dotenv - npm Package Compare versions

Comparing version 16.1.0-rc2 to 16.1.0

.github/FUNDING.yml

.github/workflows/ci.yml

CHANGELOG.md

		@@ -7,12 +7,18 @@ # Changelog

		## [16.1.0](https://github.com/motdotla/dotenv/compare/v16.0.3...v16.1.0) (2023-05-30)

		### Added

		- Add `populate` convenience method [#733](https://github.com/motdotla/dotenv/pull/733)
		- Remove "cannot resolve 'fs'" error on tools like Replit [#693](https://github.com/motdotla/dotenv/pull/693)
		- Accept URL as path option [#720](https://github.com/motdotla/dotenv/pull/720)
		- Add dotenv to `npm fund` command
		- Spanish language README [#698](https://github.com/motdotla/dotenv/pull/698)
		- Add `.env.vault` support. 🎉 ([#730](https://github.com/motdotla/dotenv/pull/730))

		ℹ️ `.env.vault` extends the `.env` file format standard with a localized encrypted vault file. Package it securely with your production code deploys. It's cloud agnostic so that you can deploy your secrets anywhere – without [risky third-party integrations](https://techcrunch.com/2023/01/05/circleci-breach/).
		ℹ️ `.env.vault` extends the `.env` file format standard with a localized encrypted vault file. Package it securely with your production code deploys. It's cloud agnostic so that you can deploy your secrets anywhere – without [risky third-party integrations](https://techcrunch.com/2023/01/05/circleci-breach/). [read more](https://github.com/motdotla/dotenv#-deploying)

		### Changed

		- Fixed "cannot resolve 'fs'" error on tools like Replit [#693](https://github.com/motdotla/dotenv/pull/693)

		## [16.0.3](https://github.com/motdotla/dotenv/compare/v16.0.2...v16.0.3) (2022-09-29)
		@@ -19,0 +25,0 @@

package.json

		{
		"name": "dotenv",
		"version": "16.1.0-rc2",
		"version": "16.1.0",
		"description": "Loads environment variables from .env file",
		@@ -34,2 +34,3 @@ "main": "lib/main.js",
		},
		"funding": "https://github.com/motdotla/dotenv?sponsor=1",
		"keywords": [
		@@ -36,0 +37,0 @@ "dotenv",

README-es.md

		@@ -48,4 +48,3 @@ <div align="center">

		[![dotenv-vault](https://badge.dotenv.org/works-with.svg?r=1)](https://www.dotenv.org/r/github.com/dotenv-org/dotenv-vault?r=1)
		# dotenv
		# dotenv [![NPM version](https://img.shields.io/npm/v/dotenv.svg?style=flat-square)](https://www.npmjs.com/package/dotenv)

		@@ -56,12 +55,4 @@ <img src="https://raw.githubusercontent.com/motdotla/dotenv/master/dotenv.svg" alt="dotenv" align="right" width="200" />

		[![BuildStatus](https://img.shields.io/travis/motdotla/dotenv/master.svg?style=flat-square)](https://travis-ci.org/motdotla/dotenv)
		[![Build status](https://ci.appveyor.com/api/projects/status/github/motdotla/dotenv?svg=true)](https://ci.appveyor.com/project/motdotla/dotenv/branch/master)
		[![NPM version](https://img.shields.io/npm/v/dotenv.svg?style=flat-square)](https://www.npmjs.com/package/dotenv)
		[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat-square)](https://github.com/feross/standard)
		[![Coverage Status](https://img.shields.io/coveralls/motdotla/dotenv/master.svg?style=flat-square)](https://coveralls.io/github/motdotla/dotenv?branch=coverall-intergration)
		[![LICENSE](https://img.shields.io/github/license/motdotla/dotenv.svg)](LICENSE)
		[![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg)](https://conventionalcommits.org)
		[![Featured on Openbase](https://badges.openbase.com/js/featured/dotenv.svg?token=eE0hWPkhC2JGSD4G9hwg5C54EBxjJAyvurGfQsYoKiQ=)](https://openbase.com/js/dotenv?utm_source=embedded&utm_medium=badge&utm_campaign=featured-badge&utm_term=js/dotenv)
		[![Limited Edition Tee Original](https://img.shields.io/badge/Limited%20Edition%20Tee%20%F0%9F%91%95-Original-yellow?labelColor=black&style=plastic)](https://dotenv.gumroad.com/l/original)
		[![Limited Edition Tee Redacted](https://img.shields.io/badge/Limited%20Edition%20Tee%20%F0%9F%91%95-Redacted-gray?labelColor=black&style=plastic)](https://dotenv.gumroad.com/l/redacted)

