,QAAQ,IAAI,UAAU,CAAC;AACjD,UAAI,OAAO,sBAAsB;AAC/B,QAAAA,aAAY,OAAO;AAAA,MACrB;AACA,iBAAW,OAAO,MAAM;AACtB,YAAI,OAAO,GAAG,GAAG;AACf,UAAAD,WAAU,GAAG,IAAI,OAAO,GAAG;AAAA,QAC7B,OAAO;AACL,kBAAQ;AAAA,YACN,2CAA2C,GAAG,oBAAoB,UAAU;AAAA,UAC9E;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,cAAQ;AAAA,QACN,mCAAmC,UAAU;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AACA,SAAO,EAAC,WAAAA,YAAW,WAAWC,WAAS;AACzC;AAEO,SAAS,aAAa,QAAgBA,YAA+B;AAC1E,QAAM,EAAC,WAAW,eAAe,eAAc,IAAI;AACnD,QAAM,EAAC,WAAAD,YAAW,WAAW,eAAc,IAAI,YAAY,cAAc;AACzE,MAAI,aAAa,kBAAkBC;AACnC,MAAI,CAAC,YAAY;AACf,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAEA,aAAW,OAAO,WAAW;AAC3B,UAAM,QAAQ,UAAU,GAAG;AAC3B,IAAAD,WAAU,GAAG,IAAI;AAAA,EACnB;AAEA,aAAW,OAAO,eAAe;AAC/B,UAAM,YAAY,cAAc,GAAG;AACnC,QAAI;AACF,MAAAA,WAAU,GAAG,IAAIE,SAAQ,YAAY,SAAS;AAAA,IAChD,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,iGAAiG,GAAG;AAAA,MACtG;AAAA,IACF;AAAA,EACF;AACA,SAAOF;AACT;;;AC9EO,SAAS,OAAO,QAAgB;AACrC,QAAM,OAAO;AAAA,IACX,GAAG,OAAO,KAAK,OAAO,SAAS;AAAA,IAC/B,GAAG,OAAO,KAAK,OAAO,aAAa;AAAA,IACnC,GAAG,OAAO,OAAO,OAAO,cAAc,EAAE,KAAK;AAAA,EAC/C;AACA,SAAO;AAAA;AAAA,EAEP,KAAK,IAAI,SAAO,OAAO,GAAG,UAAU,EAAE,KAAK,IAAI,CAAC;AAAA;AAAA;AAAA;AAIlD;AAEO,SAAS,aAAa,QAAgBG,OAAc;AACzD,QAAM,cAAc,SAASA,KAAI;AACjC,QAAM,MAAM,OAAO,MAAM;AACzB,MAAI,gBAAgB,KAAK;AACvB,cAAUA,OAAM,GAAG;AAAA,EACrB;AACF;AAEO,SAAS,2BAA2B,gBAAwBA,OAAc;AAC/E,QAAM,SAAS,UAAU,cAAc;AACvC,eAAa,QAAQA,KAAI;AAC3B;;;ACjBA,IAAM,iBAAiC;AAAA,EACrC,WAAW,QAAQ,IAAI;AAAA,EACvB,aAAa,QAAQ,IAAI;AAAA,EACzB,UAAU,CAAC,CAAC,QAAQ,IAAI;AAC1B;AAEO,SAAS,QAAQ,gBAAgC,CAAC,GAAG;AAC1D,QAAM,UAAU,EAAC,GAAG,gBAAgB,GAAG,cAAa;AACpD,QAAM,OAAO,UAAU,QAAQ,WAAW;AAC1C,QAAMC,aAAY,aAAa,MAAM,QAAQ,SAAS;AAEtD,aAAW,OAAOA,YAAW;AAC3B,UAAM,WAAWA,WAAU,GAAG;AAE9B,QAAI,CAAC,OAAO,UAAU,eAAe,KAAK,QAAQ,KAAK,GAAG,GAAG;AAC3D,cAAQ,IAAI,GAAG,IAAI;AAAA,IACrB,OAAO;AACL,UAAI,QAAQ,UAAU;AACpB,gBAAQ,IAAI,GAAG,IAAI;AAAA,MACrB;AAEA,UAAI,QAAQ,UAAU;AACpB,gBAAQ,IAAI,IAAI,GAAG,6DAA6D;AAAA,MAClF,OAAO;AACL,gBAAQ,IAAI,IAAI,GAAG,iEAAiE;AAAA,MACtF;AAAA,IACF;AAAA,EACF;AACF;;;AC/BA,IAAI,YAAuB,CAAC;AAE5B,IAAM,IAAI;AAEV,IAAM,YAAY,QAAQ,IAAI;AAC9B,IAAM,cAAc,QAAQ,IAAI;AAEzB,IAAM,UAAU,MAAM;AAC3B,QAAM,OAAO,UAAU,WAAW;AAClC,SAAO,aAAa,MAAM,SAAS;AACrC;AAEA,IAAI,EAAE,qBAAqB;AACzB,cAAY,EAAE;AAChB,WAAW,aAAa;AACtB,cAAY,QAAQ;AACtB;AAEA,EAAE,sBAAsB;AAExB,IAAM,MAAM;;;AC3BL,IAAM,iBAAiB,CAAC,cAAsB,mBAA0C;AAC7F,MAAI,IAAI,YAAY,GAAG;AACrB,WAAO,IAAI,YAAY;AAAA,EACzB;AAEA,MAAI,QAAQ,IAAI,cAAc,GAAG;AAC/B,WAAO,QAAQ,IAAI,cAAc;AAAA,EACnC;AAEA,SAAO;AACT;","names":["path","encodeBase64","decodeBase64","decrypt","decodeBase64","variables","secretKey","decrypt","path","variables"]}
1
+ {"version":3,"sources":["../src/cli/add/getConfig.ts","../src/files/index.ts","../src/crypto/tweetnacl.ts","../src/crypto/util.ts","../src/crypto/index.ts","../src/environment/getVariables.ts","../src/environment/getDts.ts","../src/environment/load.ts","../src/environment/index.ts","../src/internalGetEnv.ts"],"sourcesContent":["import YAML from 'yaml'\nimport {Config} from '../../environment/getVariables'\nimport {readFile} from '../../files'\n\nexport const getConfig = (envPath: string): Config => {\n const configFile = readFile(envPath)\n\n if (!configFile) {\n throw new Error('No config file found at path ' + envPath)\n }\n\n return YAML.parse(configFile)\n}\n","import fs from 'node:fs'\nimport path from 'node:path'\n\nexport function readFile(filePath: string) {\n if (!fs.existsSync(filePath)) return null\n\n return fs.readFileSync(filePath).toString()\n}\n\nexport function writeFile(path: string, content: string) {\n ensureDirectory(path)\n fs.writeFileSync(path, content)\n}\n\nexport function ensureDirectory(filePath) {\n const dirname = path.dirname(filePath)\n if (fs.existsSync(dirname)) return true\n ensureDirectory(dirname)\n fs.mkdirSync(dirname)\n}\n","import nacl from 'tweetnacl-es6'\nimport {decodeUTF8, encodeUTF8, encodeBase64, decodeBase64} from './util'\n\nconst newNonce = () => nacl.randomBytes(nacl.box.nonceLength)\nexport const generateKeyPair = () => nacl.box.keyPair()\n\nexport const encrypt = (bSecretKey: Uint8Array, aPublicKey: Uint8Array, message: string) => {\n const nonce = newNonce()\n const messageUint8 = decodeUTF8(message)\n const encrypted = nacl.box(messageUint8, nonce, aPublicKey, bSecretKey)\n\n const fullMessage = new Uint8Array(nonce.length + encrypted.length)\n fullMessage.set(nonce)\n fullMessage.set(encrypted, nonce.length)\n\n const base64FullMessage = encodeBase64(fullMessage)\n return base64FullMessage\n}\n\nexport const decrypt = (\n aSecretKey: Uint8Array,\n bPublicKey: Uint8Array,\n messageWithNonce: string,\n) => {\n const messageWithNonceAsUint8Array = decodeBase64(messageWithNonce)\n const nonce = messageWithNonceAsUint8Array.slice(0, nacl.box.nonceLength)\n const message = messageWithNonceAsUint8Array.slice(nacl.box.nonceLength, messageWithNonce.length)\n\n const decrypted = nacl.box.open(message, nonce, bPublicKey, aSecretKey)\n\n if (!decrypted) {\n throw new Error('Could not decrypt message')\n }\n\n const base64DecryptedMessage = encodeUTF8(decrypted)\n return base64DecryptedMessage\n}\n","// Written in 2014-2016 by Dmitry Chestnykh and Devi Mandiri.