		'use strict'

		const { resolve } = require('path')
		const loadSecrets = require('./lib/load-secrets.js')
		const loadRequired = require('./lib/load-required.js')

		/**
		* Get the value of a environment variable or secret
		* @param {Object} env Map of environment variables
		* @param {Object} secrets Map of secrets
		* @param {String} key The environment key name
		* @return {String} The environment value
		*/
		function getValue(env, secrets, key) {
		// get environment value
		const value = `${env[key]}`
		// if the value doesn't start with @ (it's not a secret) return it
		if (value.indexOf('@') !== 0) return value
		// check if the value is in the secret map
		const secret = secrets[value]
		// if is defined return the secret
		if (secret !== undefined) return secret
		// try get the secret value without @ from the map or return the value
		return secrets[value.slice(1)] \|\| value
		}
		const loadNowJSON = require('./lib/load-now-json.js')
		const loadPkgJSON = require('./lib/load-pkg-json.js')

		/**
		* Apply the environment variables to `process.env`
		* @param {Object} env Map of environment variables
		* @param {Object} secrets Map of secrets
		*/
		function applyEnv(env, secrets) {
		for (const key in env) {
		// if the key already exists don't overwrite it
		if (!process.env[key]) {
		const value = getValue(env, secrets, key)
		process.env[key] = value
		}
		}
		}

		/**
		* Load the environment secrets from `./now-secrets.json`
		* @return {Object} Map of secrets
		*/
		function loadSecrets() {
		const SECRET_PATH = resolve('./now-secrets.json')

		try {
		return require(SECRET_PATH)
		} catch (error) {
		if (error.code === 'MODULE_NOT_FOUND') {
		return {}
		}
		throw error
		}
		}

		/**
		* Apply the environment variables from `./now.json`
		* @param {Object} secrets Map of secrets
		* @return {Boolean} If the environment variables were applied
		*/
		function loadNowJSON(secrets) {
		const NOW_PATH = resolve('./now.json')

		try {
		const nowFile = require(NOW_PATH)

		if (nowFile.env) {
		applyEnv(nowFile.env, secrets)
		}

		return true
		} catch (error) {
		if (error.code === 'MODULE_NOT_FOUND') {
		return false
		}
		throw error
		}
		}

		/**
		* Apply the environment variables from `./package.json`
		* @param {Object} secrets Map of secrets
		* @return {Boolean} If the environment variables were applied
		*/
		function loadPkgJSON(secrets) {
		const PKG_PATH = resolve('./package.json')

		try {
		const pkgFile = require(PKG_PATH)

		if (pkgFile.now && pkgFile.now.env) {
		applyEnv(pkgFile.now.env, secrets)
		}

		return true
		} catch (error) {
		if (error.code === 'MODULE_NOT_FOUND') {
		return false
		}
		throw error
		}
		}

		/**
		* Check if is running inside Now.sh and apply variables and secrets to `process.env`
		@@ -112,7 +16,7 @@ */

		// load secrets
		const secrets = loadSecrets()
		const required = loadRequired()

		// load environment variables from now.json
		const hasLoaded = loadNowJSON(secrets)
		const hasLoaded = loadNowJSON(secrets, required)

		@@ -122,3 +26,3 @@ // if now.json doesn't exists
		// load from package.json
		loadPkgJSON(secrets)
		loadPkgJSON(secrets, required)
		}
		@@ -125,0 +29,0 @@ }

package.json

		{
		"name": "now-env",
		"version": "1.3.1",
		"version": "1.4.0",
		"description": "Use now.sh environment variables in development",
		@@ -28,4 +28,10 @@ "keywords": [
		"files": [
		"lib/apply-env.js",
		"lib/get-value.js",
		"lib/load-now-json.js",
		"lib/load-pkg-json.js",
		"lib/load-required.js",
		"lib/load-secrets.js",
		"index.js"
		]
		}

README.md

		@@ -9,3 +9,3 @@ # now-env
		yarn add now-env
		npm i now-env
		# or npm i now-env
		```
		@@ -26,6 +26,54 @@

		Just create a `now-secrets.json` file with you development secrets, that file must be ignored with Git, then just use `now-env` as usual and it will auto-detect the file and use it to replace your secrets values.
		Create a `now.json` with some secret defined as `@secret-name`, similar to:

		If the file doesn't exists or if your secret key is not defined then it's going to use the secret name as value, that means if `DB_PASS` is `@db_pass` and you don't define it inside `now-secrets.json` then the value will be `@db_pass`.
		```json
		{
		"env": {
		"SECRET": "@my-secret-key",
		"ANOTHER_SECRET": "@my-other-secret-key",
		"SECRET_FAIL": "@this-is-not-defined"
		}
		}
		```

		Then create a `now-secrets.json` with the secrets names and values.

		```json
		{
		"@my-secret-key": "keep-it-secret",
		"my-other-secret-key": "keep-it-secret-too"
		}
		```

		> This file must be ignored to actually keep them secret.

		Then when starting your application `now-env` will read the `now.json` and get the values from `now-secrets.json`. If a environment key can't be found in `now-secrets.json` (or the file doesn't exists) then is going to use the secret name as value, that means if `DB_PASS` is `@db_pass` and you don't define it inside `now-secrets.json` then the value will be `@db_pass`.

		## Using required files
		▲ZEIT Now supports using the `env` key as an array of required values you'll need to provide when deploying. This module also allow you to use them in development.

		Create a `now.json` with the array, similar to:

		```json
		{
		"env": [
		"REQUIRED_KEY",
		"REQUIRED_SECRET"
		]
		}
		```

		Then create a `now-required.json` with the environment keys and values.

		```json
		{
		"REQUIRED_KEY": "required-value",
		"REQUIRED_SECRET": "@required-secret"
		}
		```

		> You can also use secrets, for that you will need to create a `now-secrets.json` too.

		Then when starting your application `now-env` will read the `now.json` and get the values from `now-required.json` (and `now-secrets.json`). If a environment key can't be found in `now-required.json` then is going to throw a reference error.

		## Migrate from `dotenv`
		@@ -32,0 +80,0 @@ If you're already using the `dotenv` module you can switch to `now-env` easily.

now-env - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics