npm - @rowlabs/ev - Versions diffs - 0.4.4 → 0.5.0 - Mend

@rowlabs/ev 0.4.4 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +394 -18
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -6708,7 +6708,7 @@ async function getDecryptedProjectKey(projectId) {
 async function resolveEnvironmentId(projectId, appName, envName) {
   const client = await createApiClient();
   const project = await client.getProject(projectId);
-  let app = appName ? project.apps.find((a2) => a2.name === appName) : project.apps.find((a2) => a2.name === "default") ?? project.apps[0];
+  let app = appName ? project.apps.find((a2) => a2.name.toLowerCase() === appName.toLowerCase()) : project.apps.find((a2) => a2.name === "default") ?? project.apps[0];
   if (!app && appName) {
     app = await client.createApp(projectId, appName);
   }
@@ -6717,7 +6717,7 @@ async function resolveEnvironmentId(projectId, appName, envName) {
     process.exit(1);
   }
   const envs = await client.listEnvironments(app.id);
-  let env = envs.find((e) => e.name === envName);
+  let env = envs.find((e) => e.name.toLowerCase() === envName.toLowerCase());
   if (!env) {
     env = await client.createEnvironment(app.id, envName);
   }
@@ -6735,7 +6735,7 @@ var init_auth = __esm({
 // src/index.ts
 init_dist();
-import { Command as Command20 } from "commander";
+import { Command as Command22 } from "commander";
 // src/commands/login.ts
 init_dist();
@@ -7573,7 +7573,7 @@ envCommand.command("create <name>").description("Create a new environment").acti
     async ({ context, spinner }) => {
       const client = await createApiClient();
       const project = await client.getProject(context.project);
-      const app = context.app ? project.apps.find((a2) => a2.name === context.app) : project.apps.find((a2) => a2.name === "default") ?? project.apps[0];
+      const app = context.app ? project.apps.find((a2) => a2.name.toLowerCase() === context.app.toLowerCase()) : project.apps.find((a2) => a2.name === "default") ?? project.apps[0];
       if (!app) {
         spinner.fail(chalk10.red("App not found"));
         process.exit(1);
@@ -7605,13 +7605,13 @@ envCommand.command("delete <name>").description("Delete an environment").action(
     async ({ context, spinner }) => {
       const client = await createApiClient();
       const project = await client.getProject(context.project);
-      const app = context.app ? project.apps.find((a2) => a2.name === context.app) : project.apps.find((a2) => a2.name === "default") ?? project.apps[0];
+      const app = context.app ? project.apps.find((a2) => a2.name.toLowerCase() === context.app.toLowerCase()) : project.apps.find((a2) => a2.name === "default") ?? project.apps[0];
       if (!app) {
         spinner.fail(chalk10.red("App not found"));
         process.exit(1);
       }
       const envs = await client.listEnvironments(app.id);
-      const env = envs.find((e) => e.name === name);
+      const env = envs.find((e) => e.name.toLowerCase() === name.toLowerCase());
       if (!env) {
         spinner.fail(chalk10.red(`Environment "${name}" not found`));
         process.exit(1);
@@ -7957,7 +7957,9 @@ async function getSecretValue(projectId, appName, envName, key, isEvBackend, bac
   const envId = await resolveEnvironmentId(projectId, appName, envName);
   const client = await createApiClient(backendConfig);
   const response = await client.pullSecrets(envId);
-  const secret = response.secrets.find((s2) => s2.key === key);
+  const secret = response.secrets.find(
+    (s2) => s2.key.toLowerCase() === key.toLowerCase()
+  );
   if (!secret) return null;
   if (isEvBackend) {
     const projectKey = await getDecryptedProjectKey(projectId);
@@ -8640,12 +8642,16 @@ var completionsCommand = new Command16("completions").description("Generate shel
 });
 // src/commands/scan.ts
-init_dist();
 init_api_client();
 init_config();
 import { Command as Command17 } from "commander";
 import chalk19 from "chalk";
 import ora11 from "ora";
+import { stat as stat2 } from "fs/promises";
+import { join as join9 } from "path";
+// src/lib/scanner.ts
+init_dist();
 import { readdir, readFile as readFile6, stat } from "fs/promises";
 import { existsSync as existsSync6 } from "fs";
 import { join as join8, extname } from "path";
@@ -8750,6 +8756,8 @@ async function getLocalEnvKeys(dir, configEnvFiles) {
   }
   return keys;
 }
+// src/commands/scan.ts
 function printTable(label, refs, envData, repoRoot, showFiles, localKeys) {
   const varNames = [...refs.keys()].sort();
   if (varNames.length === 0) return 0;
@@ -8829,15 +8837,15 @@ var scanCommand = new Command17("scan").description("Scan codebase for env var r
       let totalMissing = 0;
       let totalVars = 0;
       for (const [appName, appConfig] of Object.entries(config.apps)) {
-        const appDir = join8(repoRoot, appConfig.path);
+        const appDir = join9(repoRoot, appConfig.path);
         try {
-          await stat(appDir);
+          await stat2(appDir);
         } catch {
           continue;
         }
         const refs = await scanDir(appDir);
         if (refs.size === 0) continue;
-        const serverApp = project.apps.find((a2) => a2.name === appName);
+        const serverApp = project.apps.find((a2) => a2.name.toLowerCase() === appName.toLowerCase());
         let envData;
         if (serverApp) {
           envData = [];
@@ -8883,7 +8891,7 @@ var scanCommand = new Command17("scan").description("Scan codebase for env var r
       }
       console.log();
     } else {
-      const scanRoot = context.app && config.apps?.[context.app] ? join8(repoRoot, config.apps[context.app].path) : cwd;
+      const scanRoot = context.app && config.apps?.[context.app] ? join9(repoRoot, config.apps[context.app].path) : cwd;
       const refs = await scanDir(scanRoot);
       if (refs.size === 0) {
         spinner.succeed(
@@ -8932,7 +8940,7 @@ var updateCommand = new Command18("update").description("Update ev to the latest
   const spinner = ora12("Checking for updates...").start();
   try {
     const latest = execSync2("npm view @rowlabs/ev version", { encoding: "utf-8" }).trim();
-    const current = "0.4.4";
+    const current = "0.5.0";
     if (current === latest) {
       spinner.succeed(chalk20.green(`Already on the latest version (${current})`));
       return;
@@ -8965,13 +8973,15 @@ var deleteCommand = new Command19("delete").description("Delete an app or enviro
     const project = await client.getProject(context.project);
     if (target.includes(":")) {
       const [appName, envName] = target.split(":");
-      const app = project.apps.find((a2) => a2.name === appName);
+      const app = project.apps.find(
+        (a2) => a2.name.toLowerCase() === appName.toLowerCase()
+      );
       if (!app) {
         console.error(chalk21.red(`App "${appName}" not found`));
         process.exit(1);
       }
       const envs = await client.listEnvironments(app.id);
-      const env = envs.find((e) => e.name === envName);
+      const env = envs.find((e) => e.name.toLowerCase() === envName.toLowerCase());
       if (!env) {
         console.error(chalk21.red(`Environment "${envName}" not found in app "${appName}"`));
         process.exit(1);
@@ -8988,7 +8998,9 @@ var deleteCommand = new Command19("delete").description("Delete an app or enviro
       spinner.succeed(chalk21.green(`Deleted environment "${appName}:${envName}"`));
     } else {
       const appName = target;
-      const app = project.apps.find((a2) => a2.name === appName);
+      const app = project.apps.find(
+        (a2) => a2.name.toLowerCase() === appName.toLowerCase()
+      );
       if (!app) {
         console.error(chalk21.red(`App "${appName}" not found`));
         process.exit(1);
@@ -9023,9 +9035,371 @@ function prompt2(question) {
   });
 }
+// src/commands/audit.ts
+init_api_client();
+init_config();
+import { Command as Command20 } from "commander";
+import chalk22 from "chalk";
+import ora14 from "ora";
+import { stat as stat3 } from "fs/promises";
+import { join as join10 } from "path";
+var isTTY = process.stdout.isTTY && !process.env.NO_COLOR;
+function stripAnsi(str) {
+  return str.replace(/\x1B\[[0-9;]*m/g, "");
+}
+function log(msg) {
+  console.log(isTTY ? msg : stripAnsi(msg));
+}
+async function auditApp(appName, envName, scanPath, projectId) {
+  const client = await createApiClient();
+  const project = await client.getProject(projectId);
+  const serverApp = project.apps.find((a2) => a2.name.toLowerCase() === appName.toLowerCase());
+  if (!serverApp) {
+    log(isTTY ? chalk22.red(`  App "${appName}" not found on server`) : `ERROR: App "${appName}" not found on server`);
+    process.exit(1);
+  }
+  const envs = await client.listEnvironments(serverApp.id);
+  const serverEnv = envs.find((e) => e.name.toLowerCase() === envName.toLowerCase());
+  if (!serverEnv) {
+    log(isTTY ? chalk22.red(`  Environment "${envName}" not found for app "${appName}"`) : `ERROR: Environment "${envName}" not found for app "${appName}"`);
+    process.exit(1);
+  }
+  const response = await client.pullSecrets(serverEnv.id);
+  const remoteKeys = new Set(response.secrets.map((s2) => s2.key));
+  const refs = await scanDir(scanPath);
+  const referencedVars = [...refs.keys()];
+  const missingVars = referencedVars.filter((v2) => !remoteKeys.has(v2));
+  return {
+    label: `${appName}:${envName}`,
+    total: referencedVars.length,
+    missing: missingVars
+  };
+}
+function printResult(result) {
+  if (result.missing.length === 0) {
+    const msg = `  ${result.label} \u2014 ${result.total} variable${result.total === 1 ? "" : "s"}, all present \u2714`;
+    log(isTTY ? chalk22.green(msg) : msg);
+  } else {
+    const header = `  ${result.label} \u2014 ${result.missing.length} missing`;
+    log(isTTY ? chalk22.yellow(header) : header);
+    log("");
+    for (const v2 of result.missing) {
+      log(isTTY ? `  ${chalk22.red(v2)}` : `  ${v2}`);
+    }
+  }
+}
+var auditCommand = new Command20("audit").description("Check that all env vars referenced in code exist in a remote environment").argument("[target]", "Target environment name (defaults to defaultEnv from ev.yaml)").action(async (target) => {
+  const spinner = isTTY ? ora14("Resolving context...").start() : null;
+  try {
+    const resolved = await resolveCurrentContext(target);
+    if (!resolved) {
+      if (spinner) spinner.fail(chalk22.red("No ev.yaml found. Run `ev init` first."));
+      else log("ERROR: No ev.yaml found. Run `ev init` first.");
+      process.exit(1);
+    }
+    const { context, repoRoot } = resolved;
+    const envName = target ?? context.env;
+    const config = await loadEvConfig(process.cwd());
+    if (!config) {
+      if (spinner) spinner.fail(chalk22.red("Could not load ev.yaml"));
+      else log("ERROR: Could not load ev.yaml");
+      process.exit(1);
+    }
+    const cwd = process.cwd();
+    const isAtRoot = cwd === repoRoot;
+    const hasApps = config.apps && Object.keys(config.apps).length > 0;
+    const results = [];
+    if (isAtRoot && hasApps) {
+      if (spinner) spinner.text = "Auditing all apps...";
+      for (const [appName, appConfig] of Object.entries(config.apps)) {
+        const appDir = join10(repoRoot, appConfig.path);
+        try {
+          await stat3(appDir);
+        } catch {
+          continue;
+        }
+        if (spinner) spinner.text = `Auditing ${appName}:${envName}...`;
+        const result = await auditApp(appName, envName, appDir, context.project);
+        results.push(result);
+      }
+    } else {
+      const appName = context.app ?? "default";
+      const scanPath = context.app && config.apps?.[context.app] ? join10(repoRoot, config.apps[context.app].path) : cwd;
+      if (spinner) spinner.text = `Auditing ${appName}:${envName}...`;
+      const result = await auditApp(appName, envName, scanPath, context.project);
+      results.push(result);
+    }
+    if (spinner) spinner.stop();
+    const totalVars = results.reduce((sum, r2) => sum + r2.total, 0);
+    if (totalVars === 0) {
+      log(isTTY ? chalk22.green("  No environment variable references found in code.") : "No environment variable references found in code.");
+      process.exit(0);
+    }
+    log("");
+    for (const result of results) {
+      printResult(result);
+      log("");
+    }
+    const anyMissing = results.some((r2) => r2.missing.length > 0);
+    if (anyMissing) {
+      log(isTTY ? chalk22.red("  \u2717 Audit failed") : "FAIL");
+      process.exit(1);
+    } else {
+      process.exit(0);
+    }
+  } catch (err) {
+    if (spinner) spinner.fail(chalk22.red(`Audit failed: ${err.message}`));
+    else log(`ERROR: Audit failed: ${err.message}`);
+    process.exit(1);
+  }
+});
+// src/commands/clean.ts
+init_dist();
+init_api_client();
+init_config();
+init_auth();
+import { Command as Command21 } from "commander";
+import chalk23 from "chalk";
+import ora15 from "ora";
+import { join as join11 } from "path";
+import { readFile as readFile7, writeFile as writeFile6, stat as stat4 } from "fs/promises";
+import { existsSync as existsSync7 } from "fs";
+var isTTY2 = process.stdout.isTTY && !process.env.NO_COLOR;
+function stripAnsi2(str) {
+  return str.replace(/\x1B\[[0-9;]*m/g, "");
+}
+function log2(msg) {
+  console.log(isTTY2 ? msg : stripAnsi2(msg));
+}
+async function findDeadSecrets(appName, envName, scanPath, projectId, envFiles) {
+  const client = await createApiClient();
+  const project = await client.getProject(projectId);
+  const serverApp = project.apps.find((a2) => a2.name.toLowerCase() === appName.toLowerCase());
+  if (!serverApp) {
+    log2(
+      isTTY2 ? chalk23.red(`  App "${appName}" not found on server`) : `ERROR: App "${appName}" not found on server`
+    );
+    process.exit(1);
+  }
+  const envs = await client.listEnvironments(serverApp.id);
+  const serverEnv = envs.find((e) => e.name.toLowerCase() === envName.toLowerCase());
+  if (!serverEnv) {
+    log2(
+      isTTY2 ? chalk23.red(`  Environment "${envName}" not found for app "${appName}"`) : `ERROR: Environment "${envName}" not found for app "${appName}"`
+    );
+    process.exit(1);
+  }
+  const refs = await scanDir(scanPath);
+  const referencedKeys = new Set(refs.keys());
+  const localKeyFiles = /* @__PURE__ */ new Map();
+  for (const envFile of envFiles) {
+    const filePath = join11(scanPath, envFile);
+    if (existsSync7(filePath)) {
+      const content = await readFile7(filePath, "utf-8");
+      const parsed = parseEnvFile(content);
+      for (const key of Object.keys(parsed)) {
+        if (!localKeyFiles.has(key)) localKeyFiles.set(key, []);
+        localKeyFiles.get(key).push(filePath);
+      }
+    }
+  }
+  const response = await client.pullSecrets(serverEnv.id);
+  const remoteKeys = new Set(response.secrets.map((s2) => s2.key));
+  const allKeys = /* @__PURE__ */ new Set([...localKeyFiles.keys(), ...remoteKeys]);
+  const dead = [];
+  for (const key of allKeys) {
+    if (!referencedKeys.has(key)) {
+      dead.push({
+        key,
+        inLocal: localKeyFiles.has(key),
+        inRemote: remoteKeys.has(key)
+      });
+    }
+  }
+  const affectedFiles = /* @__PURE__ */ new Set();
+  for (const d2 of dead) {
+    if (d2.inLocal) {
+      for (const f2 of localKeyFiles.get(d2.key) ?? []) {
+        affectedFiles.add(f2);
+      }
+    }
+  }
+  return {
+    label: `${appName}:${envName}`,
+    dead,
+    localFiles: [...affectedFiles],
+    envName: serverEnv.id,
+    projectId,
+    appName,
+    codeRefCount: referencedKeys.size
+  };
+}
+function printDeadTable(result) {
+  const { label, dead } = result;
+  const count = dead.length;
+  if (count === 0) {
+    const msg = `  ${label} \u2014 no unused secrets found`;
+    log2(isTTY2 ? chalk23.green(msg) : msg);
+    return;
+  }
+  const header = `  ${label} \u2014 ${count} unused secret${count === 1 ? "" : "s"} found`;
+  log2(isTTY2 ? chalk23.yellow(header) : header);
+  log2("");
+  const maxKeyLen = Math.max(8, ...dead.map((d2) => d2.key.length));
+  const keyCol = maxKeyLen + 2;
+  const headerLine = "  " + "Variable".padEnd(keyCol) + "local     remote";
+  log2(isTTY2 ? chalk23.dim(headerLine) : headerLine);
+  const divider = "  " + "\u2500".repeat(keyCol + 16);
+  log2(isTTY2 ? chalk23.dim(divider) : divider);
+  for (const d2 of dead) {
+    const localMark = d2.inLocal ? isTTY2 ? chalk23.green("\u2713") : "\u2713" : isTTY2 ? chalk23.dim("\u2013") : "\u2013";
+    const remoteMark = d2.inRemote ? isTTY2 ? chalk23.green("\u2713") : "\u2713" : isTTY2 ? chalk23.dim("\u2013") : "\u2013";
+    const paddedKey = d2.key.padEnd(keyCol);
+    log2(`  ${isTTY2 ? chalk23.red(d2.key) + " ".repeat(keyCol - d2.key.length) : paddedKey}${localMark}         ${remoteMark}`);
+  }
+  log2("");
+}
+async function cleanApp(result, deadSet, envFiles, scanPath, backendConfig) {
+  const isEvBackend = !backendConfig || backendConfig.type === "ev";
+  let localCleaned = 0;
+  for (const envFile of envFiles) {
+    const filePath = join11(scanPath, envFile);
+    if (!existsSync7(filePath)) continue;
+    const content = await readFile7(filePath, "utf-8");
+    const parsed = parseEnvFile(content);
+    let changed = false;
+    for (const key of deadSet) {
+      if (key in parsed) {
+        delete parsed[key];
+        changed = true;
+      }
+    }
+    if (changed) {
+      await writeFile6(filePath, serializeEnv(parsed), "utf-8");
+      const display = envFile;
+      log2(isTTY2 ? `  ${chalk23.green("\u2713")} Cleaned ${display}` : `  \u2713 Cleaned ${display}`);
+      localCleaned++;
+    }
+  }
+  const deadRemoteKeys = result.dead.filter((d2) => d2.inRemote).map((d2) => d2.key);
+  if (deadRemoteKeys.length > 0) {
+    const client = await createApiClient();
+    const pullResponse = await client.pullSecrets(result.envName);
+    const kept = pullResponse.secrets.filter((s2) => !deadSet.has(s2.key));
+    let secrets;
+    if (isEvBackend) {
+      const projectKey = await getDecryptedProjectKey(result.projectId);
+      secrets = kept.map((s2) => {
+        const decrypted = decryptSecret(s2.encryptedValue, projectKey);
+        const reEncrypted = encryptSecret(decrypted, projectKey);
+        return { key: s2.key, encryptedValue: reEncrypted };
+      });
+    } else {
+      secrets = kept.map((s2) => ({ key: s2.key, encryptedValue: s2.encryptedValue }));
+    }
+    await client.pushSecrets(result.envName, {
+      secrets,
+      prune: true,
+      message: "ev clean: removed unused secrets"
+    });
+    log2(
+      isTTY2 ? `  ${chalk23.green("\u2713")} Removed ${deadRemoteKeys.length} from ${result.label} remote` : `  \u2713 Removed ${deadRemoteKeys.length} from ${result.label} remote`
+    );
+  }
+}
+var cleanCommand = new Command21("clean").description("Find and remove unused secrets from local env files and remote environments").argument("[target]", "Target environment name (defaults to defaultEnv from ev.yaml)").action(async (target) => {
+  const spinner = isTTY2 ? ora15("Resolving context...").start() : null;
+  try {
+    const resolved = await resolveCurrentContext(target);
+    if (!resolved) {
+      if (spinner) spinner.fail(chalk23.red("No ev.yaml found. Run `ev init` first."));
+      else log2("ERROR: No ev.yaml found. Run `ev init` first.");
+      process.exit(1);
+    }
+    const { context, repoRoot, backendConfig, envFiles } = resolved;
+    const envName = target ?? context.env;
+    const config = await loadEvConfig(process.cwd());
+    if (!config) {
+      if (spinner) spinner.fail(chalk23.red("Could not load ev.yaml"));
+      else log2("ERROR: Could not load ev.yaml");
+      process.exit(1);
+    }
+    const cwd = process.cwd();
+    const isAtRoot = cwd === repoRoot;
+    const hasApps = config.apps && Object.keys(config.apps).length > 0;
+    const results = [];
+    const scanPaths = /* @__PURE__ */ new Map();
+    if (isAtRoot && hasApps) {
+      if (spinner) spinner.text = "Scanning all apps...";
+      for (const [appName, appConfig] of Object.entries(config.apps)) {
+        const appDir = join11(repoRoot, appConfig.path);
+        try {
+          await stat4(appDir);
+        } catch {
+          continue;
+        }
+        if (spinner) spinner.text = `Scanning ${appName}:${envName}...`;
+        const result = await findDeadSecrets(
+          appName,
+          envName,
+          appDir,
+          context.project,
+          envFiles
+        );
+        results.push(result);
+        scanPaths.set(appName, appDir);
+      }
+    } else {
+      const appName = context.app ?? "default";
+      const scanPath = context.app && config.apps?.[context.app] ? join11(repoRoot, config.apps[context.app].path) : cwd;
+      if (spinner) spinner.text = `Scanning ${appName}:${envName}...`;
+      const result = await findDeadSecrets(
+        appName,
+        envName,
+        scanPath,
+        context.project,
+        envFiles
+      );
+      results.push(result);
+      scanPaths.set(appName, scanPath);
+    }
+    if (spinner) spinner.stop();
+    const totalCodeRefs = results.reduce((sum, r2) => sum + r2.codeRefCount, 0);
+    if (totalCodeRefs === 0) {
+      log2(
+        "No env var references found in code \u2014 can't determine what's unused."
+      );
+      process.exit(0);
+    }
+    log2("");
+    for (const result of results) {
+      printDeadTable(result);
+      if (result.dead.length === 0) continue;
+      const deadSet = new Set(result.dead.map((d2) => d2.key));
+      const appScanPath = scanPaths.get(result.appName) ?? repoRoot;
+      const answer = await prompt(
+        isTTY2 ? `  Remove these ${result.dead.length} secret${result.dead.length === 1 ? "" : "s"}? (y/N) ` : `Remove these ${result.dead.length} secrets? (y/N) `
+      );
+      if (answer.toLowerCase() !== "y") {
+        log2(isTTY2 ? chalk23.dim("  Skipped.") : "  Skipped.");
+        log2("");
+        continue;
+      }
+      log2("");
+      await cleanApp(result, deadSet, envFiles, appScanPath, backendConfig);
+      log2("");
+    }
+  } catch (err) {
+    if (spinner) spinner.fail(chalk23.red(`Clean failed: ${err.message}`));
+    else log2(`ERROR: Clean failed: ${err.message}`);
+    process.exit(1);
+  }
+});
 // src/index.ts
-var program = new Command20();
-program.name("ev").description("Git for env vars \u2014 sync environment variables across teams securely").version("0.4.4");
+var program = new Command22();
+program.name("ev").description("Git for env vars \u2014 sync environment variables across teams securely").version("0.5.0");
 program.addCommand(loginCommand);
 program.addCommand(initCommand);
 program.addCommand(pushCommand);
@@ -9045,6 +9419,8 @@ program.addCommand(completionsCommand);
 program.addCommand(scanCommand);
 program.addCommand(updateCommand);
 program.addCommand(deleteCommand);
+program.addCommand(auditCommand);
+program.addCommand(cleanCommand);
 async function main() {
   await initCrypto();
   program.parse();

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@rowlabs/ev",
-	"version": "0.4.4",
+	"version": "0.5.0",
 	"description": "Git for env vars — sync environment variables across teams securely",
 	"type": "module",
 	"bin": {