ultraenv 1.0.0

package/dist/chunk-YVWLXFUT.js

@@ -0,0 +1,107 @@
+import {
+  parseEnvFile
+} from "./chunk-HFXQGJY3.js";
+import {
+  readFile
+} from "./chunk-3VYXPTYV.js";
+
+// src/sync/comparator.ts
+function parseToVars(content) {
+  const parsed = parseEnvFile(content);
+  const vars = {};
+  const keys = [];
+  for (const envVar of parsed.vars) {
+    if (!(envVar.key in vars)) {
+      vars[envVar.key] = envVar.value;
+      keys.push(envVar.key);
+    }
+  }
+  return { vars, keys };
+}
+async function compareSync(envPath, examplePath) {
+  const envContent = await readFile(envPath);
+  const exampleContent = await readFile(examplePath);
+  const envParsed = parseToVars(envContent);
+  const exampleParsed = parseToVars(exampleContent);
+  return compareValues(envParsed.vars, exampleParsed.vars);
+}
+function compareValues(envVars, exampleVars) {
+  const envKeys = new Set(Object.keys(envVars));
+  const exampleKeys = new Set(Object.keys(exampleVars));
+  const missing = [];
+  const extra = [];
+  const different = [];
+  const same = [];
+  for (const key of exampleKeys) {
+    if (!envKeys.has(key)) {
+      missing.push(key);
+    }
+  }
+  for (const key of envKeys) {
+    if (!exampleKeys.has(key)) {
+      extra.push(key);
+    }
+  }
+  for (const key of envKeys) {
+    if (!exampleKeys.has(key)) continue;
+    const envValue = envVars[key];
+    const exampleValue = exampleVars[key];
+    if (envValue === exampleValue) {
+      same.push(key);
+    } else {
+      different.push(key);
+    }
+  }
+  missing.sort();
+  extra.sort();
+  different.sort();
+  same.sort();
+  const inSync = missing.length === 0 && extra.length === 0;
+  return {
+    inSync,
+    missing,
+    extra,
+    different,
+    same
+  };
+}
+function formatSyncDiff(diff) {
+  const lines = [];
+  if (diff.inSync) {
+    lines.push("\u2713 .env is in sync with .env.example");
+  } else {
+    lines.push("\u2717 .env is out of sync with .env.example");
+  }
+  if (diff.missing.length > 0) {
+    lines.push("");
+    lines.push(`Missing (${diff.missing.length}):`);
+    for (const key of diff.missing) {
+      lines.push(`  - ${key}`);
+    }
+  }
+  if (diff.extra.length > 0) {
+    lines.push("");
+    lines.push(`Extra (${diff.extra.length}):`);
+    for (const key of diff.extra) {
+      lines.push(`  + ${key}`);
+    }
+  }
+  if (diff.different.length > 0) {
+    lines.push("");
+    lines.push(`Different (${diff.different.length}):`);
+    for (const key of diff.different) {
+      lines.push(`  ~ ${key}`);
+    }
+  }
+  if (diff.same.length > 0 && diff.inSync) {
+    lines.push("");
+    lines.push(`${diff.same.length} variable(s) matched.`);
+  }
+  return lines.join("\n");
+}
+
+export {
+  compareSync,
+  compareValues,
+  formatSyncDiff
+};

package/dist/ci-check-sync-VBMSVWIV.js

@@ -0,0 +1,48 @@
+import {
+  compareSync
+} from "./chunk-YVWLXFUT.js";
+import "./chunk-HFXQGJY3.js";
+import {
+  writeJson
+} from "./chunk-YN2KGTCB.js";
+import {
+  exists
+} from "./chunk-3VYXPTYV.js";
+import "./chunk-5G2DU52U.js";
+
+// src/cli/commands/ci-check-sync.ts
+import { resolve, join } from "path";
+async function run(args, ctx) {
+  try {
+    const cwd = args.flags["--cwd"] ?? ctx.cwd;
+    const baseDir = resolve(cwd);
+    const envPath = args.flags["--file"] ?? join(baseDir, ".env");
+    const examplePath = args.flags["--example"] ?? join(baseDir, ".env.example");
+    const envExists = await exists(envPath);
+    const exampleExists = await exists(examplePath);
+    if (!envExists) {
+      writeJson({ inSync: false, error: ".env not found" });
+      return 1;
+    }
+    if (!exampleExists) {
+      writeJson({ inSync: false, error: ".env.example not found" });
+      return 1;
+    }
+    const diff = await compareSync(envPath, examplePath);
+    writeJson({
+      inSync: diff.inSync,
+      missing: diff.missing,
+      extra: diff.extra,
+      different: diff.different,
+      same: diff.same
+    });
+    return diff.inSync ? 0 : 1;
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : String(error);
+    writeJson({ inSync: false, error: msg });
+    return 1;
+  }
+}
+export {
+  run
+};

package/dist/ci-scan-24MT5XGS.js

@@ -0,0 +1,41 @@
+import {
+  formatScanResult,
+  scan
+} from "./chunk-MSXMESFP.js";
+import "./chunk-R7PZRSZ7.js";
+import "./chunk-TE7HPLA6.js";
+
+// src/cli/commands/ci-scan.ts
+import { resolve } from "path";
+async function run(args, ctx) {
+  const cwd = args.flags["--cwd"] ?? ctx.cwd;
+  const baseDir = resolve(cwd);
+  const outputFormat = args.flags["--format"] ?? "sarif";
+  try {
+    const result = await scan({
+      cwd: baseDir,
+      paths: args.positional.length > 0 ? args.positional : void 0,
+      scanGitHistory: args.flags["--git-history"] ?? false,
+      failFast: args.flags["--fail-fast"] ?? true,
+      outputFormat
+    });
+    const formatted = formatScanResult(
+      result,
+      outputFormat
+    );
+    process.stdout.write(formatted + "\n");
+    return result.found ? 1 : 0;
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : String(error);
+    if (outputFormat === "sarif" || outputFormat === "json") {
+      process.stdout.write(JSON.stringify({ error: msg }) + "\n");
+    } else {
+      process.stderr.write(`Error: ${msg}
+`);
+    }
+    return 1;
+  }
+}
+export {
+  run
+};

