New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@dotenvx/dotenvx

Package Overview
Dependencies
Maintainers
2
Versions
188
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@dotenvx/dotenvx - npm Package Compare versions

Comparing version 0.6.1 to 0.6.2

2

package.json
{
"version": "0.6.1",
"version": "0.6.2",
"name": "@dotenvx/dotenvx",

@@ -4,0 +4,0 @@ "description": "a better dotenv–from the creator of `dotenv`",

107

README.md

@@ -5,5 +5,5 @@ ![dotenvx](https://dotenvx.com/better-banner.png)

* run anywhere (cross-platform)
* multi-environment
* encrypted envs
* [run anywhere](#run-anywhere) (cross-platform)
* [multi-environment](#multiple-environments)
* [encrypted envs](#encrypt-your-env-files)

@@ -194,16 +194,70 @@  

Pass the `--env-file` flag (shorthand `-f`) to run any environment from a `.env.environment` file.
> Create a `.env.production` file and use `--env-file` to load it. It's straightforward, yet flexible.
```sh
$ echo "HELLO=production" > .env.production
```sh
$ dotenvx run --env-file=.env.production -- node index.js
[dotenvx][INFO] injecting 12 environment variables from .env.production
Hello production
> ^^
```
Combine multiple `.env` files if you like.
More examples
```
$ dotenvx run --env-file=.env.local --env-file=.env -- node index.js
[dotenvx][INFO] injecting 13 environment variables from .env.local,.env
```
* <details><summary>multiple `.env` files</summary><br>
```sh
$ echo "HELLO=local" > .env.local
$ echo "HELLO=World" > .env
$ dotenvx run --env-file=.env.local --env-file=.env -- node index.js
Hello local
```
</details>
* <details><summary>`--overload` flag</summary><br>
```sh
$ echo "HELLO=local" > .env.local
$ echo "HELLO=World" > .env
$ dotenvx run --env-file=.env.local --env-file=.env --overload -- node index.js
Hello World
```
* <details><summary>`--verbose` flag</summary><br>
```sh
$ echo "HELLO=production" > .env.production
$ dotenvx run --env-file=.env.production --verbose -- node index.js
[dotenvx][VERBOSE] injecting env from /path/to/.env.production
[dotenvx][VERBOSE] HELLO set
[dotenvx][INFO] injecting 1 environment variable from .env.production
Hello production
```
* <details><summary>`--debug` flag</summary><br>
```sh
$ echo "HELLO=production" > .env.production
$ dotenvx run --env-file=.env.production --debug -- node index.js
[dotenvx][DEBUG] configuring options
[dotenvx][DEBUG] {"envFile":[".env.production"]}
[dotenvx][VERBOSE] injecting env from /path/to/.env.production
[dotenvx][DEBUG] reading env from /path/to/.env.production
[dotenvx][DEBUG] parsing env from /path/to/.env.production
[dotenvx][DEBUG] {"HELLO":"production"}
[dotenvx][DEBUG] writing env from /path/to/.env.production
[dotenvx][VERBOSE] HELLO set
[dotenvx][DEBUG] HELLO set to production
[dotenvx][INFO] injecting 1 environment variable from .env.production
Hello production
```
</details>
&nbsp;

@@ -213,9 +267,34 @@

> Encrypt your secrets to a `.env.vault` file.
```
$ echo "HELLO=World" > .env
$ echo "HELLO=production" > .env.production
$ dotenvx encrypt
[dotenvx][INFO] encrypted .env,.env.production to .env.vault
[dotenvx][INFO]
[dotenvx][INFO] try it out:
[dotenvx][INFO]
[dotenvx][INFO] DOTENV_KEY='<DOTENV_KEY_ENVIRONMENT>' dotenvx run -- node index.js
[dotenvx][INFO]
[dotenvx][INFO] next:
[dotenvx][INFO]
[dotenvx][INFO] 1. commit .env.vault safely to code
[dotenvx][INFO] 2. set DOTENV_KEY on server (or ci)
[dotenvx][INFO] 3. push your code
[dotenvx][INFO]
[dotenvx][INFO] tips:
[dotenvx][INFO]
[dotenvx][INFO] * .env.keys file holds your decryption DOTENV_KEYs
[dotenvx][INFO] * DO NOT commit .env.keys to code
[dotenvx][INFO] * share .env.keys file over secure channels only
$ DOTENV_KEY='dotenv://:key_abc123@dotenvx.com/vault/.env.vault?environment=development' dotenvx run -- node index.js
[dotenvx][INFO] injecting 1 environment variable from encrypted .env.vault
Hello World
> :-]
```
> This will encrypt your `.env` file to a `.env.vault` file. Commit your `.env.vault` file safely to code.
> This will also generate a `.env.keys` file. Do NOT commit this file to code. Keep your `.env.keys` secret. 🤫
&nbsp;

@@ -222,0 +301,0 @@

16

src/cli/dotenvx.js

@@ -273,4 +273,20 @@ #!/usr/bin/env node

logger.info(`encrypted ${optionEnvFile} to .env.vault`)
logger.info('')
logger.info('try it out:')
logger.info('')
logger.info(' DOTENV_KEY=\'<DOTENV_KEY_ENVIRONMENT>\' dotenvx run -- node index.js')
logger.info('')
logger.info('next:')
logger.info('')
logger.info(' 1. commit .env.vault safely to code')
logger.info(' 2. set DOTENV_KEY on server (or ci)')
logger.info(' 3. push your code')
logger.info('')
logger.info('tips:')
logger.info('')
logger.info(' * .env.keys file holds your decryption DOTENV_KEYs')
logger.info(' * DO NOT commit .env.keys to code')
logger.info(' * share .env.keys file over secure channels only')
})
program.parse(process.argv)
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc