Socket
Socket
Sign inDemoInstall

@orion-js/env

Package Overview
Dependencies
Maintainers
3
Versions
23
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@orion-js/env - npm Package Compare versions

Comparing version 3.7.4 to 3.8.0

3

lib/cli/add/index.js

@@ -12,2 +12,4 @@ "use strict";

const sortObjectByKeys = (object) => {
if (!object)
return {};
const sorted = {};

@@ -33,2 +35,3 @@ Object.keys(object)

config.encryptedKeys = sortObjectByKeys(config.encryptedKeys);
config.readFromSecret = sortObjectByKeys(config.readFromSecret);
const text = yaml_1.default.stringify(config);

@@ -35,0 +38,0 @@ (0, files_1.writeFile)(path, text);

3

lib/cli/init/index.js

@@ -18,3 +18,4 @@ "use strict";

cleanKeys: {},
encryptedKeys: {}
encryptedKeys: {},
readFromSecret: {}
};

@@ -21,0 +22,0 @@ const text = yaml_1.default.stringify(envFile);

6

lib/environment/getDts.js

@@ -7,3 +7,7 @@ "use strict";

function getDts(config) {
const keys = [...Object.keys(config.cleanKeys), ...Object.keys(config.encryptedKeys)];
const keys = [
...Object.keys(config.cleanKeys),
...Object.keys(config.encryptedKeys),
...Object.values(config.readFromSecret).flat()
];
return `declare module '@orion-js/env' {

@@ -10,0 +14,0 @@ export const env: {

5

lib/environment/getVariables.d.ts

@@ -10,2 +10,5 @@ export interface Config {

};
readFromSecret?: {
[key: string]: string[];
};
}

@@ -15,2 +18,2 @@ export interface Variables {

}
export declare function getVariables(config: Config, secretKey: string): Variables;
export declare function getVariables(config: Config, secretKey?: string): Variables;

41

lib/environment/getVariables.js

@@ -5,5 +5,40 @@ "use strict";

const crypto_1 = require("../crypto");
function readSecrets(readFromSecret) {
const variables = {};
let secretKey = null;
if (!readFromSecret)
return { variables, secretKey };
for (const secretName in readFromSecret) {
const keys = readFromSecret[secretName];
if (!process.env[secretName]) {
console.warn(`@orion/env could not find the secret "${secretName}" in the environment. Related variables will be undefined.`);
continue;
}
try {
const values = JSON.parse(process.env[secretName]);
if (values.ORION_ENV_SECRET_KEY) {
secretKey = values.ORION_ENV_SECRET_KEY;
}
for (const key of keys) {
if (values[key]) {
variables[key] = values[key];
}
else {
console.warn(`@orion/env could not find the variable "${key}" in the secret "${secretName}". Related variables will be undefined.`);
}
}
}
catch (error) {
console.warn(`'@orion/env found a the secret "${secretName}" variable in the environment but it is not a valid JSON. Related variables will be undefined.'`);
}
}
return { variables, secretKey: secretKey };
}
function getVariables(config, secretKey) {
const { cleanKeys, encryptedKeys } = config;
const variables = {};
const { cleanKeys, encryptedKeys, readFromSecret } = config;
const { variables, secretKey: foundSecretKey } = readSecrets(readFromSecret);
let decryptKey = foundSecretKey || secretKey;
if (!decryptKey) {
throw new Error('Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not defined');
}
for (const key in cleanKeys) {

@@ -16,3 +51,3 @@ const value = cleanKeys[key];

try {
variables[key] = (0, crypto_1.decrypt)(secretKey, encrypted);
variables[key] = (0, crypto_1.decrypt)(decryptKey, encrypted);
}

@@ -19,0 +54,0 @@ catch (error) {

3

lib/environment/index.js

@@ -31,5 +31,2 @@ "use strict";

else if (envFilePath) {
if (!secretKey) {
throw new Error('Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not defined');
}
variables = (0, exports.readEnv)();

@@ -36,0 +33,0 @@ }

89

lib/environment/index.test.js
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const crypto_1 = require("../crypto");
const getDts_1 = require("./getDts");
const getVariables_1 = require("./getVariables");

