npm - dotsec - Versions diffs - 4.0.0-alpha.8 → 4.0.0-alpha.9 - Mend

dotsec 4.0.0-alpha.8 → 4.0.0-alpha.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/cli/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+
2	+ export { }

package/dist/cli/index.js CHANGED Viewed

@@ -1,4 +1,89 @@
-var je=Object.create;var J=Object.defineProperty;var Ve=Object.getOwnPropertyDescriptor;var Ae=Object.getOwnPropertyNames;var ke=Object.getPrototypeOf,He=Object.prototype.hasOwnProperty;var Le=(t,o,s,i)=>{if(o&&typeof o=="object"||typeof o=="function")for(let e of Ae(o))!He.call(t,e)&&e!==s&&J(t,e,{get:()=>o[e],enumerable:!(i=Ve(o,e))||i.enumerable});return t};var D=(t,o,s)=>(s=t!=null?je(ke(t)):{},Le(o||!t||!t.__esModule?J(s,"default",{value:t,enumerable:!0}):s,t));var Te=require("commander");var Me="dotsec.config.ts",B=[Me],q=".sec",G=".env",_={defaults:{}};var Y=D(require("fs")),z=D(require("path"));function Re(t){try{return new Function(`return ${t.trim()}`)()}catch{return{}}}var Q=async t=>{try{return Re(await Y.default.promises.readFile(t,"utf8"))}catch(o){throw o instanceof Error?new Error(`Failed to parse ${z.default.relative(process.cwd(),t)}: ${o.message}`):o}};var X=require("bundle-require"),Z=D(require("joycon")),ee=D(require("path")),ne=async t=>{let o=process.cwd(),i=await new Z.default().resolve({files:t?[t]:[...B,"package.json"],cwd:o,stopDir:ee.default.parse(o).root,packageKey:"dotsec"});if(t&&i===null)throw new Error(`Could not find config file ${t}`);if(i){if(i.endsWith(".json")){let e=await Q(i),n;return i.endsWith("package.json")&&e.dotsec!==void 0?n=e.dotsec:n=e,{source:"json",contents:{..._,...n,defaults:{...n?.defaults,..._.defaults,plugins:{...n?.defaults?.plugins,..._.defaults?.plugins}},push:{...n?.push}}}}else if(i.endsWith(".ts")){let e=await(0,X.bundleRequire)({filepath:i}),n=e.mod.dotsec||e.mod.default||e.mod;return{source:"ts",contents:{..._,...n,defaults:{...n?.defaults,..._.defaults,plugins:{...n?.defaults?.plugins,..._.defaults?.plugins}},push:{...n?.push}}}}}return{source:"defaultConfig",contents:_}};var W=async t=>import(t.name).then(o=>o.default);var te=require("commander"),F=(t,o,s)=>{t&&Object.values(t).map(i=>{let e;if(Array.isArray(i)){let[n,p,l]=i;e={flags:n,description:p,defaultValue:l}}else{let{flags:n,description:p,defaultValue:l,choices:c,env:r,fn:d}=i;e={flags:n,description:p,defaultValue:l,choices:c,env:r,fn:d}}if(e){let n=new te.Option(e.flags,e.description);e.fn&&n.argParser(e.fn),e.defaultValue&&n.default(e.defaultValue),e.env&&n.env(e.env),s&&n.makeOptionMandatory(!0),e.choices&&n.choices(e.choices),o.addOption(n)}})};var k=D(require("fs/promises")),oe=D(require("path")),ie=D(require("prompts")),V=async t=>await k.default.readFile(t,"utf-8"),I=async(t,o)=>await k.default.writeFile(t,o,"utf-8"),qe=async t=>{try{return await(0,k.stat)(t),!0}catch{return!1}},A=async({filePath:t,skip:o})=>{let s;return await qe(t)&&o!==!0?s=await(0,ie.default)({type:"confirm",name:"overwrite",message:()=>`Overwrite './${oe.default.relative(process.cwd(),t)}' ?`}):s=void 0,s};var re=D(require("chalk")),Ge=D(require("cli-table"));var h=t=>re.default.yellow.bold(t);var ye=require("commander");var S={option:["--env-file <envFile>",`Path to .env file. If not provided, will look for value in 'ENV_FILE' environment variable. If not provided, will look for '${G}' file in current directory.`,G],env:"ENV_FILE"},N={option:["--sec-file, <secFile>",`Path to .sec file. If not provided, will look for value in 'SEC_FILE' environment variable. If not provided, will look for '${q}' file in current directory.`,q],env:"SEC_FILE"},L={flags:"--using <using>",description:"Wether to use a dot env file or a dot sec file",choices:["env","sec"],env:"DOTSEC_USING"},se={flags:"--using <using>",description:"Wether to use a dot env file or a dot sec file",choices:["env"],env:"DOTSEC_USING"},$={option:["--yes","Skip confirmation prompts"]};var x={option:["-c, --config-file, --configFile <configFile>","Config file"],env:"DOTSEC_CONFIG_FILE"},ae={option:["--plugin <plugin>","Comma-separated list of plugins to use"],env:"DOTSEC_PLUGIN"},ce={option:["--engine <engine>","Encryption engine to use"],env:"DOTSEC_ENGINE"},M={option:["--create-manifest","Create a markdown manifest file. See the --manifest-file option for more information."],env:"CREATE_MANIFEST"},R={option:["--manifest-file-prefix <manifestFilePrefix>","Mmanifest file prefix"],env:"ENCRYPTION_MANIFEST_FILE"};var We={decrypt:{options:{configFile:x,envFile:S,secFile:N,createManifest:M,manifestFilePrefix:R,yes:$},description:"Decrypt a sec file",helpText:`Examples:
+'use strict';
+var commander = require('commander');
+var ce = require('fs');
+var ge = require('path');
+var bundleRequire = require('bundle-require');
+var Oe = require('joycon');
+var J = require('fs/promises');
+var De = require('prompts');
+var Pe = require('chalk');
+require('cli-table');
+var dotenvExpand = require('dotenv-expand');
+var child_process = require('child_process');
+var Ue = require('ajv');
+var Ye = require('yargs-parser');
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+var ce__default = /*#__PURE__*/_interopDefault(ce);
+var ge__default = /*#__PURE__*/_interopDefault(ge);
+var Oe__default = /*#__PURE__*/_interopDefault(Oe);
+var J__default = /*#__PURE__*/_interopDefault(J);
+var De__default = /*#__PURE__*/_interopDefault(De);
+var Pe__default = /*#__PURE__*/_interopDefault(Pe);
+var Ue__default = /*#__PURE__*/_interopDefault(Ue);
+var Ye__default = /*#__PURE__*/_interopDefault(Ye);
+var me="dotsec.config.ts",W=[me],L=".sec",K=".env",I={defaults:{}};function ye(i){try{return new Function(`return ${i.trim()}`)()}catch{return {}}}var U=async i=>{try{return ye(await ce__default.default.promises.readFile(i,"utf8"))}catch(t){throw t instanceof Error?new Error(`Failed to parse ${ge__default.default.relative(process.cwd(),i)}: ${t.message}`):t}};var Y=async i=>{let t=process.cwd(),o=await new Oe__default.default().resolve({files:i?[i]:[...W,"package.json"],cwd:t,stopDir:ge__default.default.parse(t).root,packageKey:"dotsec"});if(i&&o===null)throw new Error(`Could not find config file ${i}`);if(o){if(o.endsWith(".json")){let e=await U(o),n;return o.endsWith("package.json")&&e.dotsec!==void 0?n=e.dotsec:n=e,{source:"json",contents:{...I,...n,defaults:{...n?.defaults,...I.defaults,plugins:{...n?.defaults?.plugins,...I.defaults?.plugins}},push:{...n?.push}}}}else if(o.endsWith(".ts")){let e=await bundleRequire.bundleRequire({filepath:o}),n=e.mod.dotsec||e.mod.default||e.mod;return {source:"ts",contents:{...I,...n,defaults:{...n?.defaults,...I.defaults,plugins:{...n?.defaults?.plugins,...I.defaults?.plugins}},push:{...n?.push}}}}}return {source:"defaultConfig",contents:I}};var q=async i=>import(i.name).then(t=>t.default);var F=(i,t,a)=>{i&&Object.values(i).map(o=>{let e;if(Array.isArray(o)){let[n,s,p]=o;e={flags:n,description:s,defaultValue:p};}else {let{flags:n,description:s,defaultValue:p,choices:l,env:r,fn:d}=o;e={flags:n,description:s,defaultValue:p,choices:l,env:r,fn:d};}if(e){let n=new commander.Option(e.flags,e.description);e.fn&&n.argParser(e.fn),e.defaultValue&&n.default(e.defaultValue),e.env&&n.env(e.env),a&&n.makeOptionMandatory(!0),e.choices&&n.choices(e.choices),t.addOption(n);}});};var k=async i=>await J__default.default.readFile(i,"utf-8"),_=async(i,t)=>await J__default.default.writeFile(i,t,"utf-8"),xe=async i=>{try{return await J.stat(i),!0}catch{return !1}},V=async({filePath:i,skip:t})=>{let a;return await xe(i)&&t!==!0?a=await De__default.default({type:"confirm",name:"overwrite",message:()=>`Overwrite './${ge__default.default.relative(process.cwd(),i)}' ?`}):a=void 0,a};var Fe=/^(#.*)|(\s?\r?\n)|(?:^|^)\s*(?:export\s+)?([\w.-]*)(?:\s*=\s*?|:\s+?)(\s*'(?:\\'|[^'])*'|\s*"(?:\\"|[^"])*"|\s*`(?:\\`|[^`])*`|[^#\r\n]+)?(\s*)(#.*)?(?:$|$)/gm,P=i=>{let t={},a=[],o=i.toString();o=o.replace(/\r\n?/gm,`
+`);let e;for(;(e=Fe.exec(o))!=null;){let n=e[3];if(e?.[1]?.[0]==="#")a.push({type:"comment",raw:e[1]});else if(e?.[2])a.push({type:"whitespace",raw:e[2]});else {let s=e[4]||"";s=s.trim();let p=s[0];s=s.replace(/^(['"`])([\s\S]*)\1$/gm,"$2"),p==='"'&&(s=s.replace(/\\n/g,`
+`),s=s.replace(/\\r/g,"\r")),t[n]=s,a.push({type:"value",key:n,value:s,raw:s+(e[5]?e[5]:"")+(e[6]?e[6]:"")});}}return {blocks:a,obj:t}};if(undefined){let{it:i,expect:t}=undefined;i("parse",()=>{let a="KEY=value",o='KEY="value"',e="KEY='value'",n="KEY=value #   this is a comment";t(P(a)).toMatchInlineSnapshot(`
+			{
+			  "blocks": [
+			    {
+			      "key": "KEY",
+			      "raw": "value",
+			      "type": "value",
+			      "value": "value",
+			    },
+			  ],
+			  "obj": {
+			    "KEY": "value",
+			  },
+			}
+		`),t(P(o)).toMatchInlineSnapshot(`
+			{
+			  "blocks": [
+			    {
+			      "key": "KEY",
+			      "raw": "value",
+			      "type": "value",
+			      "value": "value",
+			    },
+			  ],
+			  "obj": {
+			    "KEY": "value",
+			  },
+			}
+		`),t(P(e)).toMatchInlineSnapshot(`
+			{
+			  "blocks": [
+			    {
+			      "key": "KEY",
+			      "raw": "value",
+			      "type": "value",
+			      "value": "value",
+			    },
+			  ],
+			  "obj": {
+			    "KEY": "value",
+			  },
+			}
+		`),t(P(n)).toMatchInlineSnapshot(`
+      {
+        "blocks": [
+          {
+            "key": "KEY",
+            "raw": "value#   this is a comment",
+            "type": "value",
+            "value": "value",
+          },
+        ],
+        "obj": {
+          "KEY": "value",
+        },
+      }
+    `);});}var C=i=>Pe__default.default.yellow.bold(i);var S={option:["--env-file <envFile>",`Path to .env file. If not provided, will look for value in 'ENV_FILE' environment variable. If not provided, will look for '${K}' file in current directory.`,K],env:"ENV_FILE"},N={option:["--sec-file, <secFile>",`Path to .sec file. If not provided, will look for value in 'SEC_FILE' environment variable. If not provided, will look for '${L}' file in current directory.`,L],env:"SEC_FILE"},A={flags:"--using <using>",description:"Wether to use a dot env file or a dot sec file",choices:["env","sec"],env:"DOTSEC_USING"},B={flags:"--using <using>",description:"Wether to use a dot env file or a dot sec file",choices:["env"],env:"DOTSEC_USING"},$={option:["--yes","Skip confirmation prompts"]};var x={option:["-c, --config-file, --configFile <configFile>","Config file"],env:"DOTSEC_CONFIG_FILE"},z={option:["--plugin <plugin>","Comma-separated list of plugins to use"],env:"DOTSEC_PLUGIN"},Q={option:["--engine <engine>","Encryption engine to use"],env:"DOTSEC_ENGINE"},H={option:["--create-manifest","Create a markdown manifest file. See the --manifest-file option for more information."],env:"CREATE_MANIFEST"},M={option:["--manifest-file-prefix <manifestFilePrefix>","Mmanifest file prefix"],env:"ENCRYPTION_MANIFEST_FILE"};var be={decrypt:{options:{configFile:x,envFile:S,secFile:N,createManifest:H,manifestFilePrefix:M,yes:$},description:"Decrypt a sec file",helpText:`Examples:
 Decrypt .sec file to .env file
@@ -25,7 +110,7 @@ Specify a different manifest file
 $ npx dotsec decrypt --manifest-file .manifest.dev
 $ MANIFEST_FILE=decryption-manifest.md npx dotsec decrypt
-`}},pe=We;var Ue={dotsec:{options:{configFile:x,plugin:ae}}},le=Ue;var Ke={encrypt:{options:{configFile:x,envFile:S,secFile:N,createManifest:M,manifestFile:R,yes:$},description:"Encrypt an env file",helpText:`Examples:
+`}},X=be;var $e={dotsec:{options:{configFile:x,plugin:z}}},Z=$e;var Se={encrypt:{options:{configFile:x,envFile:S,secFile:N,createManifest:H,manifestFile:M,yes:$},description:"Encrypt an env file",helpText:`Examples:
 Encrypt .env file to .sec file
@@ -55,7 +140,7 @@ Specify a different manifest file
 $ npx dotsec encrypt --manifest-file manifest.dev
 $ MANIFEST_FILE=encryption-manifest.md npx dotsec encrypt
-`}},de=Ke;var Je={init:{options:{configFile:x,yes:$},description:"Initialize a dotsec project by creating a dotsec.config.ts file.",helpText:`Examples:
+`}},ee=Se;var je={init:{options:{configFile:x,yes:$},description:"Initialize a dotsec project by creating a dotsec.config.ts file.",helpText:`Examples:
 Create a dotsec.config.ts file in the current directory
@@ -74,7 +159,7 @@ By specifying the --config-file option, you can create a dotsec config file with
 $ npx dotsec init --config-file dotsec.config.ts
 $ DOTSEC_CONFIG_FILE=my.config.ts npx dotsec init
-`}},fe=Je;var Be={push:{options:{configFile:x,envFile:S,secFile:N,yes:$},requiredOptions:{using:L},description:"Push variables from env or sec file to a remote",helpText:`Examples:
+`}},ne=je;var Te={push:{options:{configFile:x,envFile:S,secFile:N,yes:$},requiredOptions:{using:A},description:"Push variables from env or sec file to a remote",helpText:`Examples:
 Push variables from .env file to remote
@@ -86,7 +171,7 @@ Push variables from .sec file to remote
 $ npx dotsec push --using sec
 $ DOTSEC_USING=sec npx dotsec push
-`}},me=Be;var Ye={runEnvOnly:{usage:"--using env [commandArgs...]",options:{configFile:x,envFile:S,yes:$,engine:ce},requiredOptions:{using:se},description:"Run a command in a separate process and populate env with contents of a dotenv file.",helpText:`Examples:
+`}},te=Te;var Ie={runEnvOnly:{usage:"--using env [commandArgs...]",options:{configFile:x,envFile:S,yes:$,engine:Q},requiredOptions:{using:B},description:"Run a command in a separate process and populate env with contents of a dotenv file.",helpText:`Examples:
 Run a command with a .env file
@@ -106,7 +191,7 @@ $ ENV_FILE=.env.dev npx dotsec run --using env node -e "console.log(process.env)
 You can also specify 'using' as an environment variable
 $ DOTSEC_USING=env npx dotsec run node -e "console.log(process.env)"
-		`},run:{options:{configFile:x,envFile:S,secFile:N,yes:$},requiredOptions:{using:L},usage:"[--using env] [--using sec] [commandArgs...]",description:`Run a command in a separate process and populate env with either
+		`},run:{options:{configFile:x,envFile:S,secFile:N,yes:$},requiredOptions:{using:A},usage:"[--using env] [--using sec] [commandArgs...]",description:`Run a command in a separate process and populate env with either
 			- contents of a dotenv file
 			- decrypted values of a dotsec file.