		@@ -68,0 +59,0 @@ ## Instalación

143

README.md

		@@ -50,3 +50,2 @@ <div align="center">
		[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat-square)](https://github.com/feross/standard)
		[![Coverage Status](https://img.shields.io/coveralls/motdotla/dotenv/master.svg?style=flat-square)](https://coveralls.io/github/motdotla/dotenv?branch=coverall-intergration)
		[![LICENSE](https://img.shields.io/github/license/motdotla/dotenv.svg)](LICENSE)
		@@ -66,9 +65,2 @@ [![dotenv-vault](https://badge.dotenv.org/works-with.svg?r=1)](https://www.dotenv.org/r/github.com/dotenv-org/dotenv-vault?r=1)

		<a href="https://www.youtube.com/watch?v=YtkZR0NFd1g">
		<div align="right">
		<img src="https://img.youtube.com/vi/YtkZR0NFd1g/hqdefault.jpg" alt="how to use dotenv video tutorial" align="right" width="330" />
		<img src="https://simpleicons.vercel.app/youtube/ff0000" alt="youtube/@dotenvorg" align="right" width="24" />
		</div>
		</a>

		```bash
		@@ -83,2 +75,9 @@ # install locally (recommended)

		<a href="https://www.youtube.com/watch?v=YtkZR0NFd1g">
		<div align="right">
		<img src="https://img.youtube.com/vi/YtkZR0NFd1g/hqdefault.jpg" alt="how to use dotenv video tutorial" align="right" width="330" />
		<img src="https://simpleicons.vercel.app/youtube/ff0000" alt="youtube/@dotenvorg" align="right" width="24" />
		</div>
		</a>

		Create a `.env` file in the root of your project:
		@@ -187,81 +186,57 @@

		## 🚀 Deploying
		### Deploying

		<a href="https://www.youtube.com/watch?v=Ad7Wl8iC3Rs">
		<div align="right">
		<img src="https://img.youtube.com/vi/Ad7Wl8iC3Rs/hqdefault.jpg" alt="how to deploy with a .env.vault file video tutorial" align="right" width="330" />
		<img src="https://simpleicons.vercel.app/youtube/ff0000" alt="youtube/@dotenvorg" align="right" width="24" />
		</div>
		</a>
		You need to deploy your secrets in a cloud-agnostic manner? Use a `.env.vault` file.

		Note: Currently released as RC Candidate [dotenv@16.1.0-rc1](https://www.npmjs.com/package/dotenv/v/16.1.0-rc1)
		### Multiple Environments

		Encrypt your environment variables by doing:
		You need to manage your secrets across different environments and apply them as needed? Use a `.env.vault` file with a `DOTENV_KEY`.

		```shell
		npx dotenv-vault local build
		```
		## 🚀 Deploying

		This will create an encrypted `.env.vault` file along with a `.env.keys` file containing the encryption keys. Set the `DOTENV_KEY` environment variable by copying and pasting the key value from the `.env.keys` file onto your server or cloud provider. For example in heroku:
		Note: Requires dotenv >= 16.1.0

		```shell
		heroku config:set DOTENV_KEY=<key string from .env.keys>
		Encrypt your `.env.vault` file.

		```bash
		$ npx dotenv-vault build
		```

		Commit your .env.vault file safely to code and deploy. Your .env.vault fill be decrypted on boot, its environment variables injected, and your app work as expected.
		Fetch your production `DOTENV_KEY`.

		## 🌴 Manage Multiple Environments

		You have two options for managing multiple environments - locally managed or vault managed - both use <a href="https://github.com/dotenv-org/dotenv-vault">dotenv-vault</a>.

		Locally managed never makes a remote API call. It is completely managed on your machine. Vault managed adds conveniences like backing up your .env file, secure sharing across your team, access permissions, and version history. Choose what works best for you.

		#### 💻 Locally Managed

		Create a `.env.production` file in the root of your project and put your production values there.

		```bash
		$ npx dotenv-vault keys production
		```
		# .env.production
		S3_BUCKET="PRODUCTION_S3BUCKET"
		SECRET_KEY="PRODUCTION_SECRETKEYGOESHERE"
		```

		Rebuild your `.env.vault` file.
		Set `DOTENV_KEY` on your server.

