npm - envilder - Versions diffs - 0.9.3 → 0.10.0 - Mend

envilder 0.9.3 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/README.md CHANGED Viewed

@@ -62,7 +62,7 @@ No SaaS middleman. No vendor lock-in. Secrets stay in your cloud.
 |---------|-------------|
 | 📋 **Declarative Mapping** | One JSON file defines all secrets. Git-versioned, PR-reviewable, diff-able |
 | ☁️ **Multi-Provider** | AWS SSM + Azure Key Vault. No vendor lock-in |
-| 🔌 **Runtime SDKs** | Load secrets into memory at app startup: [.NET](./src/sdks/dotnet/README.md), [Python](./src/sdks/python/README.md). No `.env` on disk |
+| 🔌 **Runtime SDKs** | Load secrets into memory at app startup: [.NET](./src/sdks/dotnet/README.md), [Python](./src/sdks/python/README.md), [Node.js](./src/sdks/nodejs/README.md). No `.env` on disk |
 | ⚙️ **GitHub Action** | Pull secrets in CI/CD. Same mapping, zero manual config |
 | 🔄 **Bidirectional Sync** | Pull secrets to `.env` or push values back to the cloud |
 | 🧱 **Zero Infrastructure** | No servers, no proxies, no SaaS. Uses cloud services you already have |
@@ -83,6 +83,7 @@ Watch how easy it is to automate your .env management in less than 1 minute:
 ```json
 {
+  "$schema": "https://envilder.com/schema/map-file.v1.json",
   "DB_PASSWORD": "/my-app/db/password",
   "API_KEY": "/my-app/api-key"
 }
@@ -165,12 +166,17 @@ what secrets your app needs and where they live in your cloud provider. The same
 the CLI, the GitHub Action, and the runtime SDKs. You can optionally include a `$config` section
 to declare which provider and settings to use.
+Add `"$schema"` to enable IDE autocomplete, inline documentation, and validation for your map
+files. The schema is published at
+[envilder.com/schema/map-file.v1.json](https://envilder.com/schema/map-file.v1.json).
 ### Basic Format (AWS SSM, default)
 When no `$config` is present, Envilder defaults to AWS SSM Parameter Store:
 ```json
 {
+  "$schema": "https://envilder.com/schema/map-file.v1.json",
   "API_KEY": "/myapp/prod/api-key",
   "DB_PASSWORD": "/myapp/prod/db-password",
   "SECRET_TOKEN": "/myapp/prod/secret-token"
@@ -188,6 +194,7 @@ and uses all other keys as secret mappings:
 ```json
 {
+  "$schema": "https://envilder.com/schema/map-file.v1.json",
   "$config": {
     "provider": "aws",
     "profile": "prod-account"
@@ -201,6 +208,7 @@ and uses all other keys as secret mappings:
 ```json
 {
+  "$schema": "https://envilder.com/schema/map-file.v1.json",
   "$config": {
     "provider": "azure",
     "vaultUrl": "https://my-vault.vault.azure.net"
@@ -260,20 +268,15 @@ Load secrets into `IConfiguration` or inject them into the process environment:
 ```csharp
 // Option A: integrate with IConfiguration
-var mapFile = new MapFileParser().Parse(
-    File.ReadAllText("secrets-map.json"));
-var provider = SecretProviderFactory.Create(mapFile.Config);
 var config = new ConfigurationBuilder()
-    .AddEnvilder("secrets-map.json", provider)
+    .AddEnvilder("secrets-map.json")
     .Build();
 var dbPassword = config["DB_PASSWORD"];
 // Option B: resolve + inject into environment
-var client = new EnvilderClient(provider);
-var secrets = await client.ResolveSecretsAsync(mapFile);
-EnvilderClient.InjectIntoEnvironment(secrets);
+Envilder.Load("secrets-map.json");
+var dbPassword = Environment.GetEnvironmentVariable("DB_PASSWORD");
 ```
 📖 **[Full .NET SDK docs](./src/sdks/dotnet/README.md)**
@@ -311,6 +314,36 @@ Envilder.load('production', {
 📖 **[Full Python SDK docs](./src/sdks/python/README.md)**
+### Node.js SDK
+Install via npm:
+```bash
+npm install @envilder/sdk
+```
+Load secrets into your application with a single line:
+```typescript
+import { Envilder } from '@envilder/sdk';
+// Resolve + inject into process.env
+const secrets = await Envilder.load('secrets-map.json');
+```
+Or use the fluent builder for full control:
+```typescript
+import { Envilder, SecretProviderType } from '@envilder/sdk';
+const secrets = await Envilder.fromMapFile('secrets-map.json')
+  .withProvider(SecretProviderType.Aws)
+  .withProfile('prod-account')
+  .resolve();
+```
+📖 **[Full Node.js SDK docs](./src/sdks/nodejs/README.md)**
 ---
 ## 🛠️ How it works
@@ -345,7 +378,7 @@ No SaaS backend. No extra servers.
 | **Source of truth** | Your cloud (SSM / Key Vault) | Encrypted `.env` in git | Infisical backend |
 | **Declarative mapping** | ✅ JSON file | ❌ | ❌ |
 | **Multi-cloud** | ✅ AWS + Azure | ❌ | ✅ |
-| **Runtime SDKs** | ✅ .NET, Python | ✅ Node.js | ✅ 6+ languages |
+| **Runtime SDKs** | ✅ .NET, Python, Node.js | ✅ Node.js | ✅ 6+ languages |
 | **Requires SaaS** | ❌ | ❌ | Optional |
 | **Infrastructure** | None | None | Server required |
@@ -363,15 +396,15 @@ see [envilder.com](https://envilder.com).
 ## 🏁 What's Next
 Envilder already covers the full dev-to-production lifecycle with CLI, GitHub Action,
-and runtime SDKs for .NET and Python. Here's what's coming:
+and runtime SDKs for .NET, Python, and Node.js. Here's what's coming:
 | Status | Feature |
 |--------|---------|
 | ✅ | Pull & Push: bidirectional sync between `.env` and cloud vault |
 | ✅ | Multi-provider: AWS SSM + Azure Key Vault |
 | ✅ | GitHub Action for CI/CD |
-| ✅ | .NET SDK and Python SDK |
-| 🚧 | TypeScript, Go, and Java SDKs |
+| ✅ | .NET, Python, and Node.js SDKs |
+| 🚧 | Go and Java SDKs |
 | 🚧 | GCP Secret Manager |
 | 🚧 | Exec mode (inject secrets without writing to disk) |

package/ROADMAP.md CHANGED Viewed

@@ -33,12 +33,12 @@ or directly inside application code at runtime.
 | **Onboarding documentation** | [Setup guide](./docs/requirements-installation.md) |
 | **.NET SDK** (`Envilder`) | First runtime SDK — load secrets into `IConfiguration` or `EnvilderClient`. AWS SSM + Azure Key Vault. [Documentation](./src/sdks/dotnet/README.md) |
 | **Python SDK** (`envilder`) | Runtime library for Python — Django, FastAPI, data pipelines. Sync API with `EnvilderClient`, `MapFileParser`, `SecretProviderFactory`. AWS SSM + Azure Key Vault. Published to PyPI. [Documentation](./src/sdks/python/README.md) |
+| **Node.js SDK** (`@envilder/sdk`) | Runtime library for Node.js — load secrets directly into `process.env` from a map-file. AWS SSM + Azure Key Vault. Published to npm. [Documentation](./src/sdks/nodejs/README.md) |
 ### 🔥 Up Next
 | Feature | Priority | Notes |
 |---------|----------|-------|
-| **TypeScript SDK** (`@envilder/sdk`) | 🔴 High | Native runtime library — load secrets directly into `process.env` from a map-file. No `.env` file needed. Published to npm |
 | **Go SDK** (`envilder`) | 🔴 High | Runtime library for Go — cloud-native apps, Kubernetes tooling. Published as Go module |
 | **Java SDK** (`envilder`) | 🔴 High | Runtime library for Java/Kotlin — Spring Boot, Android backends. Published to Maven Central |
 | **Map-file JSON Schema** | 🔴 High | Formal spec for the map-file format at `spec/` — serves as the contract between all SDKs and tools |
@@ -82,7 +82,7 @@ All five SDKs are developed **in parallel** — same map-file contract, same con
 | SDK | Package | Registry |
 |-----|---------|----------|
-| **TypeScript** | `@envilder/sdk` | npm |
+| **Node.js** | `@envilder/sdk` | npm |
 | **Python** | `envilder` | PyPI |
 | **Go** | `envilder` | Go module |
 | **.NET** | `Envilder` | NuGet |
@@ -92,7 +92,7 @@ All five SDKs are developed **in parallel** — same map-file contract, same con
 - **One map-file spec** — formal JSON Schema at `spec/` is the source of truth for all SDKs
 - **Conformance tests** — language-agnostic fixtures that every SDK must pass
-- **Independent versioning** — each SDK has its own semver (`sdk-ts@1.2.0`, `sdk-py@0.3.0`)
+- **Independent versioning** — each SDK has its own semver (`sdk-node@1.2.0`, `sdk-py@0.3.0`)
 - **Shared test infrastructure** — LocalStack (AWS) and Lowkey Vault (Azure) via Docker Compose serve all SDKs
 ---