np-dms/lcbp3.np-dms.work

Fork 0

Files

admin 2e6230e722 first commit

2025-09-21 20:29:15 +07:00

54 KiB

Executable File

Raw Blame History

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

Unreleased

1.50.1 (2025-09-18)

Removed

Remove listed command to radar (now ops) (#678)

1.50.0 (2025-09-18)

Added

Add optional dotenvx ops command (#677)
Ops is a coming rename of Radar. Radar will become a feature inside ops.
With dotenvx ops use dotenvx across your team, infrastructure, agents, and more.

 _______________________________________________________________________
|                                                                       |
|  Dotenvx Ops: Commercial Tooling for Dotenvx                          |
|                                                                       |
|  ░▒▓██████▓▒░░▒▓███████▓▒░ ░▒▓███████▓▒░                              |
| ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░                                     |
| ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░                                     |
| ░▒▓█▓▒░░▒▓█▓▒░▒▓███████▓▒░ ░▒▓██████▓▒░                               |
| ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░             ░▒▓█▓▒░                              |
| ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░             ░▒▓█▓▒░                              |
|  ░▒▓██████▓▒░░▒▓█▓▒░      ░▒▓███████▓▒░                               |
|                                                                       |
|  Use dotenvx across your team, infrastructure, agents, and more.      |
|                                                                       |
|  Learn more at https://dotenvx.com/ops                                |
|_______________________________________________________________________|

1.49.1 (2025-09-15)

Changed

🐞 patch bug with variable expansion of single quoted values (#675)

1.49.0 (2025-08-18)

Added

For precommit and prebuild, ignore .env.x file like we do with .env.vault file. (#666)

1.48.4 (2025-07-29)

Removed

Remove unnecessary use of eval in proKeypair helper (#654)

1.48.3

Changed

Include privateKeyName and privateKey on internal processedEnv object (#649)

1.48.2

Changed

Check radar status before sending (#646)

1.48.1

Changed

Send beforEnv and afterEnv to Radar if user has installed (#645)

1.48.0

Added

Include beforeEnv and afterEnv for user debugging (#644)

1.47.7

Changed

src should be in internal processEnv object (#643)

1.47.6

Changed

Make Radar call non-blocking (#642)

1.47.5

Changed

Add resilient handling of any Radar failures (#639)

1.47.4

Changed

Smarter require of non-installed libs like dotenvx-radar (#638)

1.47.3

Added

Send to radar#observe if Radar installed by user (#631)

Removed

Remove cli in package.json (#632)

1.47.2

Added

Export cli in package.json (#629)

1.47.1

Added

Add convenience log that radar active 📡 when dotenvx-radar is installed (#625)

1.47.0

Added

Add optional dotenvx radar command (#624)
Radar is an early access commercial extension for dotenvx that will auto backup your .env files.

 _______________________________________________________________________
|                                                                       |
|  Dotenvx Radar: Env Observability                                     |
|                                                                       |
|  ░▒▓███████▓▒░ ░▒▓██████▓▒░░▒▓███████▓▒░ ░▒▓██████▓▒░░▒▓███████▓▒░    |
|  ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░   |
|  ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░   |
|  ░▒▓███████▓▒░░▒▓████████▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓████████▓▒░▒▓███████▓▒░    |
|  ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░   |
|  ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░   |
|  ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░   |
|                                                                       |
|  Observe, version, and back up your environment variables at runtime. |
|                                                                       |
|  Purchase lifetime access at https://dotenvx.com/radar                |
|                                                                       |
| --------------------------------------------------------------------- |
| - thank you for using dotenvx! - @motdotla                            |
|_______________________________________________________________________|

1.46.0

Added

Add error when hoisting issue experienced around commander.js (#623)

Removed

Remove git-dotenvx and git dotenvx shorthand (#621)

1.45.2

Changed

Minor README updates

1.45.1

Changed

Include setLogName and setLogVersion in config (#613)

1.45.0

Added

Add logger.setName and logger.setVersion for customization of logger (#612)

1.44.2

Changed

Clarify license is BSD-3.

1.43.0

Removed

Remove errorv, errornocolor, blank from logger options (#584)

Changed

Replace instances of console.error with logger.error (#584)

1.42.2

Changed

Fix --force flag work with ?force=true (2776715)

1.42.1

Added

Add --force flag to install.sh (0b8d21c)

1.42.0

Added

Add ability to override the os and arch via install.sh and dotenvx.sh (3ded752)

1.41.0

Added

Add [directory] argument to precommit and prebuild (#572)

1.40.0

Added

Smarter ext precommit and ext prebuild – catch duplicate KEYs in the same .env file where one is mistakenly left unencrypted (#567)

1.39.1

Added

Add version to homebrew formula (#564)

1.39.0

Added

Add --convention flow option to dotenvx run (#551)

Changed

Fix typos (#550)

1.38.5

Added

🐞 Add config.d.ts file to fix type error when loading dotenvx/dotenvx/config with dynamic import (#547)

1.38.4

Changed

🐞 Fix blank line disappearing after encrypting empty value (#542)

1.38.3

Changed

🐞 Fix self-referencing expansion when key exists already in process.env (#536)

1.38.1

Changed

Support encrypt when mutliline contains windows CRLF (\r\n) (#534)

Note: dotenvx will convert these \r\n newlines to \n. Our recommendation is to stop using CRLF - its origin is from typewriter days. Instead, set your editor or gitattributes to use LF.

1.38.0

Changed

Command substitution failures no longer halt further processing of keys in a .env file (#533)
A more helpful error is raised if a command substitution failure occurs (#533)

1.37.0

Added

add dotenvx rotate command 🎉 (#530)

also: our whitepaper is released as a draft.

1.36.0

Changed

--strict flag respects (doesn't throw) anything in --ignore flag (#527)

1.35.0

Added

npx dotenvx precommit support as a convenience (#523)
main.get method (#524)

The addition of main.get facilitates what we term Decryption at Access, a concept explored in greater detail in our whitepaper.

1.34.0

Added

main.set method now writes to files (#517)

1.33.0

Added

support ESM import convenience import '@dotenvx/dotenvx/config' (#508)

1.32.0

Added

add encrypted check support for ext prebuild (#501)

Changed

modify ext precommit to check git modified state as well as git staged state - useful for using dotenvx ext precommit without the --install flag in automated scripts and ci. (#499)

Removed

remove internal logger methods errorvp, errorvpb, warnv, warnvp, warnvpb, successvp, successvpb, help2 (#501)

1.31.3

Changed

adjust wingetcreate to use powershell when parsing version

1.31.2

Changed

use wingetcreate for releasing to WinGet (#498)

1.31.1

Changed

🐞 fix encryption of values containing explicit \n newlines (#495)

1.31.0

Added

expose main.set function (#492)
add missing types for main.config (#491)

1.30.1

Added

support complex command substitution combining variable expansion (#490)

1.30.0

Added

add -fk (--env-keys-file) flag to customize the path to your .env.keys file with run, get, set, encrypt, decrypt, and keypair 🎉 (#486)

This is great for monorepos. Maintain one .env.keys file across all your apps.

$ dotenvx encrypt -fk .env.keys -f apps/backend/.env
$ dotenvx encrypt -fk .env.keys -f apps/frontend/.env

$ tree -a .
├── .env.keys
└── apps
    ├── backend
    │   └── .env
    └── frontend
        └── .env

$ dotenvx get -fk .env.keys -f apps/backend/.env

1.29.0

Added

add --ignore flag to suppress specified errors. example: dotenvx run --ignore=MISSING_ENV_FILE (#485)

1.28.0

Changed

.env.keys file is generated WITHOUT quotes going forward. This is to minimize friction around Docker gotchas to developers - old versions of Docker do not support --env-file containing quoted keys/values. (#480) (additional note)

1.27.0

Added

add support for \t expansion when double quoted. (e.g. TAB="hi\tfriend" becomes hi friend) (#479)

1.26.2

Changed

build binaries with bytecode option (#477)

1.26.1

Added

add typescript type definitions for main.parse method (#475)

1.26.0

Added

add privateKey option to main.parse method (#474)

1.25.2

Added

for binaries add pre-build step using esbuild (#471)

Removed

remove types for functions that were removed a while back (2aa660)

1.25.1

Changed

improve helpful error messaging around decryption failures by specifying specific key and private key name (#463)

1.25.0

Added

add run --strict flag to exit with code 1 if any errors are encountered - like a missing .env file or decryption failure (#460)
add get --strict flag to exit with code 1 if any errors are encountered - like a missing .env file or decryption failure (#461)
add strict option to config() to throw for any errors (#459)

Changed

log MISSING_ENV_FILE and DECRYPTION_FAILED errors to stderr (prior was stdout as a warning) (#459)

Removed

remove dotenvx.get() function from lib/main.js. (parse already historically exists for this purpose) (#461)

1.24.5

Changed

🐞 do not expand prior literal values (#458)

1.24.4

Changed

do not expand command substitution (#456)

1.24.3

Changed

🐞 fix command substitution for more complex commands (#455)

1.24.2

Changed

treat pre-existing expandable values as literal in process.env (#450)

1.24.1

Changed

bump cross-spawn to prevent potential ReDoS CVE-2024-21538 (#449)

1.24.0

Added

support progressive append/update (#445)

FOO=foo
FOO=${FOO}bar
# foobar

support alternate value expansion (#445)

Changed

dotenvx.parse now maps to dotenvx's internal parser. (prior it was mapping to dotenv's)

Removed

removed dotenvx.configDotenv(). use dotenvx.config() (#445)

1.23.0

Added

deeper variable expansion support and protection against self-referencing variables 🛡️ (#439)

1.22.2

Changed

more lenient handling of -- separator and better error messaging when flags are ambiguous (#438)

1.22.1

Changed

🐞 patch loading order issue with single quotes (#436)

1.22.0

Added

add --pattern argument to ext gitignore (dotenvx ext gitignore --pattern .env.keys) (#430)

Changed

clarify next steps after first time encrypting (#430)

1.21.1

Changed

for --convention nextjs ignore .env.local for TEST environment (#425)
for precommit redirect missing dotenvx command using POSIX compliant redirection (#424)
make parent dotenvx help command less noisy by removing [options]. run dotenvx COMMAND -h to list all available options like always (#429)

1.21.0

Changed

treat single quotes literally (#423)
respect user chosen quotes (#423 #377)

🎓 now if you choose to single quote, double quote, no quote, or backtick your value it will be respected - including for encrypted values. this more intuitively handles complex cases like escaped characters, literals, and json.

1.20.1

Changed

update eciesjs (#421)
remove default values for ts interface - no longer permitted by latest ts (#419)

1.20.0

Changed

respect process.env.DOTENV_PRIVATE_KEY and/or process.env.DOTENV_PUBLIC_KEY on set (#401)
respect process.env.DOTENV_PRIVATE_KEY and/or process.env.DOTENV_PUBLIC_KEY on encrypt (#411)
respect process.env.DOTENV_PRIVATE_KEY on decrypt (#412)
change logger.help to use brighter blue (#414)

Removed

remove main.decrypt,encrypt,set (#410)

1.19.3

Changed

🐞 fix decrypt re-encrypt of values containing backslashes (#406)

1.19.2

Changed

forward additional signals like SIGUSR2 (#403)

1.19.1

Changed

if SIGTERM or SIGINT sent, don't bubble wrapped process error (#402)

1.19.0

Added

support key glob filtering for encrypt and decrypt. example: dotenvx encrypt -ek "NEXT_PUBLIC_*" (#397)

1.18.1

Added

escape user inputted regex groupings like $1 or $2. (#396)

1.18.0

Added

set and encrypt preserve leading spaces (#395)

     HELLO=world

Changed

improve escape and quote handling for set, encrypt, and decrypt (#395)
🐞 fix encrypt, then decrypt, then encrypt on a json value (#377)

Note: the underlying replace engine to support these changes now wraps your values in single quotes. the prior replace engine wrapped in double quotes.