@@ -130,11 +215,11 @@ $ dotsec run --with-sec echo "hello world"
 Run a command with a specific .sec file
 $ dotsec run --with-sec --sec-file .sec.dev echo "hello world"
-`}},ue=Ye;var ze={...le,...fe,...de,...pe,...ue,...me},Qe=t=>{if(Array.isArray(t)){let[o,s,i]=t;return{flags:o,description:s,defaultValue:i}}else{if("option"in t){let[o,s,i]=t.option;return{flags:o,description:s,defaultValue:i,env:t.env}}return t}},ge=(t,o)=>{let s=o?.dotsecConfig?.defaults?.options?.[o?.optionKey],i=Qe(t),e=new ye.Option(i.flags,i.description);return i.fn&&e.argParser(i.fn),i.defaultValue&&e.default(s||i.defaultValue),i.env&&e.env(i.env),o.required&&e.makeOptionMandatory(!0),i.choices&&e.choices(i.choices),e},P=t=>{let{program:o,commandName:s,dotsecConfig:i}=t,e=ze[s||o.name()];if(e){let{options:n,requiredOptions:p,description:l,usage:c,helpText:r}=e;n&&Object.keys(n).forEach(d=>{let m=n[d],g=ge(m,{dotsecConfig:i,optionKey:d});o.addOption(g)}),p&&Object.keys(p).forEach(d=>{let m=p[d],g=ge(m,{required:!0,dotsecConfig:i,optionKey:d});o.addOption(g)}),l&&o.description(l),c&&o.usage(c),r&&o.description(r)}};var Oe=require("dotenv"),Xe=async(t,o)=>{let{dotsecConfig:s,decryptHandlers:i}=o,e=t.enablePositionalOptions().passThroughOptions().command("decrypt").action(async(p,l)=>{try{let{envFile:c,secFile:r,engine:d,createManifest:m,manifestFile:g,yes:a}=l.optsWithGlobals(),u=d||s?.defaults?.encryptionEngine,f=(i||[]).find(v=>v.triggerOptionValue===u);if(!f)throw new Error(`No decryption plugin found, available decryption engine(s): ${o.decryptHandlers.map(v=>`--${v.triggerOptionValue}`).join(", ")}`);console.log("Decrypting with",h(f.encryptionEngineName||f.triggerOptionValue),"engine");let C=[...Object.keys(f.options||{}),...Object.keys(f.requiredOptions||{})],y=Object.fromEntries(C.map(v=>[v,p[v]])),E=await V(r),w=await f.handler({ciphertext:E,...y}),j=await A({filePath:c,skip:a});if((j===void 0||j.overwrite===!0)&&(await I(c,w),console.log(`Wrote plaintext contents of ${h(r)} file to ${h(c)}`)),m||s?.defaults?.options?.createManifest){let v=(0,Oe.parse)(w),O=`# Dotsec decryption manifest
+`}},oe=Ie;var Ne={...Z,...ne,...ee,...X,...oe,...te},ke=i=>{if(Array.isArray(i)){let[t,a,o]=i;return {flags:t,description:a,defaultValue:o}}else {if("option"in i){let[t,a,o]=i.option;return {flags:t,description:a,defaultValue:o,env:i.env}}return i}},ie=(i,t)=>{let a=t?.dotsecConfig?.defaults?.options?.[t?.optionKey],o=ke(i),e=new commander.Option(o.flags,o.description);return o.fn&&e.argParser(o.fn),o.defaultValue&&e.default(a||o.defaultValue),o.env&&e.env(o.env),t.required&&e.makeOptionMandatory(!0),o.choices&&e.choices(o.choices),e},b=i=>{let{program:t,commandName:a,dotsecConfig:o}=i,e=Ne[a||t.name()];if(e){let{options:n,requiredOptions:s,description:p,usage:l,helpText:r}=e;n&&Object.keys(n).forEach(d=>{let m=n[d],g=ie(m,{dotsecConfig:o,optionKey:d});t.addOption(g);}),s&&Object.keys(s).forEach(d=>{let m=s[d],g=ie(m,{required:!0,dotsecConfig:o,optionKey:d});t.addOption(g);}),p&&t.description(p),l&&t.usage(l),r&&t.description(r);}};var Ve=async(i,t)=>{let{dotsecConfig:a,decryptHandlers:o}=t,e=i.enablePositionalOptions().passThroughOptions().command("decrypt").action(async(s,p)=>{try{let{envFile:l,secFile:r,engine:d,createManifest:m,manifestFile:g,yes:c}=p.optsWithGlobals(),u=d||a?.defaults?.encryptionEngine,f=(o||[]).find(v=>v.triggerOptionValue===u);if(!f)throw new Error(`No decryption plugin found, available decryption engine(s): ${t.decryptHandlers.map(v=>`--${v.triggerOptionValue}`).join(", ")}`);console.log("Decrypting with",C(f.encryptionEngineName||f.triggerOptionValue),"engine");let h=[...Object.keys(f.options||{}),...Object.keys(f.requiredOptions||{})],y=Object.fromEntries(h.map(v=>[v,s[v]])),w=await k(r),D=await f.handler({ciphertext:w,...y}),T=await V({filePath:l,skip:c});if((T===void 0||T.overwrite===!0)&&(await _(l,D),console.log(`Wrote plaintext contents of ${C(r)} file to ${C(l)}`)),m||a?.defaults?.options?.createManifest){let v=P(D).obj,E=`# Dotsec decryption manifest
 ## Overview
-- plaintext source: ${c}
+- plaintext source: ${l}
 - ciphertext target: ${r}
 - created: ${new Date().toUTCString()}
 - Decryption engine: ${f.encryptionEngineName||f.triggerOptionValue}
@@ -144,25 +229,26 @@ $ dotsec run --with-sec --sec-file .sec.dev echo "hello world"
 | Key |
 | --- |
-${Object.keys(v).map(H=>`| \`${H} \`| `).join(`
+${Object.keys(v).map(R=>`| \`${R} \`| `).join(`
 `)}
-`,b=g||`${c}.decryption-manifest.md`;await I(b,O),console.log(`Wrote manifest of ${h(c)} file to ${h(b)}`)}}catch(c){console.error(h(c.message)),l.help()}});o.decryptHandlers.map(p=>{let{options:l,requiredOptions:c}=p;F(l,e),F(c,e,!0)});let n=o.decryptHandlers.map(p=>p.triggerOptionValue);return e.option("--engine <engine>",`Encryption engine${n.length>0?"s":""} to use: ${n.length===1?n[0]:n.join(", ")}`,n.length===1?n[0]:void 0),P({program:e,dotsecConfig:s}),e},Ce=Xe;var he=require("dotenv"),Ze=async(t,o)=>{let{encryptHandlers:s,dotsecConfig:i}=o,e=t.enablePositionalOptions().passThroughOptions().command("encrypt").action(async(l,c)=>{try{let{envFile:r,secFile:d,engine:m,createManifest:g,manifestFile:a,yes:u}=c.optsWithGlobals(),f=m||i?.defaults?.encryptionEngine,C=(s||[]).find(O=>O.triggerOptionValue===f);if(!C)throw new Error(`No encryption plugin found, available encryption engine(s): ${o.encryptHandlers.map(O=>O.triggerOptionValue).join(", ")}`);let y=[...Object.keys(C.options||{}),...Object.keys(C.requiredOptions||{})],E=Object.fromEntries(y.map(O=>[O,l[O]])),w=await V(r),j=await C.handler({plaintext:w,...E}),v=await A({filePath:d,skip:u});if((v===void 0||v.overwrite===!0)&&(await I(d,j),console.log(`Wrote encrypted contents of ${h(r)} file to ${h(d)}`),g||i?.defaults?.options?.createManifest)){let O=(0,he.parse)(w),b=`# Dotsec encryption manifest
+`,O=g||`${l}.decryption-manifest.md`;await _(O,E),console.log(`Wrote manifest of ${C(l)} file to ${C(O)}`);}}catch(l){console.error(C(l.message)),p.help();}});t.decryptHandlers.map(s=>{let{options:p,requiredOptions:l}=s;F(p,e),F(l,e,!0);});let n=t.decryptHandlers.map(s=>s.triggerOptionValue);return e.option("--engine <engine>",`Encryption engine${n.length>0?"s":""} to use: ${n.length===1?n[0]:n.join(", ")}`,n.length===1?n[0]:void 0),b({program:e,dotsecConfig:a}),e},re=Ve;var Ae=async(i,t)=>{let{encryptHandlers:a,dotsecConfig:o}=t,e=i.enablePositionalOptions().passThroughOptions().command("encrypt").action(async(p,l)=>{try{let{envFile:r,secFile:d,engine:m,createManifest:g,manifestFile:c,yes:u}=l.optsWithGlobals(),f=m||o?.defaults?.encryptionEngine,h=(a||[]).find(O=>O.triggerOptionValue===f);if(!h)throw new Error(`No encryption plugin found, available encryption engine(s): ${t.encryptHandlers.map(O=>O.triggerOptionValue).join(", ")}`);let y=[...Object.keys(h.options||{}),...Object.keys(h.requiredOptions||{})],w=Object.fromEntries(y.map(O=>[O,p[O]])),D=await k(r),T;try{T=await k(d);}catch{}let v=await h.handler({plaintext:D,ciphertext:T,...w}),E=await V({filePath:d,skip:u});if((E===void 0||E.overwrite===!0)&&(await _(d,v),console.log(`Wrote encrypted contents of ${C(r)} file to ${C(d)}`),g||o?.defaults?.options?.createManifest)){let O=P(D).obj,R=`# Dotsec encryption manifest
 ## Overview
 - plaintext source: ${r}
 - ciphertext target: ${d}
 - created: ${new Date().toUTCString()}
-- encryption engine: ${C.encryptionEngineName||C.triggerOptionValue}
-- encryption engine options: ${JSON.stringify(E)}
+- encryption engine: ${h.encryptionEngineName||h.triggerOptionValue}
+- encryption engine options: ${JSON.stringify(w)}
 ## Variables
 | Key |
 | --- |
-${Object.keys(O).map(Ne=>`| \`${Ne} \`| `).join(`
+${Object.keys(O).map(fe=>`| \`${fe} \`| `).join(`
 `)}
-`,H=a||`${d}.encryption-manifest.md`;await I(H,b),console.log(`Wrote manifest of ${h(r)} file to ${h(H)}`)}}catch(r){console.error(h(r.message)),c.help()}});o.encryptHandlers.map(l=>{let{options:c,requiredOptions:r}=l;F(c,e),F(r,e,!0)});let n=o.encryptHandlers.map(l=>l.triggerOptionValue),p=o.encryptHandlers.map(l=>l.encryptionEngineName);return e.option("--engine <engine>",`Encryption engine${n.length>0?"s":""}: ${n.length===1?n[0]:n.join(", ")}`,n.length===1?n[0]:void 0),P({program:e,dotsecConfig:i}),e.description(`Encrypt .env file using ${p.join(", ")}`),e},ve=Ze;var Ee=D(require("path")),en=async(t,o)=>{let{dotsecConfig:s}=o,i=t.enablePositionalOptions().passThroughOptions().command("init").action(async(e,n)=>{let{configFile:p="dotsec.config.ts",yes:l}=n.optsWithGlobals();try{let c=await V(Ee.default.resolve(__dirname,"../../src/templates/dotsec.config.ts")),r=await A({filePath:p,skip:l});(r===void 0||r.overwrite===!0)&&(await I(p,c),console.log(`Wrote config file to ${h(p)}`))}catch(c){n.error(c)}});return P({program:i,dotsecConfig:s}),i},we=en;var De=require("dotenv"),xe=require("dotenv-expand"),U=D(require("fs")),nn=async(t,o)=>{let{dotsecConfig:s,handlers:i}=o,e=t.enablePositionalOptions().passThroughOptions().command("push").action(async(r,d)=>{try{let{using:m,envFile:g,secFile:a,engine:u,yes:f}=d.optsWithGlobals(),C=u||s?.defaults?.encryptionEngine,y=(i||[]).find(O=>O.decrypt?.triggerOptionValue===C)?.decrypt,E=(i||[]).find(O=>O.push?.triggerOptionValue===C)?.push;if(!E)throw new Error("No push plugin found!");let w=[...Object.keys(y?.options||{}),...Object.keys(y?.requiredOptions||{}),...Object.keys(E?.options||{}),...Object.keys(E?.requiredOptions||{})],j=Object.fromEntries(w.map(O=>[O,r[O]])),v;if(m==="env"){if(!g)throw new Error("No dotenv file specified in --env-file option");v=U.default.readFileSync(g,"utf8")}else{if(!a)throw new Error("No dotsec file specified in --sec-file option");if(!y)throw new Error(`No decryption plugin found, available decryption engine(s): ${i.map(b=>`--${b.decrypt?.triggerOptionValue}`).join(", ")}`);let O=U.default.readFileSync(a,"utf8");v=await y.handler({ciphertext:O,...j})}if(v){let O=(0,De.parse)(v),b=(0,xe.expand)({ignoreProcessEnv:!0,parsed:{...process.env,...O}});b.parsed&&await E.handler({push:b.parsed,yes:f,...j})}else throw new Error("No .env or .sec file provided")}catch(m){console.error(m),process.exit(1)}});P({program:e,dotsecConfig:s});let n=o.handlers.map(({decrypt:r})=>r.triggerOptionValue);e.option("--engine <engine>",`Encryption engine${n.length>0?"s":""} to use: ${n.length===1?n[0]:n.join(", ")}`,n.length===1?n[0]:void 0);let p={};o.handlers.forEach(r=>{Object.keys(r).map(d=>{let{options:m,requiredOptions:g}=r[d];Object.keys(m||{}).forEach(a=>{p[a]=Array.isArray(m[a])?m[a]:{...p[a],...m[a]}}),Object.keys(g||{}).forEach(a=>{p[a]=Array.isArray(g[a])?g[a]:{...p[a],...g[a],required:!0}})})});let l=[],c=[];return i.forEach(r=>{r.push?.description&&c.push(r.push.description),r.push?.usage&&l.push(r.push.usage)}),c.length>0&&e.description(c.join(`
-`)),l.length>0&&e.usage(l.join(`
-`)),F(Object.fromEntries(Object.entries(p).filter(([r,d])=>d.required!==!0)),e),F(Object.fromEntries(Object.entries(p).filter(([r,d])=>d.required===!0)),e,!0),e},Fe=nn;var K=D(require("fs")),Pe=require("dotenv"),$e=require("dotenv-expand");var be=require("child_process"),tn=(t,o)=>{let{dotsecConfig:s,decryptHandlers:i}=o||{},e=i!==void 0&&i.length>0,n=t.command("run <command...>").allowUnknownOption(!0).enablePositionalOptions().passThroughOptions().showHelpAfterError(!0).action(async(p,l,c)=>{try{let{envFile:r,using:d,secFile:m,engine:g}=c.optsWithGlobals(),a;if(d==="env"||e===!1){if(!r)throw new Error("No dotenv file specified in --env-file option");a=K.default.readFileSync(r,"utf8")}else if(d==="sec"){if(!m)throw new Error("No dotsec file specified in --sec-file option");let u=g||s?.defaults?.encryptionEngine,f=(i||[]).find(w=>w.triggerOptionValue===u);if(!f)throw new Error(`No decryption plugin found, available decryption engine(s): ${(i||[]).map(w=>`--${w.triggerOptionValue}`).join(", ")}`);let C=[...Object.keys(f.options||{}),...Object.keys(f.requiredOptions||{})],y=Object.fromEntries(C.map(w=>[w,l[w]])),E=K.default.readFileSync(m,"utf8");a=await f.handler({ciphertext:E,...y})}if(a){let u=(0,Pe.parse)(a),f=(0,$e.expand)({ignoreProcessEnv:!0,parsed:{...process.env,...u}}),[C,...y]=p,E=(0,be.spawnSync)(C,[...y],{stdio:"inherit",shell:!1,encoding:"utf-8",env:{...f.parsed,...process.env,__DOTSEC_ENV__:JSON.stringify(Object.keys(u))}});E.status!==0&&process.exit(E.status||1)}else throw new Error("No .env or .sec file provided")}catch(r){console.error(h(r.message)),c.help()}});if(P({program:n,commandName:e?"run":"runEnvOnly",dotsecConfig:s}),e){i?.map(l=>{let{options:c,requiredOptions:r}=l;F(c,n),F(r,n,!0)});let p=i?.map(l=>l.triggerOptionValue);n.option("--engine <engine>",`Encryption engine${p.length>0?"s":""}: ${p.join(", "),p.length===1?p[0]:void 0}`)}return n},Se=tn;var _e=D(require("ajv")),Ie=D(require("yargs-parser")),on={keyword:"separator",type:"string",metaSchema:{type:"string",description:"value separator"},modifying:!0,valid:!0,errors:!1,compile:t=>(o,s)=>{if(s){let{parentData:i,parentDataProperty:e}=s;return i[e]=o===""?[]:o.split(t),!0}else return!1}},T=new Te.Command;(async()=>{let t=(0,Ie.default)(process.argv),o=[];t.plugin&&(Array.isArray(t.plugin)?o.push(...t.plugin):o.push(t.plugin));let s=t.configFile||t.c,i=[...Array.isArray(s)?s:[s]][0]||process.env.DOTSEC_CONFIG_FILE,{contents:e={}}=await ne(i),{defaults:n={},push:p,plugins:l}=e;T.name("dotsec").description(".env, but secure").version("1.0.0").passThroughOptions().action((a,u)=>{u.help()}),P({program:T,dotsecConfig:e});let c=new _e.default({allErrors:!0,removeAdditional:!0,useDefaults:!0,coerceTypes:!0,allowUnionTypes:!0,addUsedSchema:!1,keywords:[on]}),r={};if(l)for(let a of l)n?.plugins?.[a]||(n.plugins={...n.plugins,[a]:{}});if(o.length>0)for(let a of o){let f=await(await W({name:a}))({dotsecConfig:e,ajv:c,configFile:i});r[f.name]=a,o.length===1&&(e.defaults={...e.defaults,encryptionEngine:String(f.name),plugins:{...e.defaults?.plugins,[f.name]:{...e.defaults?.plugins?.[f.name]}}})}n?.encryptionEngine&&(n?.plugins?.[n.encryptionEngine]||(n.plugins={...n.plugins,[n.encryptionEngine]:{}})),n?.plugins&&Object.entries(n?.plugins).forEach(([a,u])=>{u?.name?r[a]=u?.name:r[a]=`@dotsec/plugin-${a}`}),Object.values(p||{}).forEach(a=>{Object.keys(a).forEach(u=>{r[u]||(r[u]=`@dotsec/plugin-${u}`)})});let d=[],m=[],g=[];for(let a of Object.keys(r)){let u=r[a],f=await W({name:u}),{addCliCommand:C,cliHandlers:y}=await f({ajv:c,dotsecConfig:e,configFile:i});y?.encrypt&&d.push(y.encrypt),y?.decrypt&&(m.push(y.decrypt),y?.push&&g.push({push:y.push,decrypt:y.decrypt})),C&&C({program:T})}d.length&&await ve(T,{dotsecConfig:e,encryptHandlers:d}),m.length&&await Ce(T,{dotsecConfig:e,decryptHandlers:m}),g.length&&await Fe(T,{dotsecConfig:e,handlers:g}),await we(T,{dotsecConfig:e}),await Se(T,{dotsecConfig:e,decryptHandlers:m}),await T.parse()})();
+`,G=c||`${d}.encryption-manifest.md`;await _(G,R),console.log(`Wrote manifest of ${C(r)} file to ${C(G)}`);}}catch(r){console.error(C(r.message)),l.help();}});t.encryptHandlers.map(p=>{let{options:l,requiredOptions:r}=p;F(l,e),F(r,e,!0);});let n=t.encryptHandlers.map(p=>p.triggerOptionValue),s=t.encryptHandlers.map(p=>p.encryptionEngineName);return e.option("--engine <engine>",`Encryption engine${n.length>0?"s":""}: ${n.length===1?n[0]:n.join(", ")}`,n.length===1?n[0]:void 0),b({program:e,dotsecConfig:o}),e.description(`Encrypt .env file using ${s.join(", ")}`),e},se=Ae;var Me=async(i,t)=>{let{dotsecConfig:a}=t,o=i.enablePositionalOptions().passThroughOptions().command("init").action(async(e,n)=>{let{configFile:s="dotsec.config.ts",yes:p}=n.optsWithGlobals();try{let l=await k(ge__default.default.resolve(__dirname,"../../src/templates/dotsec.config.ts")),r=await V({filePath:s,skip:p});(r===void 0||r.overwrite===!0)&&(await _(s,l),console.log(`Wrote config file to ${C(s)}`));}catch(l){n.error(l);}});return b({program:o,dotsecConfig:a}),o},ae=Me;var Le=async(i,t)=>{let{dotsecConfig:a,handlers:o}=t,e=i.enablePositionalOptions().passThroughOptions().command("push").action(async(r,d)=>{try{let{using:m,envFile:g,secFile:c,engine:u,yes:f}=d.optsWithGlobals(),h=u||a?.defaults?.encryptionEngine,y=(o||[]).find(E=>E.decrypt?.triggerOptionValue===h)?.decrypt,w=(o||[]).find(E=>E.push?.triggerOptionValue===h)?.push;if(!w)throw new Error("No push plugin found!");let D=[...Object.keys(y?.options||{}),...Object.keys(y?.requiredOptions||{}),...Object.keys(w?.options||{}),...Object.keys(w?.requiredOptions||{})],T=Object.fromEntries(D.map(E=>[E,r[E]])),v;if(m==="env"){if(!g)throw new Error("No dotenv file specified in --env-file option");v=ce__default.default.readFileSync(g,"utf8");}else {if(!c)throw new Error("No dotsec file specified in --sec-file option");if(!y)throw new Error(`No decryption plugin found, available decryption engine(s): ${o.map(O=>`--${O.decrypt?.triggerOptionValue}`).join(", ")}`);let E=ce__default.default.readFileSync(c,"utf8");v=await y.handler({ciphertext:E,...T});}if(v){let E=P(v).obj,O=dotenvExpand.expand({ignoreProcessEnv:!0,parsed:{...process.env,...E}});O.parsed&&await w.handler({push:O.parsed,yes:f,...T});}else throw new Error("No .env or .sec file provided")}catch(m){console.error(m),process.exit(1);}});b({program:e,dotsecConfig:a});let n=t.handlers.map(({decrypt:r})=>r.triggerOptionValue);e.option("--engine <engine>",`Encryption engine${n.length>0?"s":""} to use: ${n.length===1?n[0]:n.join(", ")}`,n.length===1?n[0]:void 0);let s={};t.handlers.forEach(r=>{Object.keys(r).map(d=>{let{options:m,requiredOptions:g}=r[d];Object.keys(m||{}).forEach(c=>{s[c]=Array.isArray(m[c])?m[c]:{...s[c],...m[c]};}),Object.keys(g||{}).forEach(c=>{s[c]=Array.isArray(g[c])?g[c]:{...s[c],...g[c],required:!0};});});});let p=[],l=[];return o.forEach(r=>{r.push?.description&&l.push(r.push.description),r.push?.usage&&p.push(r.push.usage);}),l.length>0&&e.description(l.join(`
+`)),p.length>0&&e.usage(p.join(`
+`)),F(Object.fromEntries(Object.entries(s).filter(([r,d])=>d.required!==!0)),e),F(Object.fromEntries(Object.entries(s).filter(([r,d])=>d.required===!0)),e,!0),e},pe=Le;var Ge=(i,t)=>{let{dotsecConfig:a,decryptHandlers:o}=t||{},e=o!==void 0&&o.length>0,n=i.command("run <command...>").allowUnknownOption(!0).enablePositionalOptions().passThroughOptions().showHelpAfterError(!0).action(async(s,p,l)=>{try{let{envFile:r,using:d,secFile:m,engine:g}=l.optsWithGlobals(),c;if(d==="env"||e===!1){if(!r)throw new Error("No dotenv file specified in --env-file option");c=ce__default.default.readFileSync(r,"utf8");}else if(d==="sec"){if(!m)throw new Error("No dotsec file specified in --sec-file option");let u=g||a?.defaults?.encryptionEngine,f=(o||[]).find(D=>D.triggerOptionValue===u);if(!f)throw new Error(`No decryption plugin found, available decryption engine(s): ${(o||[]).map(D=>`--${D.triggerOptionValue}`).join(", ")}`);let h=[...Object.keys(f.options||{}),...Object.keys(f.requiredOptions||{})],y=Object.fromEntries(h.map(D=>[D,p[D]])),w=ce__default.default.readFileSync(m,"utf8");c=await f.handler({ciphertext:w,...y});}if(c){let u=P(c).obj,f=dotenvExpand.expand({ignoreProcessEnv:!0,parsed:{...process.env,...u}}),[h,...y]=s,w=child_process.spawnSync(h,[...y],{stdio:"inherit",shell:!1,encoding:"utf-8",env:{...f.parsed,...process.env,__DOTSEC_ENV__:JSON.stringify(Object.keys(u))}});w.status!==0&&process.exit(w.status||1);}else throw new Error("No .env or .sec file provided")}catch(r){console.error(C(r.message)),l.help();}});if(b({program:n,commandName:e?"run":"runEnvOnly",dotsecConfig:a}),e){o?.map(p=>{let{options:l,requiredOptions:r}=p;F(l,n),F(r,n,!0);});let s=o?.map(p=>p.triggerOptionValue);n.option("--engine <engine>",`Encryption engine${s.length>0?"s":""}: ${s.join(", "),s.length===1?s[0]:void 0}`);}return n},de=Ge;var Je={keyword:"separator",type:"string",metaSchema:{type:"string",description:"value separator"},modifying:!0,valid:!0,errors:!1,compile:i=>(t,a)=>{if(a){let{parentData:o,parentDataProperty:e}=a;return o[e]=t===""?[]:t.split(i),!0}else return !1}},j=new commander.Command;(async()=>{let i=Ye__default.default(process.argv),t=[];i.plugin&&(Array.isArray(i.plugin)?t.push(...i.plugin):t.push(i.plugin));let a=i.configFile||i.c,o=[...Array.isArray(a)?a:[a]][0]||process.env.DOTSEC_CONFIG_FILE,{contents:e={}}=await Y(o),{defaults:n={},push:s,plugins:p}=e;j.name("dotsec").description(".env, but secure").version("1.0.0").passThroughOptions().action((c,u)=>{u.help();}),b({program:j,dotsecConfig:e});let l=new Ue__default.default({allErrors:!0,removeAdditional:!0,useDefaults:!0,coerceTypes:!0,allowUnionTypes:!0,addUsedSchema:!1,keywords:[Je]}),r={};if(p)for(let c of p)n?.plugins?.[c]||(n.plugins={...n.plugins,[c]:{}});if(t.length>0)for(let c of t){let f=await(await q({name:c}))({dotsecConfig:e,ajv:l,configFile:o});r[f.name]=c,t.length===1&&(e.defaults={...e.defaults,encryptionEngine:String(f.name),plugins:{...e.defaults?.plugins,[f.name]:{...e.defaults?.plugins?.[f.name]}}});}n?.encryptionEngine&&(n?.plugins?.[n.encryptionEngine]||(n.plugins={...n.plugins,[n.encryptionEngine]:{}})),n?.plugins&&Object.entries(n?.plugins).forEach(([c,u])=>{u?.name?r[c]=u?.name:r[c]=`@dotsec/plugin-${c}`;}),Object.values(s||{}).forEach(c=>{Object.keys(c).forEach(u=>{r[u]||(r[u]=`@dotsec/plugin-${u}`);});});let d=[],m=[],g=[];for(let c of Object.keys(r)){let u=r[c],f=await q({name:u}),{addCliCommand:h,cliHandlers:y}=await f({ajv:l,dotsecConfig:e,configFile:o});y?.encrypt&&d.push(y.encrypt),y?.decrypt&&(m.push(y.decrypt),y?.push&&g.push({push:y.push,decrypt:y.decrypt})),h&&h({program:j});}d.length&&await se(j,{dotsecConfig:e,encryptHandlers:d}),m.length&&await re(j,{dotsecConfig:e,decryptHandlers:m}),g.length&&await pe(j,{dotsecConfig:e,handlers:g}),await ae(j,{dotsecConfig:e}),await de(j,{dotsecConfig:e,decryptHandlers:m}),await j.parse();})();
+//# sourceMappingURL=out.js.map
 //# sourceMappingURL=index.js.map