		```bash
		# heroku example
		heroku config:set DOTENV_KEY=dotenv://:key_1234…@dotenv.org/vault/.env.vault?environment=production
		```
		$ npx dotenv-vault local build
		```

		Check your `.env.keys` file. There is a production `DOTENV_KEY` that coincides with the additional `DOTENV_VAULT_PRODUCTION` cipher in your `.env.vault` file.
		That's it! On deploy, your `.env.vault` file will be decrypted and its secrets injected as environment variables – just in time.

		Set the production `DOTENV_KEY` on your server, recommit your `.env.vault` file to code, and deploy. That's it!
		ℹ️ A note from [Mot](https://github.com/motdotla): Until recently, we did not have an opinion on how and where to store your secrets in production. We now strongly recommend generating a `.env.vault` file. It's the best way to prevent your secrets from being scattered across multiple servers and cloud providers – protecting you from breaches like the [CircleCI breach](https://techcrunch.com/2023/01/05/circleci-breach/). Also it unlocks interoperability WITHOUT native third-party integrations. Third-party integrations are [increasingly risky](https://coderpad.io/blog/development/heroku-github-breach/) to our industry. They may be the 'du jour' of today, but we imagine a better future.

		#### 🔐 Vault Managed
		<a href="https://github.com/dotenv-org/dotenv-vault#dotenv-vault-">Learn more at dotenv-vault: Deploying</a>

		Sync your .env file. Run the push command and follow the instructions. [learn more](/docs/sync/quickstart)
		## 🌴 Manage Multiple Environments

		```
		$ npx dotenv-vault push
		```
		Edit your production environment variables.

		Manage multiple environments with the included UI. [learn more](/docs/tutorials/environments)

		```bash
		$ npx dotenv-vault open production
		```
		$ npx dotenv-vault open
		```

		Build your `.env.vault` file with multiple environments.
		Regenerate your `.env.vault` file.

		```
		```bash
		$ npx dotenv-vault build
		```

		Access your `DOTENV_KEY`.
		ℹ️ 🔐 Vault Managed vs 💻 Locally Managed: The above example, for brevity's sake, used the 🔐 Vault Managed solution to manage your `.env.vault` file. You can instead use the 💻 Locally Managed solution. [Read more here](https://github.com/dotenv-org/dotenv-vault#how-do-i-use--locally-managed-dotenv-vault). Our vision is that other platforms and orchestration tools adopt the `.env.vault` standard as they did the `.env` standard. We don't expect to be the only ones providing tooling to manage and generate `.env.vault` files.

		```
		$ npx dotenv-vault keys
		```
		<a href="https://github.com/dotenv-org/dotenv-vault#-manage-multiple-environments">Learn more at dotenv-vault: Manage Multiple Environments</a>

		Set the production `DOTENV_KEY` on your server, recommit your `.env.vault` file to code, and deploy. That's it!

		## 📚 Examples
		@@ -289,6 +264,7 @@

		Dotenv exposes two functions:
		Dotenv exposes three functions:

		* `config`
		* `parse`
		* `populate`

		@@ -384,2 +360,43 @@ ### Config

		### Populate

		The engine which populates the contents of your .env file to `process.env` is available for use. It accepts a target, a source, and options. This is useful for power users who want to supply their own objects.

		For example, customizing the source:

		```js
		const dotenv = require('dotenv')
		const parsed = { HELLO: 'world' }

		dotenv.populate(process.env, parsed)

		console.log(process.env.HELLO) // world
		```

		For example, customizing the source AND target:

		```js
		const dotenv = require('dotenv')
		const parsed = { HELLO: 'universe' }
		const target = { HELLO: 'world' } // empty object

		dotenv.populate(target, parsed, { override: true, debug: true })

		console.log(target) // { HELLO: 'universe' }
		```

		#### Options

		##### Debug

		Default: `false`

		Turn on logging to help debug why certain keys or values are not being populated as you expect.

		##### Override

		Default: `false`

		Override any environment variables that have already been set.

		## ❓ FAQ
		@@ -525,2 +542,6 @@

		### What is a `.env.vault` file?

		A `.env.vault` file is an encrypted version of your development (and ci, staging, production, etc) environment variables. It is paired with a `DOTENV_KEY` to deploy your secrets more securely than scattering them across multiple platforms and tools. Use [dotenv-vault](https://github.com/dotenv-org/dotenv-vault) to manage and generate them.

		## Contributing Guide
		@@ -527,0 +548,0 @@

dotenv - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics