New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
serverless-dotenv-plugin
Advanced tools
serverless-dotenv-plugin - npm Package Compare versions
Comparing version 1.2.1 to 2.0.0
54
index.js
@@ -6,2 +6,3 @@ 'use strict' | ||
| const chalk = require('chalk') | ||
| const fs = require('fs') | ||
@@ -11,33 +12,54 @@ class ServerlessPlugin { | ||
| this.serverless = serverless | ||
| this.env = {} | ||
| this.serverless.service.provider.environment = | ||
| this.serverless.service.provider.environment || {} | ||
| this.loadEnv() | ||
| this.config = | ||
| this.serverless.service.custom && this.serverless.service.custom['dotenv'] | ||
| this.loadEnv(this.getEnvironment(options)) | ||
| } | ||
| loadEnv() { | ||
| getEnvironment(options) { | ||
| if (process.env.NODE_ENV) { | ||
| return process.env.NODE_ENV | ||
| } | ||
| if (options.env) { | ||
| return options.env | ||
| } | ||
| return 'development' | ||
| } | ||
| resolveEnvFileName(env) { | ||
| if (this.config && this.config.path) { | ||
| return this.config.path | ||
| } | ||
| return fs.existsSync('.env.' + env) ? '.env.' + env : '.env' | ||
| } | ||
| loadEnv(env) { | ||
| var envFileName = this.resolveEnvFileName(env) | ||
| try { | ||
| var config = | ||
| this.serverless.service.custom && | ||
| this.serverless.service.custom['dotenv'] | ||
| var envPath = (config && config.path) || '.env' | ||
| this.env = dotenvExpand(dotenv.config({ path: envPath })).parsed | ||
| let envVars = dotenvExpand(dotenv.config({ path: envFileName })).parsed | ||
| var include = false | ||
| if (config && config.include) { | ||
| include = config.include | ||
| if (this.config && this.config.include) { | ||
| include = this.config.include | ||
| } | ||
| if (this.env) { | ||
| this.serverless.cli.log('DOTENV: Loading environment variables:') | ||
| if (envVars) { | ||
| this.serverless.cli.log( | ||
| 'DOTENV: Loading environment variables from ' + envFileName + ':' | ||
| ) | ||
| if (include) { | ||
| Object.keys(this.env) | ||
| Object.keys(envVars) | ||
| .filter(key => !include.includes(key)) | ||
| .forEach(key => { | ||
| delete this.env[key] | ||
| delete envVars[key] | ||
| }) | ||
| } | ||
| Object.keys(this.env).forEach(key => { | ||
| Object.keys(envVars).forEach(key => { | ||
| this.serverless.cli.log('\t - ' + key) | ||
| this.serverless.service.provider.environment[key] = this.env[key] | ||
| this.serverless.service.provider.environment[key] = envVars[key] | ||
| }) | ||
@@ -44,0 +66,0 @@ } else { |
| { | ||
| "name": "serverless-dotenv-plugin", | ||
| "version": "1.2.1", | ||
| "version": "2.0.0", | ||
| "description": "Preload Environment Variables with Dotenv into Serverless Edit", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -33,2 +33,19 @@ # serverless-dotenv-plugin [](https://www.npmjs.com/package/serverless-dotenv-plugin) | ||
| #### Automatic Env file name resolution | ||
| By default, the plugin looks for the file: `.env`. In most use cases this is all that is needed. However, there are times where you want different env files based on environment. For instance: | ||
| ``` | ||
| .env.development | ||
| .env.production | ||
| ``` | ||
| When you deploy with `NODE_ENV` set: `NODE_ENV=production sls deploy` the plugin will look for a file named `.env.production`. If it doesn't exist it will default to `.env`. If for some reason you can't set NODE_ENV, you could always just pass it in as an option: `sls deploy --env production`. If `NODE_ENV` or `--env` is not set, it will default to `development`. | ||
| | Valid .env file names | Description | | ||
| | --------------------- | --------------------------------------------------------------------------------------------------- | | ||
| | .env | Default file name when no other files are specified or found. | | ||
| | .env.development | If NODE_ENV or --env **is not set**, will try to load `.env.development`. If not found, load `.env` | | ||
| | .env.{ENV} | If NODE_ENV or --env **is set**, will try to load `.env.{env}`. If not found, load `.env` | | ||
| ### Plugin options | ||
@@ -47,2 +64,4 @@ | ||
| Note, it is not recommended you use a custom path. Doing so overrides the automatic file resolution as described above. | ||
| ### Usage | ||
@@ -57,3 +76,3 @@ | ||
| runtime: nodejs6.10 | ||
| stage: dev | ||
| stage: ${env:STAGE} | ||
| region: ${env:AWS_REGION} | ||
@@ -60,0 +79,0 @@ ... |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by29.26%
8437
- Number of package files
- increased by11.11%
10
- Lines of code
- increased by28.07%
73
- Number of lines in readme file
- increased by28.36%
86
Worsened metrics
- Number of low supply chain risk alerts
- increased by300%
4
No dependency changes