\n// Public domain.\n\nimport {WithImplicitCoercion} from 'node:buffer'\n\nfunction validateBase64(s: string) {\n if (!/^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/.test(s)) {\n throw new TypeError('invalid encoding')\n }\n}\n\nexport const decodeUTF8 = (s: string | number | boolean) => {\n if (typeof s !== 'string') throw new TypeError('expected string')\n let i: number\n const d = unescape(encodeURIComponent(s))\n const b = new Uint8Array(d.length)\n for (i = 0; i < d.length; i++) b[i] = d.charCodeAt(i)\n return b\n}\n\nexport const encodeUTF8 = (arr: string | any[]) => {\n let i: number\n const s = []\n for (i = 0; i < arr.length; i++) s.push(String.fromCharCode(arr[i]))\n return decodeURIComponent(escape(s.join('')))\n}\n\nexport const encodeBase64 = (arr: Uint8Array<any>) => Buffer.from(arr).toString('base64')\n\nexport const decodeBase64 = (s: WithImplicitCoercion<string>) => {\n validateBase64(s as any)\n return new Uint8Array(Array.prototype.slice.call(Buffer.from(s, 'base64'), 0))\n}\n","import {generateKeyPair, encrypt as tweetEncrypt, decrypt as tweetDecrypt} from './tweetnacl'\nimport {encodeBase64, decodeBase64} from './util'\n\nexport function generateKeys() {\n const {publicKey, secretKey} = generateKeyPair()\n\n const encryptKeyHex = encodeBase64(publicKey)\n const decryptKeyHex = encodeBase64(secretKey)\n\n return {\n encryptKey: encryptKeyHex,\n decryptKey: decryptKeyHex,\n }\n}\n\n/**\n * Creates a temporal keypair just to encrypt one message.\n * Saves the public key in the result so that the message can be decrypted.\n */\nexport function encrypt(encryptKey: string, message: string) {\n const encryptPublicKey = decodeBase64(encryptKey)\n const tempPair = generateKeyPair()\n const encrypted = tweetEncrypt(tempPair.secretKey, encryptPublicKey, message)\n const hexTempPublic = encodeBase64(tempPair.publicKey)\n return `${hexTempPublic}:${encrypted}`\n}\n\n/**\n * Ecrypts a message using the decrypt key\n */\nexport function decrypt(decryptKey: string, encrypted: string) {\n const decryptSecretKey = decodeBase64(decryptKey)\n const [messagePubKeyHex, encryptedMessage] = encrypted.split(':')\n const messagePubKey = decodeBase64(messagePubKeyHex)\n\n return tweetDecrypt(decryptSecretKey, messagePubKey, encryptedMessage)\n}\n","import {decrypt} from '../crypto'\n\nexport interface Config {\n version: string\n publicKey: string\n cleanKeys: {\n [key: string]: string\n }\n encryptedKeys: {\n [key: string]: string\n }\n readFromSecret?: {\n [key: string]: string[]\n }\n}\n\nexport interface Variables {\n [key: string]: string\n}\n\nfunction readSecrets(readFromSecret): {variables: Variables; secretKey: string} {\n const variables: Variables = {}\n let secretKey = null\n if (!readFromSecret) return {variables, secretKey}\n for (const secretName in readFromSecret) {\n const keys = readFromSecret[secretName]\n if (!process.env[secretName]) {\n console.warn(\n `@orion/env could not find the secret \"${secretName}\" in the environment. Related variables will be undefined.`,\n )\n continue\n }\n\n try {\n const values = JSON.parse(process.env[secretName])\n if (values.ORION_ENV_SECRET_KEY) {\n secretKey = values.ORION_ENV_SECRET_KEY\n }\n for (const key of keys) {\n if (values[key]) {\n variables[key] = values[key]\n } else {\n console.warn(\n `@orion/env could not find the variable \"${key}\" in the secret \"${secretName}\". Related variables will be undefined.`,\n )\n }\n }\n } catch (error) {\n console.warn(\n `'@orion/env found a the secret \"${secretName}\" variable in the environment but it is not a valid JSON. Related variables will be undefined.'`,\n )\n }\n }\n return {variables, secretKey: secretKey}\n}\n\nexport function getVariables(config: Config, secretKey?: string): Variables {\n const {cleanKeys, encryptedKeys, readFromSecret} = config\n const {variables, secretKey: foundSecretKey} = readSecrets(readFromSecret)\n let decryptKey = foundSecretKey || secretKey\n if (!decryptKey) {\n throw new Error(\n 'Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not defined',\n )\n }\n\n for (const key in cleanKeys) {\n const value = cleanKeys[key]\n variables[key] = value\n }\n\n for (const key in encryptedKeys) {\n const encrypted = encryptedKeys[key]\n try {\n variables[key] = decrypt(decryptKey, encrypted)\n } catch (error) {\n throw new Error(\n `Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not the right key for \"${key}\"`,\n )\n }\n }\n return variables\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {readFile, writeFile} from '../files'\nimport {Config} from './getVariables'\n\nexport function getDts(config: Config) {\n const keys = [\n ...Object.keys(config.cleanKeys),\n ...Object.keys(config.encryptedKeys),\n ...Object.values(config.readFromSecret).flat(),\n ]\n return `declare module '@orion-js/env' {\n export const env: {\n${keys.map(key => ` ${key}: string`).join('\\n')}\n }\n}\n`\n}\n\nexport function writeDtsFile(config: Config, path: string) {\n const currentFile = readFile(path)\n const dts = getDts(config)\n if (currentFile !== dts) {\n writeFile(path, dts)\n }\n}\n\nexport function writeDtsFileFromConfigFile(configFilePath: string, path: string) {\n const config = getConfig(configFilePath)\n writeDtsFile(config, path)\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {getVariables} from './getVariables'\n\nexport interface LoadEnvOptions {\n // Secret password used to decrypt the encrypted env file. Default: process.env.ORION_ENV_SECRET_KEY\n secretKey?: string\n // Location of the file to read. Default: process.env.ORION_ENV_FILE_PATH\n envFilePath?: string\n // Set to true to set the environment variables even if the variable was already set. Default: process.env.ORION_ENV_OVERRIDE\n override?: boolean\n}\n\nconst defaultOptions: LoadEnvOptions = {\n secretKey: process.env.ORION_ENV_SECRET_KEY,\n envFilePath: process.env.ORION_ENV_FILE_PATH,\n override: !!process.env.ORION_ENV_OVERRIDE,\n}\n\nexport function loadEnv(passedOptions: LoadEnvOptions = {}) {\n const options = {...defaultOptions, ...passedOptions}\n const data = getConfig(options.envFilePath)\n const variables = getVariables(data, options.secretKey)\n\n for (const key in variables) {\n const variable = variables[key]\n\n if (!Object.prototype.hasOwnProperty.call(process.env, key)) {\n process.env[key] = variable\n } else {\n if (options.override) {\n process.env[key] = variable\n }\n\n if (options.override) {\n console.log(`\"${key}\" is already defined in \\`process.env\\` and WAS overwritten`)\n } else {\n console.log(`\"${key}\" is already defined in \\`process.env\\` and was NOT overwritten`)\n }\n }\n }\n}\n","import {getConfig} from '../cli/add/getConfig'\nimport {getVariables} from './getVariables'\nexport * from './getDts'\nexport * from './load'\n\nexport interface Variables {\n [key: string]: string\n}\n\nlet variables: Variables = {}\n\nconst g = global as any\n\nconst secretKey = process.env.ORION_ENV_SECRET_KEY\nconst envFilePath = process.env.ORION_ENV_FILE_PATH\n\nexport const readEnv = () => {\n const data = getConfig(envFilePath)\n return getVariables(data, secretKey)\n}\n\nif (g.__orion_env_final__) {\n variables = g.__orion_env_final__\n} else if (envFilePath) {\n variables = readEnv()\n}\n\ng.__orion_env_final__ = variables\n\nconst env = variables\n\nexport {env}\n","import {env} from '.'\n\nexport const internalGetEnv = (orionEnvName: string, processEnvName: string): string | null => {\n if (env[orionEnvName]) {\n return env[orionEnvName]\n }\n\n if (process.env[processEnvName]) {\n return process.env[processEnvName]\n }\n\n return null\n}\n"],"mappings":";AAAA,OAAO,UAAU;;;ACAjB,OAAO,QAAQ;AACf,OAAO,UAAU;AAEV,SAAS,SAAS,UAAkB;AACzC,MAAI,CAAC,GAAG,WAAW,QAAQ,EAAG,QAAO;AAErC,SAAO,GAAG,aAAa,QAAQ,EAAE,SAAS;AAC5C;AAEO,SAAS,UAAUA,OAAc,SAAiB;AACvD,kBAAgBA,KAAI;AACpB,KAAG,cAAcA,OAAM,OAAO;AAChC;AAEO,SAAS,gBAAgB,UAAU;AACxC,QAAM,UAAU,KAAK,QAAQ,QAAQ;AACrC,MAAI,GAAG,WAAW,OAAO,EAAG,QAAO;AACnC,kBAAgB,OAAO;AACvB,KAAG,UAAU,OAAO;AACtB;;;ADfO,IAAM,YAAY,CAAC,YAA4B;AACpD,QAAM,aAAa,SAAS,OAAO;AAEnC,MAAI,CAAC,YAAY;AACf,UAAM,IAAI,MAAM,kCAAkC,OAAO;AAAA,EAC3D;AAEA,SAAO,KAAK,MAAM,UAAU;AAC9B;;;AEZA,OAAO,UAAU;;;ACKjB,SAAS,eAAe,GAAW;AACjC,MAAI,CAAC,mEAAmE,KAAK,CAAC,GAAG;AAC/E,UAAM,IAAI,UAAU,kBAAkB;AAAA,EACxC;AACF;AAWO,IAAM,aAAa,CAAC,QAAwB;AACjD,MAAI;AACJ,QAAM,IAAI,CAAC;AACX,OAAK,IAAI,GAAG,IAAI,IAAI,QAAQ,IAAK,GAAE,KAAK,OAAO,aAAa,IAAI,CAAC,CAAC,CAAC;AACnE,SAAO,mBAAmB,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;AAC9C;AAIO,IAAM,eAAe,CAAC,MAAoC;AAC/D,iBAAe,CAAQ;AACvB,SAAO,IAAI,WAAW,MAAM,UAAU,MAAM,KAAK,OAAO,KAAK,GAAG,QAAQ,GAAG,CAAC,CAAC;AAC/E;;;ADbO,IAAM,UAAU,CACrB,YACA,YACA,qBACG;AACH,QAAM,+BAA+B,aAAa,gBAAgB;AAClE,QAAM,QAAQ,6BAA6B,MAAM,GAAG,KAAK,IAAI,WAAW;AACxE,QAAM,UAAU,6BAA6B,MAAM,KAAK,IAAI,aAAa,iBAAiB,MAAM;AAEhG,QAAM,YAAY,KAAK,IAAI,KAAK,SAAS,OAAO,YAAY,UAAU;AAEtE,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,MAAM,2BAA2B;AAAA,EAC7C;AAEA,QAAM,yBAAyB,WAAW,SAAS;AACnD,SAAO;AACT;;;AENO,SAASC,SAAQ,YAAoB,WAAmB;AAC7D,QAAM,mBAAmB,aAAa,UAAU;AAChD,QAAM,CAAC,kBAAkB,gBAAgB,IAAI,UAAU,MAAM,GAAG;AAChE,QAAM,gBAAgB,aAAa,gBAAgB;AAEnD,SAAO,QAAa,kBAAkB,eAAe,gBAAgB;AACvE;;;AChBA,SAAS,YAAY,gBAA2D;AAC9E,QAAMC,aAAuB,CAAC;AAC9B,MAAIC,aAAY;AAChB,MAAI,CAAC,eAAgB,QAAO,EAAC,WAAAD,YAAW,WAAAC,WAAS;AACjD,aAAW,cAAc,gBAAgB;AACvC,UAAM,OAAO,eAAe,UAAU;AACtC,QAAI,CAAC,QAAQ,IAAI,UAAU,GAAG;AAC5B,cAAQ;AAAA,QACN,yCAAyC,UAAU;AAAA,MACrD;AACA;AAAA,IACF;AAEA,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,QAAQ,IAAI,UAAU,CAAC;AACjD,UAAI,OAAO,sBAAsB;AAC/B,QAAAA,aAAY,OAAO;AAAA,MACrB;AACA,iBAAW,OAAO,MAAM;AACtB,YAAI,OAAO,GAAG,GAAG;AACf,UAAAD,WAAU,GAAG,IAAI,OAAO,GAAG;AAAA,QAC7B,OAAO;AACL,kBAAQ;AAAA,YACN,2CAA2C,GAAG,oBAAoB,UAAU;AAAA,UAC9E;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,cAAQ;AAAA,QACN,mCAAmC,UAAU;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AACA,SAAO,EAAC,WAAAA,YAAW,WAAWC,WAAS;AACzC;AAEO,SAAS,aAAa,QAAgBA,YAA+B;AAC1E,QAAM,EAAC,WAAW,eAAe,eAAc,IAAI;AACnD,QAAM,EAAC,WAAAD,YAAW,WAAW,eAAc,IAAI,YAAY,cAAc;AACzE,MAAI,aAAa,kBAAkBC;AACnC,MAAI,CAAC,YAAY;AACf,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAEA,aAAW,OAAO,WAAW;AAC3B,UAAM,QAAQ,UAAU,GAAG;AAC3B,IAAAD,WAAU,GAAG,IAAI;AAAA,EACnB;AAEA,aAAW,OAAO,eAAe;AAC/B,UAAM,YAAY,cAAc,GAAG;AACnC,QAAI;AACF,MAAAA,WAAU,GAAG,IAAIE,SAAQ,YAAY,SAAS;AAAA,IAChD,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,iGAAiG,GAAG;AAAA,MACtG;AAAA,IACF;AAAA,EACF;AACA,SAAOF;AACT;;;AC9EO,SAAS,OAAO,QAAgB;AACrC,QAAM,OAAO;AAAA,IACX,GAAG,OAAO,KAAK,OAAO,SAAS;AAAA,IAC/B,GAAG,OAAO,KAAK,OAAO,aAAa;AAAA,IACnC,GAAG,OAAO,OAAO,OAAO,cAAc,EAAE,KAAK;AAAA,EAC/C;AACA,SAAO;AAAA;AAAA,EAEP,KAAK,IAAI,SAAO,OAAO,GAAG,UAAU,EAAE,KAAK,IAAI,CAAC;AAAA;AAAA;AAAA;AAIlD;AAEO,SAAS,aAAa,QAAgBG,OAAc;AACzD,QAAM,cAAc,SAASA,KAAI;AACjC,QAAM,MAAM,OAAO,MAAM;AACzB,MAAI,gBAAgB,KAAK;AACvB,cAAUA,OAAM,GAAG;AAAA,EACrB;AACF;AAEO,SAAS,2BAA2B,gBAAwBA,OAAc;AAC/E,QAAM,SAAS,UAAU,cAAc;AACvC,eAAa,QAAQA,KAAI;AAC3B;;;ACjBA,IAAM,iBAAiC;AAAA,EACrC,WAAW,QAAQ,IAAI;AAAA,EACvB,aAAa,QAAQ,IAAI;AAAA,EACzB,UAAU,CAAC,CAAC,QAAQ,IAAI;AAC1B;AAEO,SAAS,QAAQ,gBAAgC,CAAC,GAAG;AAC1D,QAAM,UAAU,EAAC,GAAG,gBAAgB,GAAG,cAAa;AACpD,QAAM,OAAO,UAAU,QAAQ,WAAW;AAC1C,QAAMC,aAAY,aAAa,MAAM,QAAQ,SAAS;AAEtD,aAAW,OAAOA,YAAW;AAC3B,UAAM,WAAWA,WAAU,GAAG;AAE9B,QAAI,CAAC,OAAO,UAAU,eAAe,KAAK,QAAQ,KAAK,GAAG,GAAG;AAC3D,cAAQ,IAAI,GAAG,IAAI;AAAA,IACrB,OAAO;AACL,UAAI,QAAQ,UAAU;AACpB,gBAAQ,IAAI,GAAG,IAAI;AAAA,MACrB;AAEA,UAAI,QAAQ,UAAU;AACpB,gBAAQ,IAAI,IAAI,GAAG,6DAA6D;AAAA,MAClF,OAAO;AACL,gBAAQ,IAAI,IAAI,GAAG,iEAAiE;AAAA,MACtF;AAAA,IACF;AAAA,EACF;AACF;;;AC/BA,IAAI,YAAuB,CAAC;AAE5B,IAAM,IAAI;AAEV,IAAM,YAAY,QAAQ,IAAI;AAC9B,IAAM,cAAc,QAAQ,IAAI;AAEzB,IAAM,UAAU,MAAM;AAC3B,QAAM,OAAO,UAAU,WAAW;AAClC,SAAO,aAAa,MAAM,SAAS;AACrC;AAEA,IAAI,EAAE,qBAAqB;AACzB,cAAY,EAAE;AAChB,WAAW,aAAa;AACtB,cAAY,QAAQ;AACtB;AAEA,EAAE,sBAAsB;AAExB,IAAM,MAAM;;;AC3BL,IAAM,iBAAiB,CAAC,cAAsB,mBAA0C;AAC7F,MAAI,IAAI,YAAY,GAAG;AACrB,WAAO,IAAI,YAAY;AAAA,EACzB;AAEA,MAAI,QAAQ,IAAI,cAAc,GAAG;AAC/B,WAAO,QAAQ,IAAI,cAAc;AAAA,EACnC;AAEA,SAAO;AACT;","names":["path","decrypt","variables","secretKey","decrypt","path","variables"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@orion-js/env",
3
- "version": "4.0.0-next.3",
3
+ "version": "4.0.0-next.5",
4
4
  "main": "./dist/index.cjs",
5
5
  "author": "nicolaslopezj",
6
6
  "license": "MIT",
@@ -11,8 +11,7 @@
11
11
  "colors": "^1.4.0",
12
12
  "commander": "^9.5.0",
13
13
  "prompts": "^2.4.2",
14
- "tweetnacl": "^1.0.3",
15
- "tweetnacl-util": "0.15.1",
14
+ "tweetnacl-es6": "^1.0.3",
16
15
  "yaml": "^2.7.0"
17
16
  },
18
17
  "devDependencies": {