@qui-cli/env-1password 1.2.2 → 1.2.4

package/CHANGELOG.md

@@ -2,6 +2,21 @@
 
 All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
 
+## [1.2.4](https://github.com/battis/qui-cli/compare/env-1password/1.2.3...env-1password/1.2.4) (2025-12-26)
+
+
+### Bug Fixes
+
+* no longer logging service account token ([4303652](https://github.com/battis/qui-cli/commit/4303652a0ddbd6bf323dd548f07fd99bc95b2cc4))
+* update color-coding to current standards ([2fccf74](https://github.com/battis/qui-cli/commit/2fccf7433f729020022b7df85578e05576b47958))
+
+## [1.2.3](https://github.com/battis/qui-cli/compare/env-1password/1.2.2...env-1password/1.2.3) (2025-12-24)
+
+
+### Bug Fixes
+
+* handle inconsistencies of 1password-sdk sectionIds more gracefully ([bfa2be1](https://github.com/battis/qui-cli/commit/bfa2be1750da265676b31f7162f24e7d75a31502))
+
 ## [1.2.2](https://github.com/battis/qui-cli/compare/env-1password/1.2.1...env-1password/1.2.2) (2025-12-24)
 
 

package/README.md

@@ -38,7 +38,7 @@ This package integrates with [@1password/sdk](https://www.npmjs.com/package/@1pa
 3. Update environment variables to be [secret references](https://developer.1password.com/docs/cli/secret-references)
 4. Run!
 
-See [dev-1password-env](https://github.com/battis/qui-cli/tree/main/examples/dev-1password-env#readme) for an example using the 1Password implementation of this package.
+See [dev-env-1password](https://github.com/battis/qui-cli/tree/main/examples/dev-env-1password#readme) for an example using the 1Password implementation of this package.
 
 ## Configuration
 

package/dist/1Password.js

@@ -19,7 +19,8 @@ export async function configure(proposal = {}) {
     if (config.opItem && !config.opToken) {
         const silent = Shell.isSilent();
         const showCommands = Shell.commandsShown();
-        Shell.configure({ silent: true, showCommands: false });
+        const logging = Shell.isLogging();
+        Shell.configure({ silent: true, showCommands: false, logging: true });
         const { stdout, stderr } = Shell.exec(`op item get ${config.opAccount ? `--account "${config.opAccount}" ` : ''}--reveal --fields credential "${config.opItem}"`);
         if (stdout.length) {
             config.opToken = stdout.trim();
@@ -28,7 +29,7 @@ export async function configure(proposal = {}) {
             Log.fatal(stderr);
             process.exit(1);
         }
-        Shell.configure({ silent, showCommands });
+        Shell.configure({ silent, showCommands, logging });
     }
     if (config.opToken) {
         const pkg = await importLocal(path.join(import.meta.dirname, '../package.json'));
@@ -56,7 +57,7 @@ export function options() {
                 text: 'Store 1Password secret references in your environment, rather than the actual secrets.'
             },
             {
-                text: `If 1Password secret references are stored in the environment, a 1Password service account token is required to access the secret values, which will be loaded into ${Colors.value('process.env')}. The service account token can be passed directly as the ${Colors.optionArg('--opToken')} argument (e.g. ${Colors.command(`${Colors.keyword('example')} --opToken "$(${Colors.keyword('op')} item get myToken)"`)}) or, if the 1Password CLI tool is also installed, by simply passing the name or ID of the API Credential in your 1Password vault that holds the service account token (e.g. ${Colors.command(`${Colors.keyword('example')} --opItem myToken`)}). If you are signed into multiple 1Password account, use the ${Colors.optionArg('--opAccount')} argument to specify the account containing the token.`
+                text: `If 1Password secret references are stored in the environment, a 1Password service account token is required to access the secret values, which will be loaded into ${Colors.varName('process.env')}. The service account token can be passed directly as the ${Colors.optionArg('--opToken')} argument (e.g. ${Colors.command(`example --opToken "$(${Colors.keyword('op')} item get myToken)"`, Colors.keyword)}) or, if the 1Password CLI tool is also installed, by simply passing the name or ID of the API Credential in your 1Password vault that holds the service account token (e.g. ${Colors.command(`example --opItem myToken`, Colors.keyword)}). If you are signed into multiple 1Password account, use the ${Colors.optionArg('--opAccount')} argument to specify the account containing the token.`
             },
             { text: Colors.url('https://developer.1password.com/docs/cli') }
         ],
@@ -67,7 +68,7 @@ export function options() {
                 default: config.opAccount
             },
             opItem: {
-                description: `Name or ID of the 1Password API Credential item storing the 1Password service account token; will use environmen variable ${Colors.varName('OP_ITEM')} if present`,
+                description: `Name or ID of the 1Password API Credential item storing the 1Password service account token; will use environment variable ${Colors.varName('OP_ITEM')} if present`,
                 hint: '1Password unique identifier',
                 default: config.opItem
             },
@@ -100,6 +101,8 @@ function isSecretReference(value) {
 function secretReferences(parsed) {
     return Object.fromEntries(Object.entries(parsed).filter((entry) => isSecretReference(entry[1])));
 }
+// FIXME parse is not loading 1Password secrets into process.env
+// Issue URL: https://github.com/battis/qui-cli/issues/81
 export async function parse(file) {
     const parsed = await Env.parse(file);
     if (client) {
@@ -120,8 +123,14 @@ export async function exists({ key, file }) {
     return Env.exists({ key, file });
 }
 function secretFrom(secretReference) {
-    const [, vault, item, , section, field] = secretReference.match(/^op:\/\/([^/]+)\/([^/]+)\/(([^/]+)\/)?([^/]+)$/) ||
-        [];
+    // eslint-disable-next-line prefer-const
+    let [vault, item, section, field] = secretReference
+        .replace(/^op:\/\//, '')
+        .split('/');
+    if (field === undefined) {
+        field = section;
+        section = '';
+    }
     return { vault, item, section, field };
 }
 async function itemFrom(secret) {
@@ -153,7 +162,8 @@ export async function set({ key, value, file, ...rest }) {
                     fields: item.fields.map((field) => {
                         const section = item.sections.find((s) => s.id === field.sectionId);
                         if (secret.field === field.title || secret.field === field.id) {
-                            if ((!secret.section && field.sectionId === 'add more') ||
+                            if ((!secret.section &&
+                                (field.sectionId === '' || field.sectionId === 'add more')) ||
                                 secret.section === section?.title ||
                                 secret.section === section?.id) {
                                 return { ...field, value };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qui-cli/env-1password",
-  "version": "1.2.2",
+  "version": "1.2.4",
   "description": "@qui-cli Plugin: Standardized environment configuration",
   "homepage": "https://github.com/battis/qui-cli/tree/main/packages/env-1password#readme",
   "repository": {
@@ -28,12 +28,12 @@
     "del-cli": "^6.0.0",
     "npm-run-all": "^4.1.5",
     "typescript": "^5.9.3",
-    "@qui-cli/colors": "3.1.1",
-    "@qui-cli/env": "5.0.2",
     "@qui-cli/log": "4.0.1",
+    "@qui-cli/colors": "3.2.0",
+    "@qui-cli/env": "5.0.2",
     "@qui-cli/plugin": "4.0.0",
-    "@qui-cli/shell": "3.0.3",
-    "@qui-cli/root": "3.0.4"
+    "@qui-cli/root": "3.0.4",
+    "@qui-cli/shell": "3.1.0"
   },
   "peerDependencies": {
     "@qui-cli/env": "5.x",