menv-npm 0.1.1 → 0.1.3

package/README.md

@@ -21,24 +21,22 @@ Menv is a lightweight CLI designed to bring consistency, safety, and automation
 npm install menv-npm --save-dev
 ```
 
-## Quick Start
-
 Generate your initial .env.example:
 
 ```bash
-npx menv generate
+npx menv-npm generate
 ```
 
 Check if your environment is in sync:
 
 ```bash
-npx menv sync
+npx menv-npm sync
 ```
 
 Validate requirements for CI:
 
 ```bash
-npx menv check
+npx menv-npm check
 ```
 
 ## Commands

package/dist/core/envWatcher.d.ts

@@ -1,5 +1,5 @@
 import chokidar from "chokidar";
 /**
- * Watches for changes in .env and regenerates .env.example.
+ * Watches for changes in the primary environment file and regenerates .env.example.
  */
 export declare function startWatcher(): Promise<chokidar.FSWatcher>;

package/dist/core/envWatcher.js

@@ -4,20 +4,25 @@ import path from "node:path";
 import pc from "picocolors";
 import { parseEnv } from "./envParser.js";
 import { generateExample } from "./envGenerator.js";
+import { findEnvFile } from "../utils/template.js";
 /**
- * Watches for changes in .env and regenerates .env.example.
+ * Watches for changes in the primary environment file and regenerates .env.example.
  */
 export async function startWatcher() {
-    const envPath = path.resolve(process.cwd(), ".env");
+    const envPath = await findEnvFile();
+    if (!envPath) {
+        throw new Error("No environment file found to watch.");
+    }
+    const envName = path.basename(envPath);
     const examplePath = path.resolve(process.cwd(), ".env.example");
-    console.log(pc.dim(`Watching for changes in ${pc.cyan(".env")}...`));
+    console.log(pc.dim(`Watching for changes in ${pc.cyan(envName)}...`));
     const watcher = chokidar.watch(envPath, {
         persistent: true,
         ignoreInitial: true,
     });
     watcher.on("change", async () => {
         try {
-            console.log(pc.blue("⚡ .env changed, regenerating .env.example..."));
+            console.log(pc.blue(`⚡ ${envName} changed, regenerating .env.example...`));
             const content = await fs.readFile(envPath, "utf8");
             const parsed = parseEnv(content);
             const generated = generateExample(parsed);

package/dist/core/secretScanner.js

@@ -1,8 +1,35 @@
 const PATTERNS = [
-    { name: "AWS Access Key", regex: /AKIA[0-9A-Z]{16}/ },
-    { name: "Stripe Secret Key", regex: /sk_live_[0-9a-zA-Z]{24}/ },
-    { name: "GitHub Token", regex: /ghp_[0-9a-zA-Z]{36}/ },
-    { name: "Private Key", regex: /-----BEGIN [A-Z ]+ PRIVATE KEY-----/ },
+    // AWS
+    { name: "AWS Access Key ID", regex: /AKIA[0-9A-Z]{16}/ },
+    { name: "AWS Secret Access Key", regex: /(?<![A-Za-z0-9])[A-Za-z0-9\/+]{40}(?![A-Za-z0-9\/+])/ },
+    // Stripe
+    { name: "Stripe Live Secret Key", regex: /sk_live_[0-9a-zA-Z]{24,}/ },
+    { name: "Stripe Test Secret Key", regex: /sk_test_[0-9a-zA-Z]{24,}/ },
+    // GitHub
+    { name: "GitHub Personal Access Token (classic)", regex: /ghp_[0-9a-zA-Z]{36}/ },
+    { name: "GitHub Fine-grained Token", regex: /github_pat_[0-9a-zA-Z_]{82}/ },
+    { name: "GitHub OAuth Token", regex: /gho_[0-9a-zA-Z]{36}/ },
+    { name: "GitHub Actions Token", regex: /ghs_[0-9a-zA-Z]{36}/ },
+    // Slack
+    { name: "Slack Bot Token", regex: /xoxb-[0-9]{10,13}-[0-9]{10,13}-[a-zA-Z0-9]{23,25}/ },
+    { name: "Slack User Token", regex: /xoxp-[0-9]{10,13}-[0-9]{10,13}-[a-zA-Z0-9]{23,25}/ },
+    { name: "Slack Webhook URL", regex: /https:\/\/hooks\.slack\.com\/services\/T[A-Z0-9]+\/B[A-Z0-9]+\/[a-zA-Z0-9]+/ },
+    // Twilio
+    { name: "Twilio Account SID", regex: /AC[a-zA-Z0-9]{32}/ },
+    { name: "Twilio Auth Token", regex: /SK[a-zA-Z0-9]{32}/ },
+    // Paystack
+    { name: "Paystack Live Secret Key", regex: /sk_live_[a-zA-Z0-9]{40,}/ },
+    { name: "Paystack Test Secret Key", regex: /sk_test_[a-zA-Z0-9]{40,}/ },
+    // SendGrid
+    { name: "SendGrid API Key", regex: /SG\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43}/ },
+    // Mailgun
+    { name: "Mailgun API Key", regex: /key-[0-9a-zA-Z]{32}/ },
+    // Private keys
+    { name: "Private Key (PEM)", regex: /-----BEGIN [A-Z ]+ PRIVATE KEY-----/ },
+    { name: "Certificate", regex: /-----BEGIN CERTIFICATE-----/ },
+    // Generic high-entropy patterns (base64 and hex)
+    { name: "High-entropy base64 secret (40+ chars)", regex: /(?<![A-Za-z0-9+/])[A-Za-z0-9+/]{40,}={0,2}(?![A-Za-z0-9+/=])/ },
+    { name: "High-entropy hex secret (32+ chars)", regex: /(?<![0-9a-fA-F])[0-9a-fA-F]{32,}(?![0-9a-fA-F])/ },
 ];
 /**
  * Scans environment lines for potential secret leaks.
@@ -19,6 +46,7 @@ export function scanSecrets(lines) {
                     type: pattern.name,
                     line: index + 1,
                 });
+                break; // one match per line is enough
             }
         }
     });

package/dist/index.js

@@ -3,28 +3,34 @@ import { cac } from "cac";
 import pc from "picocolors";
 import fs from "node:fs/promises";
 import path from "node:path";
+import { createRequire } from "node:module";
+const require = createRequire(import.meta.url);
+const { version } = require("../package.json");
 import { parseEnv } from "./core/envParser.js";
 import { generateExample } from "./core/envGenerator.js";
 import { compareEnvKeys } from "./core/envValidator.js";
 import { startWatcher } from "./core/envWatcher.js";
 import { scanSecrets } from "./core/secretScanner.js";
 import { ensureGitignore } from "./utils/git.js";
-import { findTemplateFile } from "./utils/template.js";
+import { findTemplateFile, findEnvFile } from "./utils/template.js";
 const cli = cac("menv");
-cli.command("generate", "Generate .env.example from .env").action(async () => {
+cli
+    .command("generate", "Generate .env.example from environment file")
+    .action(async () => {
     try {
         await ensureGitignore();
-        const envPath = path.resolve(process.cwd(), ".env");
+        const envPath = await findEnvFile();
         const examplePath = path.resolve(process.cwd(), ".env.example");
-        if (!(await fs.stat(envPath).catch(() => false))) {
-            console.error(pc.red("✖ .env file not found in current directory."));
+        if (!envPath) {
+            console.error(pc.red("✖ No environment file (.env, .env.local, etc.) found in current directory."));
             process.exit(1);
         }
+        const envName = path.basename(envPath);
         const content = await fs.readFile(envPath, "utf8");
         const parsed = parseEnv(content);
         const generated = generateExample(parsed);
         await fs.writeFile(examplePath, generated);
-        console.log(pc.green("✔ .env.example generated successfully."));
+        console.log(pc.green(`✔ .env.example generated successfully from ${envName}.`));
     }
     catch (error) {
         console.error(pc.red("✖ Failed to generate .env.example:"), error);
@@ -32,23 +38,24 @@ cli.command("generate", "Generate .env.example from .env").action(async () => {
     }
 });
 cli
-    .command("sync", "Check for inconsistencies between .env and .env.example")
-    .alias("synch")
+    .command("sync", "Check for inconsistencies between environment and template")
+    .alias("sync")
     .action(async () => {
     try {
         await ensureGitignore();
-        const envPath = path.resolve(process.cwd(), ".env");
+        const envPath = await findEnvFile();
         const templatePath = await findTemplateFile();
-        if (!(await fs.stat(envPath).catch(() => false))) {
-            console.error(pc.red("✖ .env file not found."));
+        if (!envPath) {
+            console.error(pc.red("✖ No environment file found."));
             process.exit(1);
         }
         if (!templatePath) {
             console.error(pc.red("✖ No environment template (.env.example or .env.sample) found."));
             process.exit(1);
         }
+        const envName = path.basename(envPath);
         const templateName = path.basename(templatePath);
-        console.log(pc.dim(`\nComparing .env with ${templateName}...`));
+        console.log(pc.dim(`\nComparing ${envName} with ${templateName}...`));
         const envContent = await fs.readFile(envPath, "utf8");
         const templateContent = await fs.readFile(templatePath, "utf8");
         const envParsed = parseEnv(envContent);
@@ -73,21 +80,20 @@ cli
     }
 });
 cli
-    .command("check", "Validate that all required variables in .env.example exist in .env")
+    .command("check", "Validate that all required variables in template exist in environment")
     .action(async () => {
     try {
         await ensureGitignore();
-        const envPath = path.resolve(process.cwd(), ".env");
+        const envPath = await findEnvFile();
         const templatePath = await findTemplateFile();
         if (!templatePath) {
             console.error(pc.red("✖ No environment template (.env.example or .env.sample) found."));
             process.exit(1);
         }
         const templateName = path.basename(templatePath);
-        console.log(pc.dim(`\nValidating .env against ${templateName}...`));
-        const envContent = (await fs.stat(envPath).catch(() => false))
-            ? await fs.readFile(envPath, "utf8")
-            : "";
+        const envName = envPath ? path.basename(envPath) : ".env";
+        console.log(pc.dim(`\nValidating ${envName} against ${templateName}...`));
+        const envContent = envPath ? await fs.readFile(envPath, "utf8") : "";
         const templateContent = await fs.readFile(templatePath, "utf8");
         const envParsed = parseEnv(envContent);
         const exampleParsed = parseEnv(templateContent);
@@ -118,13 +124,13 @@ cli
     }
 });
 cli
-    .command("watch", "Watch for .env changes and automatically update .env.example")
+    .command("watch", "Watch for environment changes and automatically update template")
     .action(async () => {
     try {
         await ensureGitignore();
-        const envPath = path.resolve(process.cwd(), ".env");
-        if (!(await fs.stat(envPath).catch(() => false))) {
-            console.error(pc.red("✖ .env file not found."));
+        const envPath = await findEnvFile();
+        if (!envPath) {
+            console.error(pc.red("✖ No environment file found to watch."));
             process.exit(1);
         }
         await startWatcher();
@@ -175,5 +181,5 @@ cli
     }
 });
 cli.help();
-cli.version("0.1.0");
+cli.version(version);
 cli.parse();

package/dist/utils/template.d.ts

@@ -1,3 +1,9 @@
+/**
+ * Finds the primary environment file in the current directory.
+ * Priority: .env > .env.local > .env.development > .env.production
+ * Excludes templates and test files.
+ */
+export declare function findEnvFile(): Promise<string | null>;
 /**
  * Finds the environment template file in the current directory.
  * Returns the path to .env.example or .env.sample if found.

package/dist/utils/template.js

@@ -1,6 +1,26 @@
 import fs from "node:fs/promises";
 import path from "node:path";
+const ENV_VARIANTS = [
+    ".env",
+    ".env.local",
+    ".env.development",
+    ".env.production",
+];
 const TEMPLATE_VARIANTS = [".env.example", ".env.sample"];
+/**
+ * Finds the primary environment file in the current directory.
+ * Priority: .env > .env.local > .env.development > .env.production
+ * Excludes templates and test files.
+ */
+export async function findEnvFile() {
+    for (const variant of ENV_VARIANTS) {
+        const filePath = path.resolve(process.cwd(), variant);
+        if (await fs.stat(filePath).catch(() => false)) {
+            return filePath;
+        }
+    }
+    return null;
+}
 /**
  * Finds the environment template file in the current directory.
  * Returns the path to .env.example or .env.sample if found.

package/package.json

@@ -1,10 +1,11 @@
 {
   "name": "menv-npm",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "Managed environment variables for Node.js",
   "type": "module",
   "bin": {
-    "menv": "./dist/index.js"
+    "menv": "./dist/index.js",
+    "menv-npm": "./dist/index.js"
   },
   "files": [
     "dist"
@@ -22,8 +23,19 @@
     "validator",
     "security"
   ],
-  "author": "",
+  "author": "Daniel Dallas Okoye <dev@thedanieldallas.com> (https://thedanieldallas.com)",
   "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/DanielDallas/menv.git"
+  },
+  "homepage": "https://menv-npm.vercel.app",
+  "bugs": {
+    "url": "https://github.com/DanielDallas/menv/issues"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
   "dependencies": {
     "cac": "^6.7.14",
     "picocolors": "^1.0.0",