@@ -22,4 +23,10 @@ describe('Environment', () => {

secret1: 'nQCxsZxjVkOABeQSdIhYK7jSMYKUggUm9IWUGLpY3i4=:9gvH5IOhV/q5R4ngUIk2onf5oEZM5dIU89PRZ5TGjnnfcnrwkssLqsACNDmr0m4jQZVo0nBL'
},
readFromSecret: {
SECRET_ENV: ['secret2'],
SECRET2_ENV: ['secret3', 'secret4']
}
};
process.env.SECRET_ENV = JSON.stringify({ secret2: 'this_is_secret' });
process.env.SECRET2_ENV = JSON.stringify({ secret3: '3', secret4: '4' });
process.env.ORION_ENV_SECRET_KEY = secretKey;

@@ -29,3 +36,6 @@ const env = (0, getVariables_1.getVariables)(data, secretKey);

a_key: 'a_value',
secret1: secretValue
secret1: secretValue,
secret2: 'this_is_secret',
secret3: '3',
secret4: '4'
});

@@ -51,2 +61,79 @@ });

});
it('should read the decyrpt key from the secret', () => {
const secretKey = 'QShwQT1+d5wk/F6FVpT5VmZFXm50aFRt9/LaDbwSEGo=';
const secretValue = 'this_is_secret';
const data = {
version: '1.0',
publicKey: 'quyw/56O1P/BmjlHGfguZD27zKbjOtxNBDOTz+FOYho=',
cleanKeys: {
a_key: 'a_value'
},
encryptedKeys: {
secret1: 'nQCxsZxjVkOABeQSdIhYK7jSMYKUggUm9IWUGLpY3i4=:9gvH5IOhV/q5R4ngUIk2onf5oEZM5dIU89PRZ5TGjnnfcnrwkssLqsACNDmr0m4jQZVo0nBL'
},
readFromSecret: {
SECRET_ENV: ['secret2']
}
};
process.env.SECRET_ENV = JSON.stringify({
secret2: 'this_is_secret',
ORION_ENV_SECRET_KEY: secretKey
});
const env = (0, getVariables_1.getVariables)(data, secretKey);
expect(env).toEqual({
a_key: 'a_value',
secret1: secretValue,
secret2: 'this_is_secret'
});
});
it('should log an error when the secret is not a valid JSON, and related secrets undefined', () => {
console.warn = jest.fn();
const secretKey = 'QShwQT1+d5wk/F6FVpT5VmZFXm50aFRt9/LaDbwSEGo=';
const secretValue = 'this_is_secret';
const data = {
version: '1.0',
publicKey: 'quyw/56O1P/BmjlHGfguZD27zKbjOtxNBDOTz+FOYho=',
cleanKeys: {
a_key: 'a_value'
},
encryptedKeys: {
secret1: 'nQCxsZxjVkOABeQSdIhYK7jSMYKUggUm9IWUGLpY3i4=:9gvH5IOhV/q5R4ngUIk2onf5oEZM5dIU89PRZ5TGjnnfcnrwkssLqsACNDmr0m4jQZVo0nBL'
},
readFromSecret: {
SECRET_ENV: ['secret2']
}
};
process.env.SECRET_ENV = 'not a json';
const env = (0, getVariables_1.getVariables)(data, secretKey);
expect(env).toEqual({
a_key: 'a_value',
secret1: secretValue,
secret2: undefined
});
expect(console.warn.mock.calls[0][0].includes('it is not a valid JSON')).toBe(true);
});
it('Dts should return the right types', () => {
const dts = (0, getDts_1.getDts)({
version: '1.0',
publicKey: 'public',
cleanKeys: {
a_key: 'a_value'
},
encryptedKeys: {
secret: 'encrypted'
},
readFromSecret: {
SECRET_ENV: ['secret2', 'secret3']
}
});
expect(dts).toEqual(`declare module '@orion-js/env' {
export const env: {
a_key: string
secret: string
secret2: string
secret3: string
}
}
`);
});
});

4

package.json
{
"name": "@orion-js/env",
"version": "3.7.4",
"version": "3.8.0",
"main": "lib/index.js",

@@ -35,3 +35,3 @@ "author": "nicolaslopezj",

},
"gitHead": "c77b95ffc592ddce0ba6b95ae5e34f3e273c4cd5"
"gitHead": "05bb0f7c0679b17993a2375332804d745dd49ba2"
}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc