npm - dotenv-diff - Versions diffs - 2.3.10 → 2.3.12 - Mend

dotenv-diff 2.3.10 → 2.3.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

package/CHANGELOG.md +142 -5
package/README.md +112 -205
package/dist/src/cli/run.js +6 -2
package/dist/src/cli/run.js.map +1 -1
package/dist/src/commands/compare.d.ts +1 -1
package/dist/src/commands/compare.d.ts.map +1 -1
package/dist/src/commands/compare.js.map +1 -1
package/dist/src/commands/scanUsage.js +15 -2
package/dist/src/commands/scanUsage.js.map +1 -1
package/dist/src/config/types.d.ts +3 -1
package/dist/src/config/types.d.ts.map +1 -1
package/dist/src/core/determineComparisonFile.d.ts +7 -5
package/dist/src/core/determineComparisonFile.d.ts.map +1 -1
package/dist/src/core/determineComparisonFile.js +8 -3
package/dist/src/core/determineComparisonFile.js.map +1 -1
package/dist/src/core/envPairing.d.ts +9 -0
package/dist/src/core/envPairing.d.ts.map +1 -0
package/dist/src/core/envPairing.js +33 -0
package/dist/src/core/envPairing.js.map +1 -0
package/dist/src/core/helpers/resolveFromCwd.d.ts +11 -4
package/dist/src/core/helpers/resolveFromCwd.d.ts.map +1 -1
package/dist/src/core/helpers/resolveFromCwd.js +11 -4
package/dist/src/core/helpers/resolveFromCwd.js.map +1 -1
package/dist/src/core/scanJsonOutput.d.ts.map +1 -1
package/dist/src/core/scanJsonOutput.js +1 -11
package/dist/src/core/scanJsonOutput.js.map +1 -1
package/dist/src/core/secretDetectors.d.ts.map +1 -1
package/dist/src/core/secretDetectors.js +5 -0
package/dist/src/core/secretDetectors.js.map +1 -1
package/dist/src/index.js +5 -5
package/dist/src/index.js.map +1 -1
package/dist/src/services/codeBaseScanner.d.ts.map +1 -1
package/dist/src/services/codeBaseScanner.js +2 -1
package/dist/src/services/codeBaseScanner.js.map +1 -1
package/dist/src/services/duplicates.d.ts +2 -4
package/dist/src/services/duplicates.d.ts.map +1 -1
package/dist/src/services/duplicates.js.map +1 -1
package/dist/src/services/fileWalker.d.ts +7 -5
package/dist/src/services/fileWalker.d.ts.map +1 -1
package/dist/src/services/fileWalker.js +2 -2
package/dist/src/services/fileWalker.js.map +1 -1
package/dist/src/services/scanOutputToConsole.d.ts +8 -6
package/dist/src/services/scanOutputToConsole.d.ts.map +1 -1
package/dist/src/services/scanOutputToConsole.js +3 -11
package/dist/src/services/scanOutputToConsole.js.map +1 -1
package/dist/src/ui/scan/printHeader.d.ts.map +1 -1
package/dist/src/ui/scan/printHeader.js +0 -3
package/dist/src/ui/scan/printHeader.js.map +1 -1
package/dist/src/ui/scan/printStats.d.ts +1 -0
package/dist/src/ui/scan/printStats.d.ts.map +1 -1
package/dist/src/ui/scan/printStats.js +2 -0
package/dist/src/ui/scan/printStats.js.map +1 -1
package/dist/src/ui/shared/printAutoFix.js +1 -1
package/dist/src/ui/shared/printAutoFix.js.map +1 -1
package/dist/src/ui/shared/printConfigStatus.d.ts +2 -2
package/dist/src/ui/shared/printConfigStatus.d.ts.map +1 -1
package/dist/src/ui/shared/printConfigStatus.js +5 -3
package/dist/src/ui/shared/printConfigStatus.js.map +1 -1
package/package.json +18 -12

package/CHANGELOG.md CHANGED Viewed

@@ -1,104 +1,168 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 This project follows [Keep a Changelog](https://keepachangelog.com/) and [Semantic Versioning](https://semver.org/).
 ## [Unreleased]
+### Added
+-
+### Changed
+-
+### Fixed
+-
+## [2.3.12] - 2025-12-18
 ### Added
--
+- Added warnings count to scan usage stats.
 ### Changed
--
+- Updated dependencies to latest versions.
+- Moved `healthScore` further down on the console output for better visibility of issues.
+- Removed used variables output from scan usage to reduce noise.
+- Removed header output from scan usage to reduce noise.
+- Shortened config file path in CLI output to show only the filename.
+- Updated README documentation for better clarity.
 ### Fixed
--
+- Fixed false positive secret detection for certain harmless attribute keys in codebase scanner.
+- Fixed print fix bug
+## [2.3.11] - 2025-12-13
+### Changed
+- Removed low severity secrets from codebase scanner results, because it made too much noise.
 ## [2.3.10] - 2025-12-11
 ### Added
 - More jsDocs for better code documentation.
 - t3-env integration to validate environment variable usage against T3 stack schema.
 ### Fixed
 - Removed unused code for old --no-compare option.
 ## [2.3.9] - 2025-12-09
 ### Added
 - Added expiration date warnings for environment variables in codebase scanner.
 - Added inconsistent naming warnings for environment variables in codebase scanner.
 ### Changed
 - Changed health score calculation weights for better accuracy.
 - Removed CSP detection from codebase scanner, as it was causing false positives in some cases for backend frameworks.
 ## [2.3.8] - 2025-12-08
 ### Added
 - Added variables not using uppercase letters warning to codebase scanner.
 - Added health score feature to codebase scanner.
 ### Changed
 - Removed --no-compare option from CLI and config file.
 - Updated dependencies to latest versions.
 ### Fixed
 - Fixed issue where show-stats and show-unused options were not working as expected in config file.
 ## [2.3.7] - 2025-12-03
 ### Added
 - Added warning for environment variables logged to console in codebase scanner.
 ### Changed
 - Updated dependencies to latest versions.
 ### Fixed
 - Updated jsDocs for better code documentation.
 - Updated some functions for better type safety.
 ## [2.3.6] - 2025-12-02
 ### Added
 - Added strict mode handling for framework specific warnings.
 - Added Next.js specific warnings to framework validator.
 ### Fixed
 - Nameing convention fix in frameworkValidator.ts
 ## [2.3.5] - 2025-12-01
 ### Added
 - Added more sveltekit specific warnings to codebase scanner.
 - Added warning for potential secrets in .env.example file.
 ### Fixed
 - Duration refactored for better code maintainability.
 ## [2.3.4] - 2025-11-05
 ### Fixed
 - Fixed issue where CSP detection was not working as expected in some file types.
 ## [2.3.3] - 2025-11-30
 ### Added
 - Added Content-Security-Policy (CSP) detection to codebase scanner.
 - Warns if no CSP is found in HTML/JS/TS files.
 ### Changed
 - No breaking changes.
 ## [2.3.2] - 2025-11-01
 ### Added
 - Added duration output to scan statistics.
 - Severity levels for secret findings: high, medium, low.
 ### Changed
 - Updated dependencies to latest versions.
 - Improved README documentation for clarity.
 - No breaking changes.
 ## [2.3.1] - 2025-10-08
 ### Fixed
 - Fixed dotenv-diff.config.json not found in monorepo root when running from apps.
 ## [2.3.0] - 2025-10-07
 ### Fixed
 - Fixed issue where .env.example would be ignored by git when using --fix flag.
 ### Added
 - HTML comments to ignore secret detection in HTML lines (e.g. `<!-- dotenv-diff-ignore -->`).
 - Also ignore html sections with `<!-- dotenv-diff-ignore-start -->` and `<!-- dotenv-diff-ignore-end -->`.
 - Added option to have a dotenv-diff.config.json file for configuration.
@@ -107,203 +171,276 @@ This project follows [Keep a Changelog](https://keepachangelog.com/) and [Semant
 - --no-compare flag to disable comparison mode in scan usage. and noCompare option in config file.
 ## [2.2.8] - 2025-09-30
 ### Added
 - Fix .env is not ignored by git when using --fix flag.
 ### Changed
 - No breaking changes.
 ### Fixed
 - Refactored codebase for better maintainability.
 ## [2.2.7] - 2025-09-28
 ### Added
 - Added warning on .env not ignored by .gitignore on default.
 - added `dotenv-diff-ignore` comment to ignore lines from secret detection.
 ### Fixed
 - Fixed `--strict` error output to console when no warnings are found.
 ### Changed
 - No breaking changes.
 - Updated dependencies to latest versions.
 ## [2.2.6] - 2025-09-25
 ### Added
 - Added `placeholder`, `127.0.0.1`, and `example` to `looksHarmless` secret detection rule.
 - Added `HTTP URL detected` message to potential secrets output.
 ### Fixed
 - Removed `All used environment variables are defined in {.env}` when there are no used variables found.
 ### Changed
 - No breaking changes.
 ## [2.2.5] - 2025-09-18
 ### Added
 - Updated README with `--strict` flag documentation.
 ### Fixed
 - Fixed false positives for HTTPS URLs in SVG files and SVG namespace URLs.
 ### Changed
 - No breaking changes.
 ## [2.2.4] - 2025-09-13
 ### Fixed
 - Fixed found variable count did not show when there were missing variables in .env
 - Will now not says "Found 2 unique environment variables in use" if there are found in commented out code.
 - Fixed bug where it would say "no unused variables" if there where no found variables at all.
 ### Changed
 - No breaking changes.
 ## [2.2.3] - 2025-09-08
 ### Added
 - Warning for HTTPS URLs detected in codebase.
 - Added duplicate key detection to codebase scanner.
 - added `--strict` flag to enable strict mode (treat warnings as errors).
 - duplicate key detection for `.env.example` files.
 ### Fixed
 - Fixed issue with false warnings on secrets in certain edge cases.
 - Updated README
 ### Changed
 - No breaking changes.
 - `--compare` feature coloring improved for better readability.
 - added `duplicate` warnings to scan results.
 ## [2.2.2] - 2025-09-07
 ### Fixed
 - Fixed issue where it would give a false warning on secrets with process.env
 - Code cleanup.
 - exclude `.svelte-kit` from codebase scan by default.
 - Updated README
 ### Changed
 - No breaking changes.
 ## [2.2.1] - 2025-09-06
 ### Changed
 - tsconfig updates for improved type checking.
 - Updated codebase for new tsconfig rules
 - No breaking changes.
 ### Added
 - Improved jsDocs for better code documentation.
 ## [2.2.0] - 2025-08-30
 ### Added
 - `--compare` flag to enable comparison mode.
 - `dotenv-diff` will now detect potential secrets in your codebase.
 ### Changed
 - Default behavior is now **scan-usage** (you no longer need `--scan-usage`), but you can still use it for clarity.
 - `--compare` flag is now required for all comparison operations.
 ## [2.1.7] - 2025-08-28
 ### Added
 - gif to README file.
 ### Changed
 - No breaking changes. Existing functionality remains intact.
 ## [2.1.6] - 2025-08-26
 ### fixed
 - Fixed issue where prompts were disabled when using `--env` and `--example` flags.
 ## Changed
 - No breaking changes. Existing functionality remains intact.
 ## [2.1.5] - 2025-08-25
 ### Added
 - Added `--no-color` option to disable colored output.
 ### Changed
 - No breaking changes. Existing functionality remains intact.
 ## [2.1.4] - 2025-08-19
 ### Added
 - the `--fix` flag to automatically fix common issues:
   - Remove duplicate keys (keeping the last occurrence).
   - Add missing keys from the example file with empty values.
 ### Changed
 - No breaking changes. Existing functionality remains intact.
 ## [2.1.3] - 2025-08-19
 ### Added
 - Added `.sveltekit` and `_actions` to default exclude patterns in codebase scanner.
 ### Changed
 - No breaking changes. Existing functionality remains intact.
 ### Fixed
 - Fixed issue where `--include-files` and `--exclude-files` were not properly documented in README.
 ## [2.1.2] - 2025-08-16
 ### Changed
 - Updated README with Turborepo usage example.
 ## [2.1.1] - 2025-08-16
 ### Added
 - `--files` option to **completely override** the default file patterns.
   Useful for including files that are normally excluded (e.g. `*.test.js`).
 ### Changed
-- Clarified behavior of `--include-files`: now explicitly extends the default patterns instead of replacing them.
+- Clarified behavior of `--include-files`: now explicitly extends the default patterns instead of replacing them.
 - Updated README with usage examples for `--files`, `--include-files`, and `--exclude-files`.
 ## [2.1.0] - 2025-08-15
 ### Added
 - `--ci` option for non-interactive mode in CI environments.
 ### Changed
 - No breaking changes. Existing functionality remains intact.
 ## [2.0.0] - 2025-08-14
 ### Added
 - `--scan-usage` option to scan codebase for environment variable usage.
 - `--include-files` and `--exclude-files` options to specify which files to include or exclude from the scan.
 - `--show-unused` option to display variables defined in `.env` but not used in code.
 - `--show-stats` option to display scan statistics.
 ### Changed
 - No breaking changes. Existing functionality remains intact.
 ## [1.6.5] - 2025-08-13
 ### Added
 - `--only` flag to restrict output to specific categories (e.g., `missing`, `extra`, `empty`, `mismatches`, `duplicates`, `gitignore`).
 ## [1.6.4] - 2025-08-12
 ### Added
 - `--ignore` and `--ignore-regex` options to specify files or directories to ignore during comparison.
 ## [1.6.3] - 2025-08-11
 ### Added
 - `--json` option to output results in JSON format. (Non-breaking)
 ## [1.6.2] - 2025-08-10
 ### Added
 - Duplicate key detection for `.env*` files.
   - Prints warnings listing duplicate keys (last occurrence wins).
   - Suppress via `--allow-duplicates`.
 ### Changed
 - No breaking changes. Exit codes and diff behavior unchanged.
 ## [1.6.1] - 2025-08-09
 ### Build
 - Updated TypeScript configuration to include `bin` directory.
 - Switched CLI path to `bin/dotenv-diff.js` for consistency.
 - Refactored folder structure for better organization.
 ## [1.6.0] - 2025-08-08
 ### Added
 - `--env` and `--example` for direct file comparison; autoscan overridden when both are provided.
 ## [1.5.0] - 2025-08-07
 ### Added
 - Non-interactive modes: `--ci` and `--yes`.