dotenv-diff 2.3.8 → 2.3.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +309 -0
- package/README.md +38 -1
- package/dist/src/cli/program.d.ts.map +1 -1
- package/dist/src/cli/program.js +6 -0
- package/dist/src/cli/program.js.map +1 -1
- package/dist/src/cli/run.d.ts.map +1 -1
- package/dist/src/cli/run.js +28 -26
- package/dist/src/cli/run.js.map +1 -1
- package/dist/src/commands/scanUsage.d.ts.map +1 -1
- package/dist/src/commands/scanUsage.js +79 -58
- package/dist/src/commands/scanUsage.js.map +1 -1
- package/dist/src/config/options.d.ts.map +1 -1
- package/dist/src/config/options.js +6 -2
- package/dist/src/config/options.js.map +1 -1
- package/dist/src/config/types.d.ts +70 -5
- package/dist/src/config/types.d.ts.map +1 -1
- package/dist/src/core/computeHealthScore.d.ts.map +1 -1
- package/dist/src/core/computeHealthScore.js +11 -5
- package/dist/src/core/computeHealthScore.js.map +1 -1
- package/dist/src/core/detectExpirations.d.ts +14 -0
- package/dist/src/core/detectExpirations.d.ts.map +1 -0
- package/dist/src/core/detectExpirations.js +44 -0
- package/dist/src/core/detectExpirations.js.map +1 -0
- package/dist/src/core/detectInconsistentNaming.d.ts +9 -0
- package/dist/src/core/detectInconsistentNaming.d.ts.map +1 -0
- package/dist/src/core/detectInconsistentNaming.js +61 -0
- package/dist/src/core/detectInconsistentNaming.js.map +1 -0
- package/dist/src/core/determineComparisonFile.d.ts.map +1 -1
- package/dist/src/core/determineComparisonFile.js +0 -3
- package/dist/src/core/determineComparisonFile.js.map +1 -1
- package/dist/src/core/helpers/isAllOk.d.ts +1 -0
- package/dist/src/core/helpers/isAllOk.d.ts.map +1 -1
- package/dist/src/core/helpers/isAllOk.js +1 -0
- package/dist/src/core/helpers/isAllOk.js.map +1 -1
- package/dist/src/core/helpers/toUpperSnakeCase.d.ts +6 -0
- package/dist/src/core/helpers/toUpperSnakeCase.d.ts.map +1 -0
- package/dist/src/core/helpers/toUpperSnakeCase.js +11 -0
- package/dist/src/core/helpers/toUpperSnakeCase.js.map +1 -0
- package/dist/src/core/processComparisonFile.d.ts +10 -0
- package/dist/src/core/processComparisonFile.d.ts.map +1 -1
- package/dist/src/core/processComparisonFile.js +21 -1
- package/dist/src/core/processComparisonFile.js.map +1 -1
- package/dist/src/core/scanJsonOutput.d.ts.map +1 -1
- package/dist/src/core/scanJsonOutput.js +22 -0
- package/dist/src/core/scanJsonOutput.js.map +1 -1
- package/dist/src/core/t3env/detectT3Env.d.ts +12 -0
- package/dist/src/core/t3env/detectT3Env.d.ts.map +1 -0
- package/dist/src/core/t3env/detectT3Env.js +113 -0
- package/dist/src/core/t3env/detectT3Env.js.map +1 -0
- package/dist/src/core/t3env/t3EnvRules.d.ts +10 -0
- package/dist/src/core/t3env/t3EnvRules.d.ts.map +1 -0
- package/dist/src/core/t3env/t3EnvRules.js +68 -0
- package/dist/src/core/t3env/t3EnvRules.js.map +1 -0
- package/dist/src/index.js +5 -6
- package/dist/src/index.js.map +1 -1
- package/dist/src/services/codeBaseScanner.d.ts.map +1 -1
- package/dist/src/services/codeBaseScanner.js +0 -6
- package/dist/src/services/codeBaseScanner.js.map +1 -1
- package/dist/src/services/scanOutputToConsole.d.ts.map +1 -1
- package/dist/src/services/scanOutputToConsole.js +15 -3
- package/dist/src/services/scanOutputToConsole.js.map +1 -1
- package/dist/src/ui/scan/printExpireWarnings.d.ts +9 -0
- package/dist/src/ui/scan/printExpireWarnings.d.ts.map +1 -0
- package/dist/src/ui/scan/printExpireWarnings.js +30 -0
- package/dist/src/ui/scan/printExpireWarnings.js.map +1 -0
- package/dist/src/ui/scan/printInconsistentNamingWarning.d.ts +9 -0
- package/dist/src/ui/scan/printInconsistentNamingWarning.d.ts.map +1 -0
- package/dist/src/ui/scan/printInconsistentNamingWarning.js +19 -0
- package/dist/src/ui/scan/printInconsistentNamingWarning.js.map +1 -0
- package/dist/src/ui/scan/printT3EnvWarnings.d.ts +8 -0
- package/dist/src/ui/scan/printT3EnvWarnings.d.ts.map +1 -0
- package/dist/src/ui/scan/printT3EnvWarnings.js +20 -0
- package/dist/src/ui/scan/printT3EnvWarnings.js.map +1 -0
- package/dist/src/ui/shared/printStrictModeError.d.ts +3 -0
- package/dist/src/ui/shared/printStrictModeError.d.ts.map +1 -1
- package/dist/src/ui/shared/printStrictModeError.js +6 -0
- package/dist/src/ui/shared/printStrictModeError.js.map +1 -1
- package/package.json +2 -1
package/CHANGELOG.md
ADDED
|
@@ -0,0 +1,309 @@
|
|
|
1
|
+
# Changelog
|
|
2
|
+
All notable changes to this project will be documented in this file.
|
|
3
|
+
This project follows [Keep a Changelog](https://keepachangelog.com/) and [Semantic Versioning](https://semver.org/).
|
|
4
|
+
|
|
5
|
+
## [Unreleased]
|
|
6
|
+
### Added
|
|
7
|
+
-
|
|
8
|
+
|
|
9
|
+
### Changed
|
|
10
|
+
-
|
|
11
|
+
|
|
12
|
+
### Fixed
|
|
13
|
+
-
|
|
14
|
+
|
|
15
|
+
## [2.3.10] - 2025-12-11
|
|
16
|
+
### Added
|
|
17
|
+
- More jsDocs for better code documentation.
|
|
18
|
+
- t3-env integration to validate environment variable usage against T3 stack schema.
|
|
19
|
+
|
|
20
|
+
### Fixed
|
|
21
|
+
- Removed unused code for old --no-compare option.
|
|
22
|
+
|
|
23
|
+
## [2.3.9] - 2025-12-09
|
|
24
|
+
### Added
|
|
25
|
+
- Added expiration date warnings for environment variables in codebase scanner.
|
|
26
|
+
- Added inconsistent naming warnings for environment variables in codebase scanner.
|
|
27
|
+
|
|
28
|
+
### Changed
|
|
29
|
+
- Changed health score calculation weights for better accuracy.
|
|
30
|
+
- Removed CSP detection from codebase scanner, as it was causing false positives in some cases for backend frameworks.
|
|
31
|
+
|
|
32
|
+
## [2.3.8] - 2025-12-08
|
|
33
|
+
### Added
|
|
34
|
+
- Added variables not using uppercase letters warning to codebase scanner.
|
|
35
|
+
- Added health score feature to codebase scanner.
|
|
36
|
+
|
|
37
|
+
### Changed
|
|
38
|
+
- Removed --no-compare option from CLI and config file.
|
|
39
|
+
- Updated dependencies to latest versions.
|
|
40
|
+
|
|
41
|
+
### Fixed
|
|
42
|
+
- Fixed issue where show-stats and show-unused options were not working as expected in config file.
|
|
43
|
+
|
|
44
|
+
## [2.3.7] - 2025-12-03
|
|
45
|
+
### Added
|
|
46
|
+
- Added warning for environment variables logged to console in codebase scanner.
|
|
47
|
+
|
|
48
|
+
### Changed
|
|
49
|
+
- Updated dependencies to latest versions.
|
|
50
|
+
|
|
51
|
+
### Fixed
|
|
52
|
+
- Updated jsDocs for better code documentation.
|
|
53
|
+
- Updated some functions for better type safety.
|
|
54
|
+
|
|
55
|
+
## [2.3.6] - 2025-12-02
|
|
56
|
+
### Added
|
|
57
|
+
- Added strict mode handling for framework specific warnings.
|
|
58
|
+
- Added Next.js specific warnings to framework validator.
|
|
59
|
+
|
|
60
|
+
### Fixed
|
|
61
|
+
- Nameing convention fix in frameworkValidator.ts
|
|
62
|
+
|
|
63
|
+
## [2.3.5] - 2025-12-01
|
|
64
|
+
### Added
|
|
65
|
+
- Added more sveltekit specific warnings to codebase scanner.
|
|
66
|
+
- Added warning for potential secrets in .env.example file.
|
|
67
|
+
|
|
68
|
+
### Fixed
|
|
69
|
+
- Duration refactored for better code maintainability.
|
|
70
|
+
|
|
71
|
+
## [2.3.4] - 2025-11-05
|
|
72
|
+
### Fixed
|
|
73
|
+
- Fixed issue where CSP detection was not working as expected in some file types.
|
|
74
|
+
|
|
75
|
+
## [2.3.3] - 2025-11-30
|
|
76
|
+
### Added
|
|
77
|
+
- Added Content-Security-Policy (CSP) detection to codebase scanner.
|
|
78
|
+
- Warns if no CSP is found in HTML/JS/TS files.
|
|
79
|
+
|
|
80
|
+
### Changed
|
|
81
|
+
- No breaking changes.
|
|
82
|
+
|
|
83
|
+
## [2.3.2] - 2025-11-01
|
|
84
|
+
### Added
|
|
85
|
+
- Added duration output to scan statistics.
|
|
86
|
+
- Severity levels for secret findings: high, medium, low.
|
|
87
|
+
|
|
88
|
+
### Changed
|
|
89
|
+
- Updated dependencies to latest versions.
|
|
90
|
+
- Improved README documentation for clarity.
|
|
91
|
+
- No breaking changes.
|
|
92
|
+
|
|
93
|
+
## [2.3.1] - 2025-10-08
|
|
94
|
+
### Fixed
|
|
95
|
+
- Fixed dotenv-diff.config.json not found in monorepo root when running from apps.
|
|
96
|
+
|
|
97
|
+
## [2.3.0] - 2025-10-07
|
|
98
|
+
### Fixed
|
|
99
|
+
- Fixed issue where .env.example would be ignored by git when using --fix flag.
|
|
100
|
+
|
|
101
|
+
### Added
|
|
102
|
+
- HTML comments to ignore secret detection in HTML lines (e.g. `<!-- dotenv-diff-ignore -->`).
|
|
103
|
+
- Also ignore html sections with `<!-- dotenv-diff-ignore-start -->` and `<!-- dotenv-diff-ignore-end -->`.
|
|
104
|
+
- Added option to have a dotenv-diff.config.json file for configuration.
|
|
105
|
+
- ignoreUrls option to ignore specific URLs in secret detection. (e.g. `https://nomistake.com`).
|
|
106
|
+
- Added `--init` flag to create a sample config file.
|
|
107
|
+
- --no-compare flag to disable comparison mode in scan usage. and noCompare option in config file.
|
|
108
|
+
|
|
109
|
+
## [2.2.8] - 2025-09-30
|
|
110
|
+
### Added
|
|
111
|
+
- Fix .env is not ignored by git when using --fix flag.
|
|
112
|
+
|
|
113
|
+
### Changed
|
|
114
|
+
- No breaking changes.
|
|
115
|
+
|
|
116
|
+
### Fixed
|
|
117
|
+
- Refactored codebase for better maintainability.
|
|
118
|
+
|
|
119
|
+
## [2.2.7] - 2025-09-28
|
|
120
|
+
### Added
|
|
121
|
+
- Added warning on .env not ignored by .gitignore on default.
|
|
122
|
+
- added `dotenv-diff-ignore` comment to ignore lines from secret detection.
|
|
123
|
+
|
|
124
|
+
### Fixed
|
|
125
|
+
- Fixed `--strict` error output to console when no warnings are found.
|
|
126
|
+
|
|
127
|
+
### Changed
|
|
128
|
+
- No breaking changes.
|
|
129
|
+
- Updated dependencies to latest versions.
|
|
130
|
+
|
|
131
|
+
## [2.2.6] - 2025-09-25
|
|
132
|
+
### Added
|
|
133
|
+
- Added `placeholder`, `127.0.0.1`, and `example` to `looksHarmless` secret detection rule.
|
|
134
|
+
- Added `HTTP URL detected` message to potential secrets output.
|
|
135
|
+
|
|
136
|
+
### Fixed
|
|
137
|
+
- Removed `All used environment variables are defined in {.env}` when there are no used variables found.
|
|
138
|
+
|
|
139
|
+
### Changed
|
|
140
|
+
- No breaking changes.
|
|
141
|
+
|
|
142
|
+
## [2.2.5] - 2025-09-18
|
|
143
|
+
### Added
|
|
144
|
+
- Updated README with `--strict` flag documentation.
|
|
145
|
+
|
|
146
|
+
### Fixed
|
|
147
|
+
- Fixed false positives for HTTPS URLs in SVG files and SVG namespace URLs.
|
|
148
|
+
|
|
149
|
+
### Changed
|
|
150
|
+
- No breaking changes.
|
|
151
|
+
|
|
152
|
+
## [2.2.4] - 2025-09-13
|
|
153
|
+
### Fixed
|
|
154
|
+
- Fixed found variable count did not show when there were missing variables in .env
|
|
155
|
+
- Will now not says "Found 2 unique environment variables in use" if there are found in commented out code.
|
|
156
|
+
- Fixed bug where it would say "no unused variables" if there where no found variables at all.
|
|
157
|
+
|
|
158
|
+
### Changed
|
|
159
|
+
- No breaking changes.
|
|
160
|
+
|
|
161
|
+
## [2.2.3] - 2025-09-08
|
|
162
|
+
### Added
|
|
163
|
+
- Warning for HTTPS URLs detected in codebase.
|
|
164
|
+
- Added duplicate key detection to codebase scanner.
|
|
165
|
+
- added `--strict` flag to enable strict mode (treat warnings as errors).
|
|
166
|
+
- duplicate key detection for `.env.example` files.
|
|
167
|
+
|
|
168
|
+
### Fixed
|
|
169
|
+
- Fixed issue with false warnings on secrets in certain edge cases.
|
|
170
|
+
- Updated README
|
|
171
|
+
|
|
172
|
+
### Changed
|
|
173
|
+
- No breaking changes.
|
|
174
|
+
- `--compare` feature coloring improved for better readability.
|
|
175
|
+
- added `duplicate` warnings to scan results.
|
|
176
|
+
|
|
177
|
+
## [2.2.2] - 2025-09-07
|
|
178
|
+
### Fixed
|
|
179
|
+
- Fixed issue where it would give a false warning on secrets with process.env
|
|
180
|
+
- Code cleanup.
|
|
181
|
+
- exclude `.svelte-kit` from codebase scan by default.
|
|
182
|
+
- Updated README
|
|
183
|
+
|
|
184
|
+
### Changed
|
|
185
|
+
- No breaking changes.
|
|
186
|
+
|
|
187
|
+
## [2.2.1] - 2025-09-06
|
|
188
|
+
### Changed
|
|
189
|
+
- tsconfig updates for improved type checking.
|
|
190
|
+
- Updated codebase for new tsconfig rules
|
|
191
|
+
- No breaking changes.
|
|
192
|
+
|
|
193
|
+
### Added
|
|
194
|
+
- Improved jsDocs for better code documentation.
|
|
195
|
+
|
|
196
|
+
## [2.2.0] - 2025-08-30
|
|
197
|
+
### Added
|
|
198
|
+
- `--compare` flag to enable comparison mode.
|
|
199
|
+
- `dotenv-diff` will now detect potential secrets in your codebase.
|
|
200
|
+
|
|
201
|
+
### Changed
|
|
202
|
+
- Default behavior is now **scan-usage** (you no longer need `--scan-usage`), but you can still use it for clarity.
|
|
203
|
+
- `--compare` flag is now required for all comparison operations.
|
|
204
|
+
|
|
205
|
+
|
|
206
|
+
## [2.1.7] - 2025-08-28
|
|
207
|
+
### Added
|
|
208
|
+
- gif to README file.
|
|
209
|
+
|
|
210
|
+
### Changed
|
|
211
|
+
- No breaking changes. Existing functionality remains intact.
|
|
212
|
+
|
|
213
|
+
## [2.1.6] - 2025-08-26
|
|
214
|
+
### fixed
|
|
215
|
+
- Fixed issue where prompts were disabled when using `--env` and `--example` flags.
|
|
216
|
+
|
|
217
|
+
## Changed
|
|
218
|
+
- No breaking changes. Existing functionality remains intact.
|
|
219
|
+
|
|
220
|
+
## [2.1.5] - 2025-08-25
|
|
221
|
+
### Added
|
|
222
|
+
- Added `--no-color` option to disable colored output.
|
|
223
|
+
|
|
224
|
+
### Changed
|
|
225
|
+
- No breaking changes. Existing functionality remains intact.
|
|
226
|
+
|
|
227
|
+
## [2.1.4] - 2025-08-19
|
|
228
|
+
### Added
|
|
229
|
+
- the `--fix` flag to automatically fix common issues:
|
|
230
|
+
- Remove duplicate keys (keeping the last occurrence).
|
|
231
|
+
- Add missing keys from the example file with empty values.
|
|
232
|
+
|
|
233
|
+
### Changed
|
|
234
|
+
- No breaking changes. Existing functionality remains intact.
|
|
235
|
+
|
|
236
|
+
## [2.1.3] - 2025-08-19
|
|
237
|
+
### Added
|
|
238
|
+
- Added `.sveltekit` and `_actions` to default exclude patterns in codebase scanner.
|
|
239
|
+
|
|
240
|
+
### Changed
|
|
241
|
+
- No breaking changes. Existing functionality remains intact.
|
|
242
|
+
|
|
243
|
+
### Fixed
|
|
244
|
+
- Fixed issue where `--include-files` and `--exclude-files` were not properly documented in README.
|
|
245
|
+
|
|
246
|
+
## [2.1.2] - 2025-08-16
|
|
247
|
+
### Changed
|
|
248
|
+
- Updated README with Turborepo usage example.
|
|
249
|
+
|
|
250
|
+
## [2.1.1] - 2025-08-16
|
|
251
|
+
### Added
|
|
252
|
+
- `--files` option to **completely override** the default file patterns.
|
|
253
|
+
Useful for including files that are normally excluded (e.g. `*.test.js`).
|
|
254
|
+
|
|
255
|
+
### Changed
|
|
256
|
+
- Clarified behavior of `--include-files`: now explicitly extends the default patterns instead of replacing them.
|
|
257
|
+
- Updated README with usage examples for `--files`, `--include-files`, and `--exclude-files`.
|
|
258
|
+
|
|
259
|
+
## [2.1.0] - 2025-08-15
|
|
260
|
+
### Added
|
|
261
|
+
- `--ci` option for non-interactive mode in CI environments.
|
|
262
|
+
|
|
263
|
+
### Changed
|
|
264
|
+
- No breaking changes. Existing functionality remains intact.
|
|
265
|
+
|
|
266
|
+
## [2.0.0] - 2025-08-14
|
|
267
|
+
### Added
|
|
268
|
+
- `--scan-usage` option to scan codebase for environment variable usage.
|
|
269
|
+
- `--include-files` and `--exclude-files` options to specify which files to include or exclude from the scan.
|
|
270
|
+
- `--show-unused` option to display variables defined in `.env` but not used in code.
|
|
271
|
+
- `--show-stats` option to display scan statistics.
|
|
272
|
+
|
|
273
|
+
### Changed
|
|
274
|
+
- No breaking changes. Existing functionality remains intact.
|
|
275
|
+
|
|
276
|
+
## [1.6.5] - 2025-08-13
|
|
277
|
+
### Added
|
|
278
|
+
- `--only` flag to restrict output to specific categories (e.g., `missing`, `extra`, `empty`, `mismatches`, `duplicates`, `gitignore`).
|
|
279
|
+
|
|
280
|
+
## [1.6.4] - 2025-08-12
|
|
281
|
+
### Added
|
|
282
|
+
- `--ignore` and `--ignore-regex` options to specify files or directories to ignore during comparison.
|
|
283
|
+
|
|
284
|
+
## [1.6.3] - 2025-08-11
|
|
285
|
+
### Added
|
|
286
|
+
- `--json` option to output results in JSON format. (Non-breaking)
|
|
287
|
+
|
|
288
|
+
## [1.6.2] - 2025-08-10
|
|
289
|
+
### Added
|
|
290
|
+
- Duplicate key detection for `.env*` files.
|
|
291
|
+
- Prints warnings listing duplicate keys (last occurrence wins).
|
|
292
|
+
- Suppress via `--allow-duplicates`.
|
|
293
|
+
|
|
294
|
+
### Changed
|
|
295
|
+
- No breaking changes. Exit codes and diff behavior unchanged.
|
|
296
|
+
|
|
297
|
+
## [1.6.1] - 2025-08-09
|
|
298
|
+
### Build
|
|
299
|
+
- Updated TypeScript configuration to include `bin` directory.
|
|
300
|
+
- Switched CLI path to `bin/dotenv-diff.js` for consistency.
|
|
301
|
+
- Refactored folder structure for better organization.
|
|
302
|
+
|
|
303
|
+
## [1.6.0] - 2025-08-08
|
|
304
|
+
### Added
|
|
305
|
+
- `--env` and `--example` for direct file comparison; autoscan overridden when both are provided.
|
|
306
|
+
|
|
307
|
+
## [1.5.0] - 2025-08-07
|
|
308
|
+
### Added
|
|
309
|
+
- Non-interactive modes: `--ci` and `--yes`.
|
package/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# dotenv-diff
|
|
2
2
|
|
|
3
|
-
|
|
4
4
|
|
|
5
5
|
Scan your codebase to detect which environment variables are used in your code.
|
|
6
6
|
|
|
@@ -145,6 +145,43 @@ The health score is calculated based on several factors, including:
|
|
|
145
145
|
- Unused variables in your `.env` or `.env.example` file.
|
|
146
146
|
- Framework specific warning for SvelteKit or Next.js (depending on detected framework).
|
|
147
147
|
|
|
148
|
+
## Expiration date warnings
|
|
149
|
+
|
|
150
|
+
By default, `dotenv-diff` will detect environment variables with expiration dates and warn you if they are expired or about to expire.
|
|
151
|
+
To specify an expiration date for an environment variable, add a comment in the following format on the same line this an example of a .env.example file:
|
|
152
|
+
|
|
153
|
+
```bash
|
|
154
|
+
# @expire YYYY-MM-DD
|
|
155
|
+
API_TOKEN=
|
|
156
|
+
```
|
|
157
|
+
|
|
158
|
+
When you run `dotenv-diff`, it will check the expiration dates and display warnings for any variables that are expired or will expire soon.
|
|
159
|
+
|
|
160
|
+
## Inconsistent naming pattern warnings
|
|
161
|
+
|
|
162
|
+
By default `dotenv-diff` will detect environment variables that have inconsistent naming patterns, fx `APIKEY` & `API_KEY` will give you are warning to only use the `API_KEY`
|
|
163
|
+
To disable this behavior, use the `--no-inconsistent-naming-warnings` flags respectively, or set it to false in the config file:
|
|
164
|
+
|
|
165
|
+
```bash
|
|
166
|
+
"inconsistentNamingWarnings": false
|
|
167
|
+
```
|
|
168
|
+
|
|
169
|
+
## t3-env integration
|
|
170
|
+
|
|
171
|
+
by default `dotenv-diff` will detect if your project uses t3-env and validate environment variable usage against the T3 stack schema.
|
|
172
|
+
|
|
173
|
+
This will give you warnings like this:
|
|
174
|
+
|
|
175
|
+
```bashT3-env validation issues:
|
|
176
|
+
- API_URL (src\index.ts:25) → Variable "API_URL" is not defined in t3-env schema. Add it to either server or client schema.
|
|
177
|
+
```
|
|
178
|
+
|
|
179
|
+
To disable this behavior, use the `--no-t3env` flag or set it to false in the config file:
|
|
180
|
+
|
|
181
|
+
```bash
|
|
182
|
+
"t3env": false
|
|
183
|
+
```
|
|
184
|
+
|
|
148
185
|
## Show unused variables
|
|
149
186
|
|
|
150
187
|
As default, `dotenv-diff` will list variables that are defined in `.env` but never used in your codebase.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"program.d.ts","sourceRoot":"","sources":["../../../src/cli/program.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC;;;GAGG;AACH,wBAAgB,aAAa,
|
|
1
|
+
{"version":3,"file":"program.d.ts","sourceRoot":"","sources":["../../../src/cli/program.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC;;;GAGG;AACH,wBAAgB,aAAa,YAuF5B"}
|
package/dist/src/cli/program.js
CHANGED
|
@@ -35,6 +35,12 @@ export function createProgram() {
|
|
|
35
35
|
.option('--ignore-urls <list>', 'Comma-separated URLs to ignore in secret scan')
|
|
36
36
|
.option('--uppercase-keys', 'Enable uppercase key validation (enabled by default)')
|
|
37
37
|
.option('--no-uppercase-keys', 'Disable uppercase key validation')
|
|
38
|
+
.option('--expire-warnings', 'Enable expiration date warnings for environment variables (enabled by default)')
|
|
39
|
+
.option('--no-expire-warnings', 'Disable expiration date warnings')
|
|
40
|
+
.option('--inconsistent-naming-warnings', 'Enable inconsistent naming pattern warnings (enabled by default)')
|
|
41
|
+
.option('--no-inconsistent-naming-warnings', 'Disable inconsistent naming pattern warnings')
|
|
42
|
+