package/dist/ci-setup-C2NKEFRD.js

@@ -0,0 +1,135 @@
+import {
+  bold,
+  cyan,
+  green,
+  red,
+  yellow
+} from "./chunk-OMAOROL4.js";
+import {
+  writeError,
+  writeLine
+} from "./chunk-YN2KGTCB.js";
+import {
+  ensureDir,
+  exists,
+  writeFile
+} from "./chunk-3VYXPTYV.js";
+import "./chunk-5G2DU52U.js";
+
+// src/cli/commands/ci-setup.ts
+import { resolve, join } from "path";
+var GITHUB_ACTIONS_TEMPLATE = `name: Ultraenv CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Install ultraenv
+        run: npm install -g ultraenv
+
+      - name: Validate environment
+        run: ultraenv ci validate --strict
+
+      - name: Check .env sync
+        run: ultraenv ci check-sync
+
+      - name: Scan for secrets
+        run: ultraenv ci scan --format sarif --output results.sarif
+        continue-on-error: true
+
+      - name: Upload SARIF results
+        if: always()
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif
+        continue-on-error: true
+`;
+var GITLAB_CI_TEMPLATE = `stages:
+  - validate
+  - scan
+
+variables:
+  NODE_VERSION: "20"
+
+.validate-env:
+  stage: validate
+  image: node:\${NODE_VERSION}
+  before_script:
+    - npm install -g ultraenv
+  script:
+    - ultraenv ci validate --strict
+    - ultraenv ci check-sync
+
+.scan-secrets:
+  stage: scan
+  image: node:\${NODE_VERSION}
+  before_script:
+    - npm install -g ultraenv
+  script:
+    - ultraenv ci scan --format json > scan-results.json
+  artifacts:
+    paths:
+      - scan-results.json
+    when: always
+`;
+async function run(args, ctx) {
+  try {
+    const cwd = args.flags["--cwd"] ?? ctx.cwd;
+    const baseDir = resolve(cwd);
+    const platform = args.flags["--platform"] ?? "github";
+    writeLine(bold("\u{1F527} Generating CI configuration"));
+    writeLine("");
+    if (platform === "github") {
+      const workflowsDir = join(baseDir, ".github", "workflows");
+      await ensureDir(workflowsDir);
+      const workflowPath = join(workflowsDir, "ultraenv.yml");
+      if (await exists(workflowPath) && !args.flags["--force"]) {
+        writeLine(yellow(`  ${workflowPath} already exists. Use --force to overwrite.`));
+        return 0;
+      }
+      await writeFile(workflowPath, GITHUB_ACTIONS_TEMPLATE);
+      writeLine(green(`  \u2713 Created ${workflowPath}`));
+    } else if (platform === "gitlab") {
+      const gitlabPath = join(baseDir, ".gitlab-ci.yml");
+      if (await exists(gitlabPath) && !args.flags["--force"]) {
+        writeLine(yellow(`  ${gitlabPath} already exists. Use --force to overwrite.`));
+        return 0;
+      }
+      await writeFile(gitlabPath, GITLAB_CI_TEMPLATE);
+      writeLine(green(`  \u2713 Created ${gitlabPath}`));
+    } else {
+      writeError(red(`  Unknown platform: ${platform}`));
+      writeError(yellow("  Supported: github, gitlab"));
+      return 1;
+    }
+    writeLine("");
+    writeLine(green(bold("  \u2705 CI configuration generated!")));
+    writeLine("");
+    writeLine(cyan("  The CI pipeline will:"));
+    writeLine("    1. Validate environment variables");
+    writeLine("    2. Check .env \u2194 .env.example sync");
+    writeLine("    3. Scan for leaked secrets");
+    writeLine("");
+    return 0;
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : String(error);
+    writeError(red(`  Error: ${msg}`));
+    return 1;
+  }
+}
+export {
+  run
+};

package/dist/ci-validate-7AW24LSQ.js

@@ -0,0 +1,57 @@
+import {
+  loadWithResult
+} from "./chunk-MNVFG7H4.js";
+import "./chunk-HFXQGJY3.js";
+import {
+  writeJson
+} from "./chunk-YN2KGTCB.js";
+import "./chunk-3VYXPTYV.js";
+import "./chunk-XC65ORJ5.js";
+import "./chunk-5G2DU52U.js";
+
+// src/cli/commands/ci-validate.ts
+async function run(args, ctx) {
+  try {
+    const strict = args.flags["--strict"];
+    const envDir = args.flags["--env-dir"] ?? ctx.config.envDir;
+    const result = loadWithResult({
+      envDir,
+      expandVariables: ctx.config.expandVariables,
+      overrideProcessEnv: false,
+      mergeStrategy: ctx.config.mergeStrategy
+    });
+    const warnings = [];
+    const errors = [];
+    if (result.metadata.totalVars === 0) {
+      errors.push("No environment variables loaded");
+    }
+    for (const [key, value] of Object.entries(result.env)) {
+      if (value === "" && strict) {
+        errors.push(`Empty value: ${key}`);
+      } else if (value === "") {
+        warnings.push(`Empty value: ${key}`);
+      }
+    }
+    const valid = errors.length === 0;
+    const output = {
+      valid,
+      errors,
+      warnings,
+      metadata: {
+        totalVars: result.metadata.totalVars,
+        filesParsed: result.metadata.filesParsed,
+        loadTimeMs: result.metadata.loadTimeMs
+      },
+      variables: Object.keys(result.env).length
+    };
+    writeJson(output);
+    return valid ? 0 : 1;
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : String(error);
+    writeJson({ valid: false, errors: [msg], warnings: [] });
+    return 1;
+  }
+}
+export {
+  run
+};