cryptoenv
Advanced tools
Comparing version 0.1.7 to 0.1.8
{ | ||
"name": "cryptoenv", | ||
"version": "0.1.7", | ||
"version": "0.1.8", | ||
"description": "Manage encrypted env variables", | ||
@@ -5,0 +5,0 @@ "homepage": "https://github.com/secrez/cryptoenv#readme", |
@@ -128,2 +128,6 @@ # CryptoEnv | ||
**No logs at all?** | ||
If you like to suppress any log, you can use the option `noLogs` or the env variable `NO_LOGS`. | ||
## About security | ||
@@ -152,6 +156,6 @@ | ||
**0.1.7** | ||
**0.1.8** | ||
- Add `noLogsIfNoKeys` options in `.parse` to skip any logging test if no keys are found | ||
- Add same skip if an ENV variable `NO_LOGS_IF_NO_KEYS` is set | ||
- Add `noLogs` option and `NO_LOGS` env variable to suppress any logging | ||
- Add `noLogsIfNoKeys` option and `NO_LOGS_IF_NO_KEYS` env variable to skip any logging test if no keys are found | ||
@@ -158,0 +162,0 @@ **0.1.6** |
@@ -20,6 +20,9 @@ const path = require("path"); | ||
consoleInfo(force, ...params) { | ||
const noLogs = | ||
!!this.options.noLogsIfNoKeys || !!process.env.NO_LOGS_IF_NO_KEYS; | ||
if (force || !noLogs) { | ||
console.info(...params); | ||
if (!(this.options.noLogs || process.env.NO_LOGS)) { | ||
if ( | ||
force || | ||
!(this.options.noLogsIfNoKeys || process.env.NO_LOGS_IF_NO_KEYS) | ||
) { | ||
console.info(...params); | ||
} | ||
} | ||
@@ -171,2 +174,3 @@ } | ||
parse( | ||
options, | ||
filter, | ||
@@ -176,2 +180,8 @@ // for testing only. Do not pass a password, please. | ||
) { | ||
if (options instanceof RegExp || typeof options !== "object") { | ||
password = filter; | ||
filter = options; | ||
} else { | ||
this.options = Object.assign(this.options, options); | ||
} | ||
if (process.env.__decryptionAlreadyDone__) { | ||
@@ -178,0 +188,0 @@ return; |
@@ -123,3 +123,3 @@ const { assert, expect } = require("chai"); | ||
describe.only("toggle", async function () { | ||
describe("toggle", async function () { | ||
it("should toggle the variables", async function () { | ||
@@ -129,2 +129,6 @@ let cryptoEnv = new CryptoEnv({ envPath }); | ||
expect(Object.keys(cryptoEnv.list(true).variables).length).equal(0); | ||
// cryptoEnv.parse() | ||
// console.log(999) | ||
// cryptoEnv.parse({noLogsIfNoKeys: true}) | ||
// console.log(999) | ||
await cryptoEnv.toggle(); | ||
@@ -131,0 +135,0 @@ expect(Object.keys(cryptoEnv.list(true).variables).length).equal(1); |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
30977
475
183
27