.option('--t3env', 'Warns about specifik Next.js t3env usage patterns')
|
|
43
|
+
.option('--no-t3env', 'Disables warnings about Next.js t3env usage patterns')
|
|
38
44
|
.option('--init', 'Create a sample dotenv-diff.config.json file');
|
|
39
45
|
}
|
|
40
46
|
//# sourceMappingURL=program.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"program.js","sourceRoot":"","sources":["../../../src/cli/program.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC;;;GAGG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,IAAI,OAAO,EAAE;SACjB,IAAI,CAAC,aAAa,CAAC;SACnB,WAAW,CAAC,qCAAqC,CAAC;SAClD,MAAM,CAAC,gBAAgB,EAAE,6CAA6C,CAAC;SACvE,MAAM,CAAC,MAAM,EAAE,8CAA8C,CAAC;SAC9D,MAAM,CAAC,WAAW,EAAE,iDAAiD,CAAC;SACtE,MAAM,CAAC,cAAc,EAAE,8BAA8B,CAAC;SACtD,MAAM,CAAC,kBAAkB,EAAE,sCAAsC,CAAC;SAClE,MAAM,CACL,oBAAoB,EACpB,iDAAiD,CAClD;SACA,MAAM,CAAC,iBAAiB,EAAE,wCAAwC,CAAC;SACnE,MAAM,CAAC,0BAA0B,EAAE,uCAAuC,CAAC;SAC3E,MAAM,CACL,OAAO,EACP,sEAAsE,CACvE;SACA,MAAM,CAAC,QAAQ,EAAE,+BAA+B,CAAC;SACjD,MAAM,CAAC,SAAS,EAAE,uBAAuB,CAAC;SAC1C,MAAM,CAAC,YAAY,EAAE,wBAAwB,CAAC;SAC9C,MAAM,CACL,eAAe,EACf,2FAA2F,CAC5F;SACA,MAAM,CAAC,cAAc,EAAE,8CAA8C,CAAC;SACtE,MAAM,CAAC,WAAW,EAAE,qCAAqC,CAAC;SAC1D,MAAM,CACL,4BAA4B,EAC5B,iFAAiF,CAClF;SACA,MAAM,CACL,oBAAoB,EACpB,8EAA8E,CAC/E;SACA,MAAM,CACL,4BAA4B,EAC5B,oDAAoD,CACrD;SACA,MAAM,CACL,eAAe,EACf,8DAA8D,CAC/D;SACA,MAAM,CACL,kBAAkB,EAClB,qEAAqE,CACtE;SACA,MAAM,CAAC,cAAc,EAAE,iBAAiB,CAAC;SACzC,MAAM,CAAC,iBAAiB,EAAE,wBAAwB,CAAC;SACnD,MAAM,CAAC,UAAU,EAAE,yBAAyB,CAAC;SAC7C,MAAM,CACL,WAAW,EACX,0DAA0D,CAC3D;SACA,MAAM,CACL,cAAc,EACd,2DAA2D,CAC5D;SACA,MAAM,CACL,sBAAsB,EACtB,+CAA+C,CAChD;SACA,MAAM,CACL,kBAAkB,EAClB,sDAAsD,CACvD;SACA,MAAM,CAAC,qBAAqB,EAAE,kCAAkC,CAAC;SACjE,MAAM,CAAC,QAAQ,EAAE,8CAA8C,CAAC,CAAC;AACtE,CAAC"}
|
|
1
|
+
{"version":3,"file":"program.js","sourceRoot":"","sources":["../../../src/cli/program.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC;;;GAGG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,IAAI,OAAO,EAAE;SACjB,IAAI,CAAC,aAAa,CAAC;SACnB,WAAW,CAAC,qCAAqC,CAAC;SAClD,MAAM,CAAC,gBAAgB,EAAE,6CAA6C,CAAC;SACvE,MAAM,CAAC,MAAM,EAAE,8CAA8C,CAAC;SAC9D,MAAM,CAAC,WAAW,EAAE,iDAAiD,CAAC;SACtE,MAAM,CAAC,cAAc,EAAE,8BAA8B,CAAC;SACtD,MAAM,CAAC,kBAAkB,EAAE,sCAAsC,CAAC;SAClE,MAAM,CACL,oBAAoB,EACpB,iDAAiD,CAClD;SACA,MAAM,CAAC,iBAAiB,EAAE,wCAAwC,CAAC;SACnE,MAAM,CAAC,0BAA0B,EAAE,uCAAuC,CAAC;SAC3E,MAAM,CACL,OAAO,EACP,sEAAsE,CACvE;SACA,MAAM,CAAC,QAAQ,EAAE,+BAA+B,CAAC;SACjD,MAAM,CAAC,SAAS,EAAE,uBAAuB,CAAC;SAC1C,MAAM,CAAC,YAAY,EAAE,wBAAwB,CAAC;SAC9C,MAAM,CACL,eAAe,EACf,2FAA2F,CAC5F;SACA,MAAM,CAAC,cAAc,EAAE,8CAA8C,CAAC;SACtE,MAAM,CAAC,WAAW,EAAE,qCAAqC,CAAC;SAC1D,MAAM,CACL,4BAA4B,EAC5B,iFAAiF,CAClF;SACA,MAAM,CACL,oBAAoB,EACpB,8EAA8E,CAC/E;SACA,MAAM,CACL,4BAA4B,EAC5B,oDAAoD,CACrD;SACA,MAAM,CACL,eAAe,EACf,8DAA8D,CAC/D;SACA,MAAM,CACL,kBAAkB,EAClB,qEAAqE,CACtE;SACA,MAAM,CAAC,cAAc,EAAE,iBAAiB,CAAC;SACzC,MAAM,CAAC,iBAAiB,EAAE,wBAAwB,CAAC;SACnD,MAAM,CAAC,UAAU,EAAE,yBAAyB,CAAC;SAC7C,MAAM,CACL,WAAW,EACX,0DAA0D,CAC3D;SACA,MAAM,CACL,cAAc,EACd,2DAA2D,CAC5D;SACA,MAAM,CACL,sBAAsB,EACtB,+CAA+C,CAChD;SACA,MAAM,CACL,kBAAkB,EAClB,sDAAsD,CACvD;SACA,MAAM,CAAC,qBAAqB,EAAE,kCAAkC,CAAC;SACjE,MAAM,CACL,mBAAmB,EACnB,gFAAgF,CACjF;SACA,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;SAClE,MAAM,CACL,gCAAgC,EAChC,kEAAkE,CACnE;SACA,MAAM,CACL,mCAAmC,EACnC,8CAA8C,CAC/C;SACA,MAAM,CAAC,SAAS,EAAE,mDAAmD,CAAC;SACtE,MAAM,CACL,YAAY,EACZ,sDAAsD,CACvD;SACA,MAAM,CAAC,QAAQ,EAAE,8CAA8C,CAAC,CAAC;AACtE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run.d.ts","sourceRoot":"","sources":["../../../src/cli/run.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"run.d.ts","sourceRoot":"","sources":["../../../src/cli/run.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAmBzC;;;;GAIG;AACH,wBAAsB,GAAG,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAuBzD"}
|
package/dist/src/cli/run.js
CHANGED
|
@@ -10,6 +10,31 @@ import { scanUsage } from '../commands/scanUsage.js';
|
|
|
10
10
|
import { printErrorNotFound } from '../ui/compare/printErrorNotFound.js';
|
|
11
11
|
import { setupGlobalConfig } from '../ui/shared/setupGlobalConfig.js';
|
|
12
12
|
import { loadConfig } from '../config/loadConfig.js';
|
|
13
|
+
/**
|
|
14
|
+
* Run the CLI program
|
|
15
|
+
* @param program The commander program instance
|
|
16
|
+
* @returns void
|
|
17
|
+
*/
|
|
18
|
+
export async function run(program) {
|
|
19
|
+
program.parse(process.argv);
|
|
20
|
+
// Load and normalize options
|
|
21
|
+
const cliOptions = program.opts();
|
|
22
|
+
// Handle --init flag
|
|
23
|
+
if (await handleInitFlag(cliOptions))
|
|
24
|
+
return;
|
|
25
|
+
// Merge CLI options with config file options
|
|
26
|
+
const mergedRawOptions = loadConfig(cliOptions);
|
|
27
|
+
// Normalize merged options
|
|
28
|
+
const opts = normalizeOptions(mergedRawOptions);
|
|
29
|
+
setupGlobalConfig(opts);
|
|
30
|
+
// Route to appropriate command
|
|
31
|
+
if (opts.compare) {
|
|
32
|
+
await runCompareMode(opts);
|
|
33
|
+
}
|
|
34
|
+
else {
|
|
35
|
+
await runScanMode(opts);
|
|
36
|
+
}
|
|
37
|
+
}
|
|
13
38
|
/**
|
|
14
39
|
* Run scan-usage mode (default behavior)
|
|
15
40
|
* @param opts - Normalized options
|
|
@@ -33,8 +58,10 @@ async function runScanMode(opts) {
|
|
|
33
58
|
secrets: opts.secrets,
|
|
34
59
|
strict: opts.strict ?? false,
|
|
35
60
|
ignoreUrls: opts.ignoreUrls ?? [],
|
|
36
|
-
noCompare: opts.noCompare ?? false,
|
|
37
61
|
uppercaseKeys: opts.uppercaseKeys ?? true,
|
|
62
|
+
expireWarnings: opts.expireWarnings,
|
|
63
|
+
inconsistentNamingWarnings: opts.inconsistentNamingWarnings,
|
|
64
|
+
t3env: opts.t3env,
|
|
38
65
|
...(opts.files ? { files: opts.files } : {}),
|
|
39
66
|
});
|
|
40
67
|
process.exit(exitWithError ? 1 : 0);
|
|
@@ -187,29 +214,4 @@ function outputResults(report, opts, exitWithError) {
|
|
|
187
214
|
}
|
|
188
215
|
process.exit(exitWithError ? 1 : 0);
|
|
189
216
|
}
|
|
190
|
-
/**
|
|
191
|
-
* Run the CLI program
|
|
192
|
-
* @param program The commander program instance
|
|
193
|
-
* @returns void
|
|
194
|
-
*/
|
|
195
|
-
export async function run(program) {
|
|
196
|
-
program.parse(process.argv);
|
|
197
|
-
// Load and normalize options
|
|
198
|
-
const cliOptions = program.opts();
|
|
199
|
-
// Handle --init flag
|
|
200
|
-
if (await handleInitFlag(cliOptions))
|
|
201
|
-
return;
|
|
202
|
-
// Merge CLI options with config file options
|
|
203
|
-
const mergedRawOptions = loadConfig(cliOptions);
|
|
204
|
-
// Normalize merged options
|
|
205
|
-
const opts = normalizeOptions(mergedRawOptions);
|
|
206
|
-
setupGlobalConfig(opts);
|
|
207
|
-
// Route to appropriate command
|
|
208
|
-
if (opts.compare) {
|
|
209
|
-
await runCompareMode(opts);
|
|
210
|
-
}
|
|
211
|
-
else {
|
|
212
|
-
await runScanMode(opts);
|
|
213
|
-
}
|
|
214
|
-
}
|
|
215
217
|
//# sourceMappingURL=run.js.map
|
package/dist/src/cli/run.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run.js","sourceRoot":"","sources":["../../../src/cli/run.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAKN,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AACzE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD;;;;GAIG;AACH,KAAK,UAAU,WAAW,CAAC,IAAa;IACtC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAE7E,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,SAAS,CAAC;QACxC,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,OAAO,EAAE,IAAI,CAAC,YAAY;QAC1B,OAAO,EAAE,IAAI,CAAC,YAAY;QAC1B,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,OAAO;QACP,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK;QAC5B,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,EAAE;QACjC,
|
|
1
|
+
{"version":3,"file":"run.js","sourceRoot":"","sources":["../../../src/cli/run.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAKN,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AACzE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,GAAG,CAAC,OAAgB;IACxC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAE5B,6BAA6B;IAC7B,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAElC,qBAAqB;IACrB,IAAI,MAAM,cAAc,CAAC,UAAU,CAAC;QAAE,OAAO;IAE7C,6CAA6C;IAC7C,MAAM,gBAAgB,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC;IAEhD,2BAA2B;IAC3B,MAAM,IAAI,GAAG,gBAAgB,CAAC,gBAAgB,CAAC,CAAC;IAEhD,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAExB,+BAA+B;IAC/B,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,MAAM,cAAc,CAAC,IAAI,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,MAAM,WAAW,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,WAAW,CAAC,IAAa;IACtC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAE7E,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,SAAS,CAAC;QACxC,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,OAAO,EAAE,IAAI,CAAC,YAAY;QAC1B,OAAO,EAAE,IAAI,CAAC,YAAY;QAC1B,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,OAAO;QACP,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK;QAC5B,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,EAAE;QACjC,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,IAAI;QACzC,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,0BAA0B,EAAE,IAAI,CAAC,0BAA0B;QAC3D,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC7C,CAAC,CAAC;IAEH,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACtC,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,cAAc,CAAC,IAAa;IACzC,qEAAqE;IACrE,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,uBAAuB,CAAC,IAAI,CAAC,CAAC;QACpC,OAAO;IACT,CAAC;IAED,mCAAmC;IACnC,MAAM,0BAA0B,CAAC,IAAI,CAAC,CAAC;AACzC,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,uBAAuB,CAAC,IAAa;IAClD,MAAM,SAAS,GAAG,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,OAAQ,CAAC,CAAC;IAC/C,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,WAAY,CAAC,CAAC;IAElD,uBAAuB;IACvB,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5B,MAAM,UAAU,GAAG,MAAM,kBAAkB,CACzC,IAAI,EACJ,IAAI,CAAC,OAAQ,EACb,IAAI,CAAC,WAAY,CAClB,CAAC;QACF,IAAI,UAAU;YAAE,OAAO;IACzB,CAAC;IAED,qBAAqB;IACrB,MAAM,MAAM,GAAuB,EAAE,CAAC;IACtC,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,WAAW,CACzC;QACE;YACE,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAQ,CAAC;YACrC,OAAO,EAAE,IAAI,CAAC,OAAQ;YACtB,WAAW,EAAE,IAAI,CAAC,WAAY;SAC/B;KACF,EACD,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,CAClC,CAAC;IAEF,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC;AAC7C,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,0BAA0B,CAAC,IAAa;IACrD,+BAA+B;IAC/B,MAAM,SAAS,GAAG,gBAAgB,CAAC;QACjC,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,IAAI;QAC7B,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,IAAI;KACtC,CAAC,CAAC;IAEH,uDAAuD;IACvD,MAAM,UAAU,GAAG,MAAM,mBAAmB,CAAC;QAC3C,GAAG,EAAE,SAAS,CAAC,GAAG;QAClB,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,cAAc,EAAE,SAAS,CAAC,cAAc;QACxC,uBAAuB,EAAE,SAAS,CAAC,uBAAuB;QAC1D,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;KACxB,CAAC,CAAC;IAEH,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;QAC1B,aAAa,CAAC,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;QACnD,OAAO;IACT,CAAC;IAED,+BAA+B;IAC/B,MAAM,KAAK,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,MAAM,GAAuB,EAAE,CAAC;IACtC,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,WAAW,CACzC,KAAK,EACL,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,CAClC,CAAC;IAEF,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC;AAC7C,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,kBAAkB,CAC/B,IAAa,EACb,OAAe,EACf,WAAmB;IAEnB,MAAM,SAAS,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzC,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IAE5C,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,wCAAwC;QACxC,kBAAkB,CAAC,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;QAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;SAAM,CAAC;QACN,qDAAqD;QACrD,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC;YACvC,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,UAAU,EAAE,OAAO;YACnB,cAAc,EAAE,WAAW;YAC3B,uBAAuB,EAAE,KAAK;YAC9B,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;YACtB,aAAa,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAC1B,IAAa,EACb,MAA0B;IAE1B,OAAO;QACL,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,OAAO,EAAE,CAAC,CAAmB,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAChD,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC1C,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,cAAc,CAAC,UAAsB;IAClD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,CAAC;QACxD,MAAM,OAAO,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;GAKG;AACH,SAAS,aAAa,CACpB,MAA0B,EAC1B,IAAa,EACb,aAAsB;IAEtB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACtC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanUsage.d.ts","sourceRoot":"","sources":["../../../src/commands/scanUsage.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,gBAAgB,
|
|
1
|
+
{"version":3,"file":"scanUsage.d.ts","sourceRoot":"","sources":["../../../src/commands/scanUsage.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,gBAAgB,EAIjB,MAAM,oBAAoB,CAAC;AAa5B;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,SAAS,CAC7B,IAAI,EAAE,gBAAgB,GACrB,OAAO,CAAC;IAAE,aAAa,EAAE,OAAO,CAAA;CAAE,CAAC,CAgJrC"}
|
|
@@ -8,61 +8,8 @@ import { printComparisonError } from '../ui/scan/printComparisonError.js';
|
|
|
8
8
|
import { hasIgnoreComment } from '../core/secretDetectors.js';
|
|
9
9
|
import { frameworkValidator } from '../core/frameworkValidator.js';
|
|
10
10
|
import { detectSecretsInExample } from '../core/exampleSecretDetector.js';
|
|
11
|
-
import {
|
|
12
|
-
|
|
13
|
-
* Filters out commented usages from the list.
|
|
14
|
-
* Skipping comments:
|
|
15
|
-
* // process.env.API_URL
|
|
16
|
-
* # process.env.API_URL
|
|
17
|
-
* /* process.env.API_URL
|
|
18
|
-
* * process.env.API_URL
|
|
19
|
-
* <!-- process.env.API_URL -->
|
|
20
|
-
* @param usages - List of environment variable usages
|
|
21
|
-
* @returns Filtered list of environment variable usages
|
|
22
|
-
*/
|
|
23
|
-
function skipCommentedUsages(usages) {
|
|
24
|
-
let insideHtmlComment = false;
|
|
25
|
-
let insideIgnoreBlock = false;
|
|
26
|
-
return usages.filter((u) => {
|
|
27
|
-
if (!u.context)
|
|
28
|
-
return true;
|
|
29
|
-
const line = u.context.trim();
|
|
30
|
-
if (line.includes('<!--'))
|
|
31
|
-
insideHtmlComment = true;
|
|
32
|
-
if (line.includes('-->')) {
|
|
33
|
-
insideHtmlComment = false;
|
|
34
|
-
return false;
|
|
35
|
-
}
|
|
36
|
-
if (/<!--\s*dotenv[\s-]*diff[\s-]*ignore[\s-]*start\s*-->/i.test(line)) {
|
|
37
|
-
insideIgnoreBlock = true;
|
|
38
|
-
return false;
|
|
39
|
-
}
|
|
40
|
-
if (/<!--\s*dotenv[\s-]*diff[\s-]*ignore[\s-]*end\s*-->/i.test(line)) {
|
|
41
|
-
insideIgnoreBlock = false;
|
|
42
|
-
return false;
|
|
43
|
-
}
|
|
44
|
-
if (insideIgnoreBlock)
|
|
45
|
-
return false;
|
|
46
|
-
return (!insideHtmlComment &&
|
|
47
|
-
!/^\s*(\/\/|#|\/\*|\*|<!--|-->)/.test(line) &&
|
|
48
|
-
!hasIgnoreComment(line));
|
|
49
|
-
});
|
|
50
|
-
}
|
|
51
|
-
/**
|
|
52
|
-
* Recalculates statistics for a scan result after filtering usages.
|
|
53
|
-
* @param scanResult The current scan result
|
|
54
|
-
* @returns Updated scanResult with recalculated stats
|
|
55
|
-
*/
|
|
56
|
-
function calculateStats(scanResult) {
|
|
57
|
-
const uniqueVariables = new Set(scanResult.used.map((u) => u.variable)).size;
|
|
58
|
-
scanResult.stats = {
|
|
59
|
-
filesScanned: scanResult.stats.filesScanned,
|
|
60
|
-
totalUsages: scanResult.used.length,
|
|
61
|
-
uniqueVariables,
|
|
62
|
-
duration: scanResult.stats.duration,
|
|
63
|
-
};
|
|
64
|
-
return scanResult;
|
|
65
|
-
}
|
|
11
|
+
import { detectT3Env } from '../core/t3env/detectT3Env.js';
|
|
12
|
+
import { applyT3EnvRules } from '../core/t3env/t3EnvRules.js';
|
|
66
13
|
/**
|
|
67
14
|
* Scans the codebase for environment variable usage and compares it with
|
|
68
15
|
* the selected environment file (.env or .env.example).
|
|
@@ -100,8 +47,18 @@ export async function scanUsage(opts) {
|
|
|
100
47
|
if (frameworkWarnings.length > 0) {
|
|
101
48
|
scanResult.frameworkWarnings = frameworkWarnings;
|
|
102
49
|
}
|
|
103
|
-
if
|
|
104
|
-
|
|
50
|
+
// T3-env validation if t3env option is enabled or auto-detected
|
|
51
|
+
if (opts.t3env) {
|
|
52
|
+
const t3Detection = await detectT3Env(opts.cwd);
|
|
53
|
+
if (t3Detection.detected && t3Detection.schema) {
|
|
54
|
+
const t3EnvWarnings = [];
|
|
55
|
+
for (const usage of scanResult.used) {
|
|
56
|
+
applyT3EnvRules(usage, t3EnvWarnings, t3Detection.schema);
|
|
57
|
+
}
|
|
58
|
+
if (t3EnvWarnings.length > 0) {
|
|
59
|
+
scanResult.t3EnvWarnings = t3EnvWarnings;
|
|
60
|
+
}
|
|
61
|
+
}
|
|
105
62
|
}
|
|
106
63
|
// Determine which file to compare against
|
|
107
64
|
const compareFile = determineComparisonFile(opts);
|
|
@@ -134,6 +91,13 @@ export async function scanUsage(opts) {
|
|
|
134
91
|
if (result.uppercaseWarnings) {
|
|
135
92
|
scanResult.uppercaseWarnings = result.uppercaseWarnings;
|
|
136
93
|
}
|
|
94
|
+
if (result.expireWarnings) {
|
|
95
|
+
scanResult.expireWarnings = result.expireWarnings;
|
|
96
|
+
}
|
|
97
|
+
if (result.inconsistentNamingWarnings) {
|
|
98
|
+
scanResult.inconsistentNamingWarnings =
|
|
99
|
+
result.inconsistentNamingWarnings;
|
|
100
|
+
}
|
|
137
101
|
if (result.exampleFull && result.comparedAgainst === '.env.example') {
|
|
138
102
|
scanResult.exampleWarnings = detectSecretsInExample(result.exampleFull);
|
|
139
103
|
}
|
|
@@ -159,8 +123,11 @@ export async function scanUsage(opts) {
|
|
|
159
123
|
(scanResult.secrets?.length ?? 0) > 0)) ||
|
|
160
124
|
(scanResult.exampleWarnings?.length ?? 0) > 0 ||
|
|
161
125
|
(scanResult.frameworkWarnings?.length ?? 0) > 0 ||
|
|
126
|
+
(scanResult.t3EnvWarnings?.length ?? 0) > 0 ||
|
|
162
127
|
(scanResult.logged?.length ?? 0) > 0 ||
|
|
163
|
-
(scanResult.uppercaseWarnings?.length ?? 0) > 0
|
|
128
|
+
(scanResult.uppercaseWarnings?.length ?? 0) > 0 ||
|
|
129
|
+
(scanResult.expireWarnings?.length ?? 0) > 0 ||
|
|
130
|
+
(scanResult.inconsistentNamingWarnings?.length ?? 0) > 0),
|
|
164
131
|
};
|
|
165
132
|
}
|
|
166
133
|
// Console output
|
|
@@ -172,4 +139,58 @@ export async function scanUsage(opts) {
|
|
|
172
139
|
});
|
|
173
140
|
return { exitWithError: result.exitWithError || duplicatesFound };
|
|
174
141
|
}
|
|
142
|
+
/**
|
|
143
|
+
* Filters out commented usages from the list.
|
|
144
|
+
* Skipping comments:
|
|
145
|
+
* // process.env.API_URL
|
|
146
|
+
* # process.env.API_URL
|
|
147
|
+
* /* process.env.API_URL
|
|
148
|
+
* * process.env.API_URL
|
|
149
|
+
* <!-- process.env.API_URL -->
|
|
150
|
+
* @param usages - List of environment variable usages
|
|
151
|
+
* @returns Filtered list of environment variable usages
|
|
152
|
+
*/
|
|
153
|
+
function skipCommentedUsages(usages) {
|
|
154
|
+
let insideHtmlComment = false;
|
|
155
|
+
let insideIgnoreBlock = false;
|
|
156
|
+
return usages.filter((u) => {
|
|
157
|
+
if (!u.context)
|
|
158
|
+
return true;
|
|
159
|
+
const line = u.context.trim();
|
|
160
|
+
if (line.includes('<!--'))
|
|
161
|
+
insideHtmlComment = true;
|
|
162
|
+
if (line.includes('-->')) {
|
|
163
|
+
insideHtmlComment = false;
|
|
164
|
+
return false;
|
|
165
|
+
}
|
|
166
|
+
if (/<!--\s*dotenv[\s-]*diff[\s-]*ignore[\s-]*start\s*-->/i.test(line)) {
|
|
167
|
+
insideIgnoreBlock = true;
|
|
168
|
+
return false;
|
|
169
|
+
}
|
|
170
|
+
if (/<!--\s*dotenv[\s-]*diff[\s-]*ignore[\s-]*end\s*-->/i.test(line)) {
|
|
171
|
+
insideIgnoreBlock = false;
|
|
172
|
+
return false;
|
|
173
|
+
}
|
|
174
|
+
if (insideIgnoreBlock)
|
|
175
|
+
return false;
|
|
176
|
+
return (!insideHtmlComment &&
|
|
177
|
+
!/^\s*(\/\/|#|\/\*|\*|<!--|-->)/.test(line) &&
|
|
178
|
+
!hasIgnoreComment(line));
|
|
179
|
+
});
|
|
180
|
+
}
|
|
181
|
+
/**
|
|
182
|
+
* Recalculates statistics for a scan result after filtering usages.
|
|
183
|
+
* @param scanResult The current scan result
|
|
184
|
+
* @returns Updated scanResult with recalculated stats
|
|
185
|
+
*/
|
|
186
|
+
function calculateStats(scanResult) {
|
|
187
|
+
const uniqueVariables = new Set(scanResult.used.map((u) => u.variable)).size;
|
|
188
|
+
scanResult.stats = {
|
|
189
|
+
filesScanned: scanResult.stats.filesScanned,
|
|
190
|
+
totalUsages: scanResult.used.length,
|
|
191
|
+
uniqueVariables,
|
|
192
|
+
duration: scanResult.stats.duration,
|
|
193
|
+
};
|
|
194
|
+
return scanResult;
|
|
195
|
+
}
|
|
175
196
|
//# sourceMappingURL=scanUsage.js.map
|