envilder 0.9.3 → 0.9.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (63) hide show
  1. package/README.md +38 -13
  2. package/ROADMAP.md +3 -3
  3. package/docs/CHANGELOG.md +9 -609
  4. package/docs/changelogs/cli.md +498 -0
  5. package/docs/changelogs/gha.md +74 -0
  6. package/docs/changelogs/sdk-dotnet.md +80 -0
  7. package/docs/changelogs/sdk-nodejs.md +22 -0
  8. package/docs/changelogs/sdk-python.md +82 -0
  9. package/lib/envilder/core/application/pushEnvToSecrets/PushEnvToSecretsCommandHandler.js +3 -3
  10. package/lib/envilder/core/application/pushEnvToSecrets/PushEnvToSecretsCommandHandler.js.map +1 -1
  11. package/lib/sdks/nodejs/src/application/envilder-client.d.ts +29 -0
  12. package/lib/sdks/nodejs/src/application/envilder-client.d.ts.map +1 -0
  13. package/lib/sdks/nodejs/src/application/envilder-client.js +60 -0
  14. package/lib/sdks/nodejs/src/application/envilder-client.js.map +1 -0
  15. package/lib/sdks/nodejs/src/application/envilder.d.ts +64 -0
  16. package/lib/sdks/nodejs/src/application/envilder.d.ts.map +1 -0
  17. package/lib/sdks/nodejs/src/application/envilder.js +168 -0
  18. package/lib/sdks/nodejs/src/application/envilder.js.map +1 -0
  19. package/lib/sdks/nodejs/src/application/map-file-parser.d.ts +14 -0
  20. package/lib/sdks/nodejs/src/application/map-file-parser.d.ts.map +1 -0
  21. package/lib/sdks/nodejs/src/application/map-file-parser.js +55 -0
  22. package/lib/sdks/nodejs/src/application/map-file-parser.js.map +1 -0
  23. package/lib/sdks/nodejs/src/application/secret-validation.d.ts +18 -0
  24. package/lib/sdks/nodejs/src/application/secret-validation.d.ts.map +1 -0
  25. package/lib/sdks/nodejs/src/application/secret-validation.js +32 -0
  26. package/lib/sdks/nodejs/src/application/secret-validation.js.map +1 -0
  27. package/lib/sdks/nodejs/src/domain/envilder-options.d.ts +7 -0
  28. package/lib/sdks/nodejs/src/domain/envilder-options.d.ts.map +1 -0
  29. package/lib/sdks/nodejs/src/domain/envilder-options.js +2 -0
  30. package/lib/sdks/nodejs/src/domain/envilder-options.js.map +1 -0
  31. package/lib/sdks/nodejs/src/domain/map-file-config.d.ts +7 -0
  32. package/lib/sdks/nodejs/src/domain/map-file-config.d.ts.map +1 -0
  33. package/lib/sdks/nodejs/src/domain/map-file-config.js +2 -0
  34. package/lib/sdks/nodejs/src/domain/map-file-config.js.map +1 -0
  35. package/lib/sdks/nodejs/src/domain/parsed-map-file.d.ts +6 -0
  36. package/lib/sdks/nodejs/src/domain/parsed-map-file.d.ts.map +1 -0
  37. package/lib/sdks/nodejs/src/domain/parsed-map-file.js +2 -0
  38. package/lib/sdks/nodejs/src/domain/parsed-map-file.js.map +1 -0
  39. package/lib/sdks/nodejs/src/domain/ports/secret-provider.d.ts +18 -0
  40. package/lib/sdks/nodejs/src/domain/ports/secret-provider.d.ts.map +1 -0
  41. package/lib/sdks/nodejs/src/domain/ports/secret-provider.js +2 -0
  42. package/lib/sdks/nodejs/src/domain/ports/secret-provider.js.map +1 -0
  43. package/lib/sdks/nodejs/src/domain/secret-provider-type.d.ts +5 -0
  44. package/lib/sdks/nodejs/src/domain/secret-provider-type.d.ts.map +1 -0
  45. package/lib/sdks/nodejs/src/domain/secret-provider-type.js +6 -0
  46. package/lib/sdks/nodejs/src/domain/secret-provider-type.js.map +1 -0
  47. package/lib/sdks/nodejs/src/index.d.ts +12 -0
  48. package/lib/sdks/nodejs/src/index.d.ts.map +1 -0
  49. package/lib/sdks/nodejs/src/index.js +11 -0
  50. package/lib/sdks/nodejs/src/index.js.map +1 -0
  51. package/lib/sdks/nodejs/src/infrastructure/aws/aws-ssm-secret-provider.d.ts +17 -0
  52. package/lib/sdks/nodejs/src/infrastructure/aws/aws-ssm-secret-provider.d.ts.map +1 -0
  53. package/lib/sdks/nodejs/src/infrastructure/aws/aws-ssm-secret-provider.js +56 -0
  54. package/lib/sdks/nodejs/src/infrastructure/aws/aws-ssm-secret-provider.js.map +1 -0
  55. package/lib/sdks/nodejs/src/infrastructure/azure/azure-key-vault-secret-provider.d.ts +15 -0
  56. package/lib/sdks/nodejs/src/infrastructure/azure/azure-key-vault-secret-provider.d.ts.map +1 -0
  57. package/lib/sdks/nodejs/src/infrastructure/azure/azure-key-vault-secret-provider.js +68 -0
  58. package/lib/sdks/nodejs/src/infrastructure/azure/azure-key-vault-secret-provider.js.map +1 -0
  59. package/lib/sdks/nodejs/src/infrastructure/secret-provider-factory.d.ts +5 -0
  60. package/lib/sdks/nodejs/src/infrastructure/secret-provider-factory.d.ts.map +1 -0
  61. package/lib/sdks/nodejs/src/infrastructure/secret-provider-factory.js +42 -0
  62. package/lib/sdks/nodejs/src/infrastructure/secret-provider-factory.js.map +1 -0
  63. package/package.json +9 -7
package/README.md CHANGED
@@ -62,7 +62,7 @@ No SaaS middleman. No vendor lock-in. Secrets stay in your cloud.
62
62
  |---------|-------------|
63
63
  | 📋 **Declarative Mapping** | One JSON file defines all secrets. Git-versioned, PR-reviewable, diff-able |
64
64
  | ☁️ **Multi-Provider** | AWS SSM + Azure Key Vault. No vendor lock-in |
65
- | 🔌 **Runtime SDKs** | Load secrets into memory at app startup: [.NET](./src/sdks/dotnet/README.md), [Python](./src/sdks/python/README.md). No `.env` on disk |
65
+ | 🔌 **Runtime SDKs** | Load secrets into memory at app startup: [.NET](./src/sdks/dotnet/README.md), [Python](./src/sdks/python/README.md), [Node.js](./src/sdks/nodejs/README.md). No `.env` on disk |
66
66
  | ⚙️ **GitHub Action** | Pull secrets in CI/CD. Same mapping, zero manual config |
67
67
  | 🔄 **Bidirectional Sync** | Pull secrets to `.env` or push values back to the cloud |
68
68
  | 🧱 **Zero Infrastructure** | No servers, no proxies, no SaaS. Uses cloud services you already have |
@@ -260,20 +260,15 @@ Load secrets into `IConfiguration` or inject them into the process environment:
260
260
 
261
261
  ```csharp
262
262
  // Option A: integrate with IConfiguration
263
- var mapFile = new MapFileParser().Parse(
264
- File.ReadAllText("secrets-map.json"));
265
- var provider = SecretProviderFactory.Create(mapFile.Config);
266
-
267
263
  var config = new ConfigurationBuilder()
268
- .AddEnvilder("secrets-map.json", provider)
264
+ .AddEnvilder("secrets-map.json")
269
265
  .Build();
270
266
 
271
267
  var dbPassword = config["DB_PASSWORD"];
272
268
 
273
269
  // Option B: resolve + inject into environment
274
- var client = new EnvilderClient(provider);
275
- var secrets = await client.ResolveSecretsAsync(mapFile);
276
- EnvilderClient.InjectIntoEnvironment(secrets);
270
+ Envilder.Load("secrets-map.json");
271
+ var dbPassword = Environment.GetEnvironmentVariable("DB_PASSWORD");
277
272
  ```
278
273
 
279
274
  📖 **[Full .NET SDK docs](./src/sdks/dotnet/README.md)**
@@ -311,6 +306,36 @@ Envilder.load('production', {
311
306
 
312
307
  📖 **[Full Python SDK docs](./src/sdks/python/README.md)**
313
308
 
309
+ ### Node.js SDK
310
+
311
+ Install via npm:
312
+
313
+ ```bash
314
+ npm install @envilder/sdk
315
+ ```
316
+
317
+ Load secrets into your application with a single line:
318
+
319
+ ```typescript
320
+ import { Envilder } from '@envilder/sdk';
321
+
322
+ // Resolve + inject into process.env
323
+ const secrets = await Envilder.load('secrets-map.json');
324
+ ```
325
+
326
+ Or use the fluent builder for full control:
327
+
328
+ ```typescript
329
+ import { Envilder, SecretProviderType } from '@envilder/sdk';
330
+
331
+ const secrets = await Envilder.fromMapFile('secrets-map.json')
332
+ .withProvider(SecretProviderType.Aws)
333
+ .withProfile('prod-account')
334
+ .resolve();
335
+ ```
336
+
337
+ 📖 **[Full Node.js SDK docs](./src/sdks/nodejs/README.md)**
338
+
314
339
  ---
315
340
 
316
341
  ## 🛠️ How it works
@@ -345,7 +370,7 @@ No SaaS backend. No extra servers.
345
370
  | **Source of truth** | Your cloud (SSM / Key Vault) | Encrypted `.env` in git | Infisical backend |
346
371
  | **Declarative mapping** | ✅ JSON file | ❌ | ❌ |
347
372
  | **Multi-cloud** | ✅ AWS + Azure | ❌ | ✅ |
348
- | **Runtime SDKs** | ✅ .NET, Python | ✅ Node.js | ✅ 6+ languages |
373
+ | **Runtime SDKs** | ✅ .NET, Python, Node.js | ✅ Node.js | ✅ 6+ languages |
349
374
  | **Requires SaaS** | ❌ | ❌ | Optional |
350
375
  | **Infrastructure** | None | None | Server required |
351
376
 
@@ -363,15 +388,15 @@ see [envilder.com](https://envilder.com).
363
388
  ## 🏁 What's Next
364
389
 
365
390
  Envilder already covers the full dev-to-production lifecycle with CLI, GitHub Action,
366
- and runtime SDKs for .NET and Python. Here's what's coming:
391
+ and runtime SDKs for .NET, Python, and Node.js. Here's what's coming:
367
392
 
368
393
  | Status | Feature |
369
394
  |--------|---------|
370
395
  | ✅ | Pull & Push: bidirectional sync between `.env` and cloud vault |
371
396
  | ✅ | Multi-provider: AWS SSM + Azure Key Vault |
372
397
  | ✅ | GitHub Action for CI/CD |
373
- | ✅ | .NET SDK and Python SDK |
374
- | 🚧 | TypeScript, Go, and Java SDKs |
398
+ | ✅ | .NET, Python, and Node.js SDKs |
399
+ | 🚧 | Go and Java SDKs |
375
400
  | 🚧 | GCP Secret Manager |
376
401
  | 🚧 | Exec mode (inject secrets without writing to disk) |
377
402
 
package/ROADMAP.md CHANGED
@@ -33,12 +33,12 @@ or directly inside application code at runtime.
33
33
  | **Onboarding documentation** | [Setup guide](./docs/requirements-installation.md) |
34
34
  | **.NET SDK** (`Envilder`) | First runtime SDK — load secrets into `IConfiguration` or `EnvilderClient`. AWS SSM + Azure Key Vault. [Documentation](./src/sdks/dotnet/README.md) |
35
35
  | **Python SDK** (`envilder`) | Runtime library for Python — Django, FastAPI, data pipelines. Sync API with `EnvilderClient`, `MapFileParser`, `SecretProviderFactory`. AWS SSM + Azure Key Vault. Published to PyPI. [Documentation](./src/sdks/python/README.md) |
36
+ | **Node.js SDK** (`@envilder/sdk`) | Runtime library for Node.js — load secrets directly into `process.env` from a map-file. AWS SSM + Azure Key Vault. Published to npm. [Documentation](./src/sdks/nodejs/README.md) |
36
37
 
37
38
  ### 🔥 Up Next
38
39
 
39
40
  | Feature | Priority | Notes |
40
41
  |---------|----------|-------|
41
- | **TypeScript SDK** (`@envilder/sdk`) | 🔴 High | Native runtime library — load secrets directly into `process.env` from a map-file. No `.env` file needed. Published to npm |
42
42
  | **Go SDK** (`envilder`) | 🔴 High | Runtime library for Go — cloud-native apps, Kubernetes tooling. Published as Go module |
43
43
  | **Java SDK** (`envilder`) | 🔴 High | Runtime library for Java/Kotlin — Spring Boot, Android backends. Published to Maven Central |
44
44
  | **Map-file JSON Schema** | 🔴 High | Formal spec for the map-file format at `spec/` — serves as the contract between all SDKs and tools |
@@ -82,7 +82,7 @@ All five SDKs are developed **in parallel** — same map-file contract, same con
82
82
 
83
83
  | SDK | Package | Registry |
84
84
  |-----|---------|----------|
85
- | **TypeScript** | `@envilder/sdk` | npm |
85
+ | **Node.js** | `@envilder/sdk` | npm |
86
86
  | **Python** | `envilder` | PyPI |
87
87
  | **Go** | `envilder` | Go module |
88
88
  | **.NET** | `Envilder` | NuGet |
@@ -92,7 +92,7 @@ All five SDKs are developed **in parallel** — same map-file contract, same con
92
92
 
93
93
  - **One map-file spec** — formal JSON Schema at `spec/` is the source of truth for all SDKs
94
94
  - **Conformance tests** — language-agnostic fixtures that every SDK must pass
95
- - **Independent versioning** — each SDK has its own semver (`sdk-ts@1.2.0`, `sdk-py@0.3.0`)
95
+ - **Independent versioning** — each SDK has its own semver (`sdk-node@1.2.0`, `sdk-py@0.3.0`)
96
96
  - **Shared test infrastructure** — LocalStack (AWS) and Lowkey Vault (Azure) via Docker Compose serve all SDKs
97
97
 
98
98
  ---