So where your .env used to look like this with double quotes:

HELLO="encrypted:1234"
API_KEY="encrypted:5678"

It will now begin looking like this with single quotes:

HELLO='encrypted:1234'
API_KEY='encrypted:5678'

It's an aesthetic side effect only. Your values will continue to be decrypted and encrypted correctly.

1.17.0

Added

add --format=eval option for get (#393)

1.16.1

Changed

suppress stderr using options.stdio (#391)

1.16.0

Changed

for dotenvx keypair call out to dotenvx pro keypair if pro installed (#390)

1.15.0

Added

add --format=shell option for keypair (#389)

1.14.2

Changed

swap process.stdout.write for console.log to patch up npx edge case (#387)

1.14.1

Changed

run precommit hook only on staged files (#380)

1.14.0

Added

add dotenvx keypair command for printing your public/private keypairs (#375)

1.13.3

Changed

exit code 1 when decrypt fails in any way (#374)

1.13.2

Added

expose getColor and bold to lib/main.js (#369)

1.13.1

Added

expose logger and setLogLevel to lib/main.js - const = { logger, setLogLevel } = require('@dotenvx/dotenvx') (#368)

1.13.0

Changed

move ls to core commands (#367)

1.12.1

Changed

return without quotations for dotenvx get --format shell (#366)

1.12.0

Added

add dotenvx get --format shell option (#363)

1.11.5

Changed

revert tinyexec for execa - to support usage in bun

1.11.4

Changed

bump tinyexec and add postrelease-bunx check (#362)

1.11.3

Changed

fallback to process.env.TERM for color depth where deno and bun do not support it (#360)

1.11.2

Added

detect encoding when reading .env* file on run/get (#359)

1.11.1

Changed

support encryption of export KEY variables and preserve #!shebangs (#357)

1.11.0

Added

add --exclude-env-file (-ef) to ext ls (#356)

Changed

ext precommit ignores tests/ directory (and similar) (#356)

1.10.4

Changed

fix pro display in help command

1.10.3

Added

ci: automate publishing to winget (#354)

1.10.2

Changed

default config to empty [] array so that DOTENV_KEY_${environment} looks up correctly (#352)

1.10.1

Changed

check subfolders on dotenvx ext precommit hook (#350)

1.10.0

Removed

remove dotenvx ext vault, replace with dotenvx-ext-vault (install there to continue using ext vault) (#351)

1.9.1

Added

warn if private key is missing or blank (#349)

1.9.0

Added

add --exclude-key (-ek) option to dotenvx encrypt and dotenvx decrypt (#344)

Changed

preserve comments and spacing on first-time generation of .env.example file (#346)

Removed

removed winston - logger simplified to use console.log going forward (#347)

1.8.0

Added

warn when decryption fails on run (#339)
decrypt expanded values as necessary (#336)

Changed

use ansi colors over rgb - for wider terminal coverage (#340)
replace chalk with picocolors and color-name - cutting down on 5 dependencies (#335)
replace execa with tinyexec - cutting down on 15 dependencies (#328)
optimize Ls._filepaths (#317)

Removed

remove picocolors and color-name - cutting down on 2 dependencies (#340)
remove ext hub from extension list (you can still install it as an extension here) (#337)

1.7.0

Removed

remove ext settings command (and conf along with it) (#323)

1.6.5

Changed

🐞 patch chomp for interpolation. strip ending newline (was stripping first found newline) (#322)

1.6.4

Changed

fix dotenvx help (command was missing)

1.6.3

Changed

adjust dotenvx pro to be dynamic if dotenvx-pro is installed user's machine

1.6.2

Added

add more detailed type definitions (#313)

1.6.1

Added

add support for .env1 (.env*) file format. (private key expands to DOTENV_PRIVATE_KEY_DEVELOPMENT1) (#312)

1.6.0

Added

add dotenvx decrypt command. works inversely to dotenvx encrypt. same flags. (#294)
add --stdout option to dotenvx decrypt. example: dotenvx decrypt -f .env.production --stdout > somefile.txt (#298)
add --stdout option to dotenvx encrypt. example: dotenvx encrypt -f .env.production --stdout > somefile.txt (#298)

Changed

smarter private key finder. if you rename your file to secrets.txt it can still decrypt from DOTENV_PRIVATE_KEY by seeking out the invert of the DOTENV_PUBLIC_KEY inside secrets.txt (#302)

Removed

remove dotenvx convert - still at dotenvx encrypt
remove dotenvx vault - still at dotenvx ext vault

1.5.0

Added

add help text for dashed values on set. example: dotenvx set KEY -- "- + * ÷" (#293)

Changed

replace @inquirer/confirm and ora (#285)

Removed

remove dotenvx ext hub, replace with dotenvx-ext-hub (install there to continue using hub) (#291)

1.4.0

Removed

remove update notice. let users decide what version they want without nagging them to update (#288)
remove dotenvx hub. still available at dotenvx ext hub (#290)

1.3.2

Changed

🐞 remove risky prepare and postinstall scripts and replace with npm run patch for development and binary building (#286)

1.3.1

Changed

🐞 make patch-package only run locally with prepare (#283)

1.3.0

Added

encrypt specified keys with --key option - dotenvx encrypt -k HELLO (#281)

1.2.0

Added

handle nested dotenvx invocations - dotenvx run -- dotenvx run -- env (#279)

Changed

replace glob with faster approach (#278)

1.1.0

Added

add TypeScript type definitions (#272)

1.0.1

Changed

🐞 fix expansion when preset on process.env and/or with --overload (#271)

1.0.0

🎉 dotenvx has made it to 1.0.0. There are BREAKING CHANGES ⚠️ .

Added

added dotenvx set KEY value --plain to set plain text values
added dotenvx ext 🔌 as a location to place extensions like gititgnore, precommit, ls, and more. better than cluttering up core features like run, get/set, and encrypt.
added dotenvx pro 🏆 command with coming soon and link to GitHub issue (if you wish to be notified of progress. will provide tooling/features for teams)

Changed

BREAKING ⚠️
- turned on encryption by default for dotenvx set (use dotenvx set KEY value --plain to set plain values)
- renamed dotenvx encrypt to dotenvx ext vault encrypt (for managing .env.vault files)
- renamed dotenvx convert to dotenvx encrypt
- moved ls to dotenvx ext ls
- moved genexample to dotenvx ext genexample
- moved gitignore to dotenvx ext gitignore
- moved prebuild to dotenvx ext prebuild
- moved precommit to dotenvx ext precommit
- moved scan to dotenvx ext scan
- moved hub to dotenvx ext hub
- moved vault to dotenvx ext vault
- moved settings to dotenvx ext settings

(for many of these moved commands, for example dotenvx genexample, still work in 1.0.0 but with a large deprecated notice - DEPRECATION NOTICE: [genexample] has moved to [dotenvx ext genexample]. Please change your muscle memory to dotenvx ext genexample, as these deprecated command paths will be removed in a later minor version. importantly dotenvx encrypt was not able to be preserved because as it is now in use for encrypted .env files rather than .env.vault files)

This is a BIG release that sets the tone for dotenvx's core offering and features while maintaining room for growth. Thank you everyone for your support and usage of dotenvx 🙏.

blog post: "From dotenv to dotenvx: Next Generation Config Management"

0.45.0

Changed

Rename dotenvx vault convert to dotenvx vault migrate (#251)
Update install.sh regex version check to be sh compatible (not just bash)

0.44.6

Added

Added checksums.txt as part of each release

0.44.5

Changed

Removed .github folder from published binaries on npm (example: npm code)
Add help message to install.sh

0.44.4

Changed

Automated deployment of install.sh along with sanity checks (#250)

0.44.3

Added

Include CHANGELOG.md in npm release
Include install.sh in package release

0.44.2

Changed

Fix license in package.json to match project's license BSD-3.

0.44.1

Changed

Respect decryption of zero length strings - dotenvx set HELLO '' --encrypt (#236)

0.44.0

Added

Added options.debug, options.verbose, options.quiet, and options.logLevel to .config() (#233)

0.43.2

Changed

Patch replace when replacing double, single, or backticked quoted at anywhere in the .env file. (#232)

0.43.1

Changed

Improved replace function regex - to handle more edge case scenarios with replacing KEY/values (#227)

0.43.0

Added

Support require('@dotenvx/dotenvx').config() for DOTENV_PRIVATE_KEY decryption (#225)

0.42.0

Added

Added .env.vault deprecated warning when using DOTENV_KEY. Provide instructions to convert to encrypted .env files. (#224)

0.41.0

Added

Added vault convert command to list convert instructions for converting .env.vault to encrypted .env files (#222)

To convert your .env.vault file to encrypted .env file(s):

  1. Run [dotenvx vault decrypt]
  2. Run [ls -a .env*]

Lastly, convert each .env(.environment) file:

  3. Run [dotenvx convert -f .env.production]

For example:

  $ dotenvx convert -f .env
  $ dotenvx convert -f .env.ci
  $ dotenvx convert -f .env.production

Afterward:

Update production with your new DOTENV_PRIVATE_KEY_PRODUCTION located in .env.keys

Learn more at [https://dotenvx.com/docs/quickstart#add-encryption]

Changed

Rename encryptme to convert (#222)

0.40.1

Added

Support encryption replacement of multiline values (#220)

0.40.0

Added

Added dotenvx encryptme command to convert an entire .env file to an encrypted .env file. (#213)

Changed

Made precommit smart enough to check if a .env* file is encrypted or not. If fully encrypted, then allow precommit check to pass (#211)

Removed

Do not warn of missing files for conventions (too noisy) (#216)

0.39.0

Added

Add --convention flag to get

Removed

Removed help messages like 'in production' and 'in ci'. Too specific and could lead to confusion.

0.38.0

Changed

⚠️ DEPRECATION NOTICE: the following commands are being moved. Please, update any code and muscle memory you have related to these:
- dotenvx encrypt => dotenvx vault encrypt
- dotenvx decrypt => dotenvx vault decrypt
- dotenvx status => dotenvx vault status
⚠️ DEPRECATION NOTICE: the beta hub commands are being completely deprecated (they will be fully removed in upcoming 1.0.0 release). We will provide .env.keys tooling at a later time (replacing hub) but in the context of the new --encrypt flag functionality below

Added

Add encryption to your .env files with a single command. Pass the --encrypt flag. 🎉

$ dotenvx set HELLO World --encrypt
set HELLO with encryption (.env)

A DOTENV_PUBLIC_KEY (encryption key) and a DOTENV_PRIVATE_KEY (decryption key) is generated using the same public-key cryptography as Bitcoin.

Further notes:

DOTENV_PUBLIC_KEY lives in the .env file. You can safely share this with whomever you wish.
DOTENV_PRIVATE_KEY lives in your .env.keys file. Share this only with those you trust to decrypt your secrets.
If using encrypted .env files like this it is safe to commit them to source code. This makes reviewing PRs that contain secrets much easier.
Tell your contributors to contribute a secret using the command dotenvx set HELLO world --encrypt.
Set your DOTENV_PRIVATE_KEY on your server to decrypt these values using dotenvx run -- yourcommand
You can repeat all this per environment by modifying your set command to dotenvx set HELLO production -f .env.production --encrypt (for example)
In time we will add better tooling for sharing the private keys living in .env.keys, but until then safely share with team members you trust.
This mechanism should be particularly useful for open source projects that want to permit secrets contributions without handing out the decryption keys. Now anyone can contribute a secret and only you can decrypt it to see what was changed.
This solution is brand new, but I intend it to be the future for .env files. It has many benefits over .env.vault files. We will be sunsetting the .env.vault mechanism but its tooling will stay around in dotenvx for at least 1 year to come - under dotenvx vault parent command.
Be patient as we update our documentation to prioritize this improved encryption format for .env files.

0.37.1

warn when running dotenvx status against any untracked (not in .env.vault) files (#196)

0.37.0

add --convention nextjs flag to dotenvx run (#193)
improve status error message when decrypt fails or no .env* files (#192)

0.36.1

handle SIGTERM (#191)

0.36.0

add dotenvx status command (#186)
add dotenvx decrypt [directory] argument option (#186)
add dotenvx decrypt --environment flag option (#186)
normalize windows \ paths (#186)

0.35.1

Changed

exit code 1 if get KEY not found/undefined (#185)

0.35.0

Added

added set command, and optionally pass --env-file flag(s) to set usage: dotenvx set HELLO World (#182)

0.34.0

Changed

make hub push more forgiving by permitting full filepath like hub push directory/.env.keys (#180)
add note on generated .env.example (#181)

0.33.1

Changed

patch injection around falsy values (#177)

0.33.0

Added

add .env.vault support for .env.something.something (useful for Next.js pattern of .env.development.local) (#174)

0.32.0

Changed

quiet exit code 1 message (#173)

0.31.1

Changed

improve error messages (#171)

0.31.0

Added

add hub logout command (#170)

0.30.2

Changed

small fixes for windows users related to hub open and hub push (#169)

0.30.1

Changed

remove windows warnings related to missing git or git origin (#166 #167)

0.30.0

Added

dotenvx get --quiet will display the value no matter what (adds a blank0 logger level) (#161)

Changed

refactor dotenvx get to use run under the hood

0.29.2

Changed

fix broken hub login and hub open (#160)

0.29.1

Changed

patch situation where DOTENV_KEY is present and --env-file flag is set. assume to still look for .env.vault file as first in line (#157)

0.29.0

Changed

respect order for --env-vault-file, --env-file and --env flags (for example: dotenvx run --env "HELLO=one" --env-file=.env will prioritize --env flag. Add --overload here to prioritize --env-file or reverse the order.). you can now mix and match multiple flags in any complex order you wish and dotenvx will respect it. (#155)

0.28.0

Added

add dotenvx settings command to list your current settings. in the future we'll provide ways to modify these settings as dotenvx's functionality grows (#153)

0.27.2

Added

add windows postrelease step to check that dotenvx.exe is functional immediately after release (#141)

Changed

replace package-json with undici (#146)
prune redundant packages (#148)
return current version if remote version fails (#149)
switch to our own update notice mechanism (eliminating multiple deps) (#151)

0.27.1

Added

provide .zip download option for windows executable (#140)

Removed

remove got from top level deps (#139)

0.27.0

Changed

move update-notifier into lib/helpers for more control over got lib (#138)
move clipboardy into lib/helpers for more control and to support commonjs going forward (sindre has dropped support and many mature systems still require commonjs for their infra and have need of dotenvx). (#137)

0.26.0

Added

add hub pull command to pull a repo's .env.keys down. (#129)

0.25.1

Changed

🐞 patch bug with evaluate commands. do not attempt to evaluate risky preset envs in process.env. evaluate only what's set in a .env* file (#125)

0.25.0

Added

expand hub push with [directory] option. use for monorepos. for example: dotenvx hub push apps/backend (#121)

0.24.0

Added

add command substitution. for example DATABASE_URL="postgres://$(whoami)@localhost/my_database" (#113)

0.23.0

Added

support personal environment variables. anything after the comment # personal.dotenvx.com will be considered personal and will not be encrypted to .env.vault (#110)

0.22.0

Added

require('@dotenvx/dotenvx').config() expands/interpolates variables. this matches the behavior of run. (note that this behavior differs from the original require('dotenv').config() (#107)

0.21.0

Added

expose genexample function on lib/main.js for export convenience (#102)

Changed

rely on which npm module to find system command path for user inputted command(s) (#105)

Removed

remove main.inject function (#102)

0.20.2

Added

added support for --env flag on the .env.vault decryption portion of run (#101)

0.20.1

Changed

use system command path (#98)

0.20.0

Changed

added --env flag. for example, dotenvx --env="HELLO=World" -- yourcommand (#94)

0.19.1

Changed

patched up the precommit command (#91)

0.19.0

Added

added scan command to scan for possible leaked secrets in your code (#90)

0.18.0

Added

added get command, optionally pass --env-file flag(s) to get, optionally pass --overload, and optionally pass --pretty-print. usage: dotenvx get HELLO => World (#89)

0.17.1

Changed

expose main.encrypt and main.ls functions

0.17.0

Added

added [directory] argument to encrypt. for example, in your nx repo from root dotenvx encrypt apps/backend will encrypt .env* files in that directory and manage the .env.keys and .env.vault in that directory as well (#82)

0.16.1

Changed

bumped dotenv version to fix encrypt bug

0.16.0

Added

added ls command to list all your .env* files (#80)
added --env-file option ls (#82)
optionally specify --env-vault-file path to .env.vault (defaults to .env.vault) (#73)

0.15.4

Changed

🐞 patch --overload flag logic (#66)

0.15.3

Changed

🐞 fix undici readablestream error (#65)

0.15.2

Changed

switch from axios to undici (#59)
bump dotenv-expand (#63)

0.15.1

Changed

use improved dotenv expansion (#62)

0.15.0

Added

add expansion (#60)
use dotenvx.com (#56)

0.14.1

Changed

patch esm issue. use update-notifier ^5.1.0

0.14.0

Added

Added genexample command. Generate .env.example from your .env file. (#49)
couple security patches (#50, #51)

0.13.0

Added

Added decrypt command. Decrypt .env.vault to prospective .env* files. .env.keys must be present. (#48)

0.12.0

Added

Append to .gitignore with gitignore command (also .dockerignore, .npmignore, and .vercelignore if existing) (#47)

0.11.0

Removed

no longer append to *ignore files automatically. too invasive. will provide as separate cli command (#45)

0.10.6

Changed

Improve error message when decryption fails (#40)

0.10.5

Changed

Rename predockerbuild command to prebuild (#36)

0.10.4

Added

Add predockerbuild command to prevent including .env file in your docker builds (#35)

0.10.3

Changed

If dotenvx is missing tell user how to install it from pre-commit (#34)
Add help notice for ci (when .env file not present) (#33)

0.10.2

Changed

Improve error message when custom --env-file passed (#32)

0.10.1

Changed

Adjust precommit verbosity and coloring
Add --install flag to precommit - installs to .git/hooks/pre-commit (#31)

0.10.0

Added

Added dotenvx precommit command and instructions for git pre-commit hook (#30)

0.9.0

Changed

Remove .flaskenv from appends (#27)
Improved error message when .env file is missing (#28)

54 KiB Executable File Raw Blame History Unescape Escape

Changelog

1.50.1 (2025-09-18)

Removed

1.50.0 (2025-09-18)

Added

1.49.1 (2025-09-15)

Changed

1.49.0 (2025-08-18)

Added

1.48.4 (2025-07-29)

Removed

1.48.3

Changed

1.48.2

Changed

1.48.1

Changed

1.48.0

Added

1.47.7

Changed

1.47.6

Changed

1.47.5

Changed

1.47.4

Changed

1.47.3

Added

Removed

1.47.2

Added

1.47.1

Added

1.47.0

Added

1.46.0

Added

Removed

1.45.2

Changed

1.45.1

Changed

1.45.0

Added

1.44.2

Changed

Changed

Added

Removed

Changed

Changed

Added

Added

Added

Changed

Added

Added

Added

Changed

Added

Changed

Changed

Added

Changed

Changed

Added

Changed

Added

Added

Added

Changed

Added

Changed

Removed

Changed

Changed

Changed

Added

54 KiB

Executable File

Raw Blame History