dotenv - npm Package Compare versions

Comparing version 4.0.0 to 5.0.0

CHANGELOG.md

@@ -7,2 +7,21 @@ # Change Log
 
+## [5.0.0] - 2018-01-29
+
+### Added
+
+- Testing against Node v8 and v9
+- Documentation on trim behavior of values
+- Documentation on how to use with `import`
+
+### Changed 
+
+- *Breaking*: default `path` is now `path.resolve(process.cwd(), '.env')`
+- *Breaking*: does not write over keys already in `process.env` if the key has a falsy value
+- using `const` and `let` instead of `var`
+
+### Removed
+
+- Testing aginst Node v7
+
+
 ## [4.0.0] - 2016-12-23
@@ -71,3 +90,4 @@ ### Changed
 
-[Unreleased]: https://github.com/motdotla/dotenv/compare/v4.0.0...HEAD
+[Unreleased]: https://github.com/motdotla/dotenv/compare/v5.0.0...HEAD
+[5.0.0]: https://github.com/motdotla/dotenv/compare/v4.0.0...v5.0.0
 [4.0.0]: https://github.com/motdotla/dotenv/compare/v3.0.0...v4.0.0
@@ -74,0 +94,0 @@ [3.0.0]: https://github.com/motdotla/dotenv/compare/v2.0.0...v3.0.0

lib/main.js

 'use strict'
 
-var fs = require('fs')
+const fs = require('fs')
+const path = require('path')
 
 /*
  * Parses a string or buffer into an object
- * @param {String|Buffer} src - source to be parsed
- * @returns {Object}
+ * @param {(string|Buffer)} src - source to be parsed
+ * @returns {Object} keys and values from src
 */
 function parse (src) {
-  var obj = {}
+  const obj = {}
 
@@ -16,12 +17,12 @@ // convert Buffers before splitting into lines and processing
     // matching "KEY' and 'VAL' in 'KEY=VAL'
-    var keyValueArr = line.match(/^\s*([\w\.\-]+)\s*=\s*(.*)?\s*$/)
+    const keyValueArr = line.match(/^\s*([\w\.\-]+)\s*=\s*(.*)?\s*$/)
     // matched?
     if (keyValueArr != null) {
-      var key = keyValueArr[1]
+      const key = keyValueArr[1]
 
       // default undefined or missing values to empty string
-      var value = keyValueArr[2] ? keyValueArr[2] : ''
+      let value = keyValueArr[2] || ''
 
       // expand newlines in quoted values
-      var len = value ? value.length : 0
+      const len = value ? value.length : 0
       if (len > 0 && value.charAt(0) === '"' && value.charAt(len - 1) === '"') {
@@ -43,12 +44,14 @@ value = value.replace(/\\n/gm, '\n')
  * Main entry point into dotenv. Allows configuration before loading .env
- * @param {Object} options - valid options: path ('.env'), encoding ('utf8')
- * @returns {Boolean}
+ * @param {Object} options - options for parsing .env file
+ * @param {string} [options.path=.env] - path to .env file
+ * @param {string} [options.encoding=utf8] - encoding of .env file
+ * @returns {Object} parsed object or error
 */
 function config (options) {
-  var path = '.env'
-  var encoding = 'utf8'
+  let dotenvPath = path.resolve(process.cwd(), '.env')
+  let encoding = 'utf8'
 
   if (options) {
     if (options.path) {
-      path = options.path
+      dotenvPath = options.path
     }
@@ -62,9 +65,11 @@ if (options.encoding) {
     // specifying an encoding returns a string instead of a buffer
-    var parsedObj = parse(fs.readFileSync(path, { encoding: encoding }))
+    const parsed = parse(fs.readFileSync(dotenvPath, { encoding }))
 
-    Object.keys(parsedObj).forEach(function (key) {
-      process.env[key] = process.env[key] || parsedObj[key]
+    Object.keys(parsed).forEach(function (key) {
+      if (!process.env.hasOwnProperty(key)) {
+        process.env[key] = parsed[key]
+      }
     })
 
-    return { parsed: parsedObj }
+    return { parsed }
   } catch (e) {
@@ -71,0 +76,0 @@ return { error: e }

package.json

 {
   "name": "dotenv",
-  "version": "4.0.0",
+  "version": "5.0.0",
   "description": "Loads environment variables from .env file",
@@ -33,3 +33,2 @@ "main": "lib/main.js",
     "lab": "11.1.0",
-    "semver": "5.3.0",
     "should": "11.1.1",
@@ -36,0 +35,0 @@ "sinon": "1.17.6",

README.md

@@ -8,2 +8,3 @@ # dotenv
 [![BuildStatus](https://img.shields.io/travis/motdotla/dotenv/master.svg?style=flat-square)](https://travis-ci.org/motdotla/dotenv)
+[![Build status](https://ci.appveyor.com/api/projects/status/rnba2pyi87hgc8xw/branch/master?svg=true)](https://ci.appveyor.com/project/maxbeatty/dotenv/branch/master)
 [![NPM version](https://img.shields.io/npm/v/dotenv.svg?style=flat-square)](https://www.npmjs.com/package/dotenv)
@@ -31,3 +32,3 @@ [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat-square)](https://github.com/feross/standard)
 
-```
+```dosini
 DB_HOST=localhost
@@ -43,3 +44,3 @@ DB_USER=root
 ```javascript
-var db = require('db')
+const db = require('db')
 db.connect({
@@ -54,5 +55,4 @@ host: process.env.DB_HOST,
 
-If you are using iojs-v1.6.0 or later, you can use the `--require` (`-r`) command line option to preload dotenv. By doing this, you do not need to require and load dotenv in your application code.
+You can use the `--require` (`-r`) command line option to preload dotenv. By doing this, you do not need to require and load dotenv in your application code. This is the preferred approach when using `import` instead of `require`.
 
-
 ```bash
@@ -74,3 +74,14 @@ $ node -r dotenv/config your_script.js
 [`process.env`](https://nodejs.org/docs/latest/api/process.html#process_process_env),
-and return an Object with a _parsed_ key containing the loaded content or an _error_ key if it failed.  
+and return an Object with a `parsed` key containing the loaded content or an `error` key if it failed.  
+
+```js
+const result = dotenv.config()
+
+if (result.error) {
+  throw result.error
+}
+
+console.log(result.parsed)
+```
+
 You can additionally, pass options to `config`.
@@ -82,3 +93,3 @@
 
-Default: `.env`
+Default: `path.resolve(process.cwd(), '.env')`
 
@@ -89,3 +100,3 @@ You can specify a custom path if your file containing environment variables is
 ```js
-require('dotenv').config({path: '/custom/path/to/your/env/vars'})
+require('dotenv').config({path: '/full/custom/path/to/your/env/vars'})
 ```
@@ -111,5 +122,5 @@
 ```js
-var dotenv = require('dotenv')
-var buf = new Buffer('BASIC=basic')
-var config = dotenv.parse(buf) // will return an object
+const dotenv = require('dotenv')
+const buf = new Buffer('BASIC=basic')
+const config = dotenv.parse(buf) // will return an object
 console.log(typeof config, config) // object { BASIC : 'basic' }
@@ -134,2 +145,3 @@ ```
 - inner quotes are maintained (think JSON) (`JSON={"foo": "bar"}` becomes `{JSON:"{\"foo\": \"bar\"}"`)
+- whitespace is removed from both ends of the value (see more on [`trim`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/Trim)) (`FOO="  some value  "` becomes `{FOO: 'some value'}`)
 
@@ -187,2 +199,36 @@ ## FAQ
 
+### How do I use dotenv with `import`?
+
+ES2015 and beyond offers modules that allow you to `export` any top-level `function`, `class`, `var`, `let`, or `const`.
+
+> When you run a module containing an `import` declaration, the modules it imports are loaded first, then each module body is executed in a depth-first traversal of the dependency graph, avoiding cycles by skipping anything already executed.
+>
+> – [ES6 In Depth: Modules](https://hacks.mozilla.org/2015/08/es6-in-depth-modules/)
+
+You must run `dotenv.config()` before referencing any environment variables. Here's an example of problematic code:
+
+`errorReporter.js`:
+
+```js
+import { Client } from 'best-error-reporting-service'
+
+export const client = new Client(process.env.BEST_API_KEY)
+```
+
+`index.js`:
+
+```js
+import dotenv from 'dotenv'
+dotenv.config()
+
+import errorReporter from './errorReporter'
+errorReporter.client.report(new Error('faq example'))
+```
+
+`client` will not be configured correctly because it was constructed before `dotenv.config()` was executed. There are (at least) 3 ways to make this work.
+
+1. Preload dotenv: `node --require dotenv/config index.js` (_Note: you do not need to `import` dotenv with this approach_)
+2. Import `dotenv/config` instead of `dotenv` (_Note: you do not need to call `dotenv.config()` and must pass options via the command line with this approach_)
+3. Create a separate file that will execute `config` first as outlined in [this comment on #133](https://github.com/motdotla/dotenv/issues/133#issuecomment-255298822)
+
 ## Contributing Guide
@@ -219,1 +265,4 @@
 * [envalid](https://github.com/af/envalid)
+* [lookenv](https://github.com/RodrigoEspinosa/lookenv)
+* [run.env](https://www.npmjs.com/package/run.env)
+* [dotenv-webpack](https://github.com/mrsteele/dotenv-webpack)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

17214

increased by21.46%

Dev dependency count

7

decreased by-12.5%

Number of package files

7

increased by16.67%

Lines of code

75

increased by7.14%

Number of lines in readme file

258

increased by23.44%

No dependency changes