From 2d8a150cfe31c7974639536ee6684b9e29091b55 Mon Sep 17 00:00:00 2001 From: "Mountain/\\Ash" Date: Wed, 6 Mar 2024 19:23:24 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=93=A6=20Remove=20dotenv?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/debug-action.yml | 2 +- CHANGELOG.md | 1 + README.md | 3 +- dist/index.js | 330 ----------------------------- package-lock.json | 12 -- package.json | 1 - src/config.js | 1 - 7 files changed, 4 insertions(+), 346 deletions(-) diff --git a/.github/workflows/debug-action.yml b/.github/workflows/debug-action.yml index fc0d2c39..6c40ebeb 100644 --- a/.github/workflows/debug-action.yml +++ b/.github/workflows/debug-action.yml @@ -51,7 +51,7 @@ jobs: - name: Deploy to Vercel 🚀 id: verceldeploy # Fork of https://github.com/BetaHuhn/deploy-to-vercel-action - uses: mountainash/fork-deploy-to-vercel-action@924ce29dfa0ee1980ef938dfee6c853fe7e5732d + uses: mountainash/fork-deploy-to-vercel-action@develop with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }} diff --git a/CHANGELOG.md b/CHANGELOG.md index 46dcd41e..22096209 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ - Updated from `@actions/github` v^4.0.0 to v6.0.0 - Removed [`got`](https://www.npmjs.com/package/got/v/13.0.0) _"no longer maintained"_ - Removed [`action-input-parser`](https://www.npmjs.com/package/action-input-parser) +- Removed dotenv ## [v1.9.12] - 2023-01-30 diff --git a/README.md b/README.md index a1f4a292..808a1255 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,6 @@ - [x] Added [defaults](https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions?learn=create_actions&learnProduct=actions#inputsinput_iddefault) - [x] Added GitHub Actions workflow to test the action - [x] See [CHANGELOG](./CHANGELOG.md) for many 📦 dependencies updates (inc. Node 20) -- [ ] Remove 📦 dotenv dependency - [ ] Fix need for `GITHUB_REPOSITORY` var passsing
@@ -140,10 +139,12 @@ ALIAS_DOMAINS: | #### Pro Teams If your team is set up to `Pro`, remember to set the `VERCEL_SCOPE` to the slug of your team. + ```yml with: VERCEL_SCOPE: 'your-team-slug' ``` + Otherwise, the action will fail trying to deploy custom domains with default account credentials. It will result in request for authorisation and action fail. Even if you extend the scope of `VERCEL_TOKEN` to `All non-SAML Team`, without properly set up `VERCEL_SCOPE` the cli will use default account and fail. diff --git a/dist/index.js b/dist/index.js index 604ea4c9..dc2d9835 100644 --- a/dist/index.js +++ b/dist/index.js @@ -5921,327 +5921,6 @@ class Deprecation extends Error { exports.Deprecation = Deprecation; -/***/ }), - -/***/ 2437: -/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - -const fs = __nccwpck_require__(7147) -const path = __nccwpck_require__(1017) -const os = __nccwpck_require__(2037) -const crypto = __nccwpck_require__(6113) -const packageJson = __nccwpck_require__(9968) - -const version = packageJson.version - -const LINE = /(?:^|^)\s*(?:export\s+)?([\w.-]+)(?:\s*=\s*?|:\s+?)(\s*'(?:\\'|[^'])*'|\s*"(?:\\"|[^"])*"|\s*`(?:\\`|[^`])*`|[^#\r\n]+)?\s*(?:#.*)?(?:$|$)/mg - -// Parse src into an Object -function parse (src) { - const obj = {} - - // Convert buffer to string - let lines = src.toString() - - // Convert line breaks to same format - lines = lines.replace(/\r\n?/mg, '\n') - - let match - while ((match = LINE.exec(lines)) != null) { - const key = match[1] - - // Default undefined or null to empty string - let value = (match[2] || '') - - // Remove whitespace - value = value.trim() - - // Check if double quoted - const maybeQuote = value[0] - - // Remove surrounding quotes - value = value.replace(/^(['"`])([\s\S]*)\1$/mg, '$2') - - // Expand newlines if double quoted - if (maybeQuote === '"') { - value = value.replace(/\\n/g, '\n') - value = value.replace(/\\r/g, '\r') - } - - // Add to object - obj[key] = value - } - - return obj -} - -function _parseVault (options) { - const vaultPath = _vaultPath(options) - - // Parse .env.vault - const result = DotenvModule.configDotenv({ path: vaultPath }) - if (!result.parsed) { - throw new Error(`MISSING_DATA: Cannot parse ${vaultPath} for an unknown reason`) - } - - // handle scenario for comma separated keys - for use with key rotation - // example: DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=prod,dotenv://:key_7890@dotenv.org/vault/.env.vault?environment=prod" - const keys = _dotenvKey(options).split(',') - const length = keys.length - - let decrypted - for (let i = 0; i < length; i++) { - try { - // Get full key - const key = keys[i].trim() - - // Get instructions for decrypt - const attrs = _instructions(result, key) - - // Decrypt - decrypted = DotenvModule.decrypt(attrs.ciphertext, attrs.key) - - break - } catch (error) { - // last key - if (i + 1 >= length) { - throw error - } - // try next key - } - } - - // Parse decrypted .env string - return DotenvModule.parse(decrypted) -} - -function _log (message) { - console.log(`[dotenv@${version}][INFO] ${message}`) -} - -function _warn (message) { - console.log(`[dotenv@${version}][WARN] ${message}`) -} - -function _debug (message) { - console.log(`[dotenv@${version}][DEBUG] ${message}`) -} - -function _dotenvKey (options) { - // prioritize developer directly setting options.DOTENV_KEY - if (options && options.DOTENV_KEY && options.DOTENV_KEY.length > 0) { - return options.DOTENV_KEY - } - - // secondary infra already contains a DOTENV_KEY environment variable - if (process.env.DOTENV_KEY && process.env.DOTENV_KEY.length > 0) { - return process.env.DOTENV_KEY - } - - // fallback to empty string - return '' -} - -function _instructions (result, dotenvKey) { - // Parse DOTENV_KEY. Format is a URI - let uri - try { - uri = new URL(dotenvKey) - } catch (error) { - if (error.code === 'ERR_INVALID_URL') { - throw new Error('INVALID_DOTENV_KEY: Wrong format. Must be in valid uri format like dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=development') - } - - throw error - } - - // Get decrypt key - const key = uri.password - if (!key) { - throw new Error('INVALID_DOTENV_KEY: Missing key part') - } - - // Get environment - const environment = uri.searchParams.get('environment') - if (!environment) { - throw new Error('INVALID_DOTENV_KEY: Missing environment part') - } - - // Get ciphertext payload - const environmentKey = `DOTENV_VAULT_${environment.toUpperCase()}` - const ciphertext = result.parsed[environmentKey] // DOTENV_VAULT_PRODUCTION - if (!ciphertext) { - throw new Error(`NOT_FOUND_DOTENV_ENVIRONMENT: Cannot locate environment ${environmentKey} in your .env.vault file.`) - } - - return { ciphertext, key } -} - -function _vaultPath (options) { - let dotenvPath = path.resolve(process.cwd(), '.env') - - if (options && options.path && options.path.length > 0) { - dotenvPath = options.path - } - - // Locate .env.vault - return dotenvPath.endsWith('.vault') ? dotenvPath : `${dotenvPath}.vault` -} - -function _resolveHome (envPath) { - return envPath[0] === '~' ? path.join(os.homedir(), envPath.slice(1)) : envPath -} - -function _configVault (options) { - _log('Loading env from encrypted .env.vault') - - const parsed = DotenvModule._parseVault(options) - - let processEnv = process.env - if (options && options.processEnv != null) { - processEnv = options.processEnv - } - - DotenvModule.populate(processEnv, parsed, options) - - return { parsed } -} - -function configDotenv (options) { - let dotenvPath = path.resolve(process.cwd(), '.env') - let encoding = 'utf8' - const debug = Boolean(options && options.debug) - - if (options) { - if (options.path != null) { - dotenvPath = _resolveHome(options.path) - } - if (options.encoding != null) { - encoding = options.encoding - } - } - - try { - // Specifying an encoding returns a string instead of a buffer - const parsed = DotenvModule.parse(fs.readFileSync(dotenvPath, { encoding })) - - let processEnv = process.env - if (options && options.processEnv != null) { - processEnv = options.processEnv - } - - DotenvModule.populate(processEnv, parsed, options) - - return { parsed } - } catch (e) { - if (debug) { - _debug(`Failed to load ${dotenvPath} ${e.message}`) - } - - return { error: e } - } -} - -// Populates process.env from .env file -function config (options) { - const vaultPath = _vaultPath(options) - - // fallback to original dotenv if DOTENV_KEY is not set - if (_dotenvKey(options).length === 0) { - return DotenvModule.configDotenv(options) - } - - // dotenvKey exists but .env.vault file does not exist - if (!fs.existsSync(vaultPath)) { - _warn(`You set DOTENV_KEY but you are missing a .env.vault file at ${vaultPath}. Did you forget to build it?`) - - return DotenvModule.configDotenv(options) - } - - return DotenvModule._configVault(options) -} - -function decrypt (encrypted, keyStr) { - const key = Buffer.from(keyStr.slice(-64), 'hex') - let ciphertext = Buffer.from(encrypted, 'base64') - - const nonce = ciphertext.slice(0, 12) - const authTag = ciphertext.slice(-16) - ciphertext = ciphertext.slice(12, -16) - - try { - const aesgcm = crypto.createDecipheriv('aes-256-gcm', key, nonce) - aesgcm.setAuthTag(authTag) - return `${aesgcm.update(ciphertext)}${aesgcm.final()}` - } catch (error) { - const isRange = error instanceof RangeError - const invalidKeyLength = error.message === 'Invalid key length' - const decryptionFailed = error.message === 'Unsupported state or unable to authenticate data' - - if (isRange || invalidKeyLength) { - const msg = 'INVALID_DOTENV_KEY: It must be 64 characters long (or more)' - throw new Error(msg) - } else if (decryptionFailed) { - const msg = 'DECRYPTION_FAILED: Please check your DOTENV_KEY' - throw new Error(msg) - } else { - console.error('Error: ', error.code) - console.error('Error: ', error.message) - throw error - } - } -} - -// Populate process.env with parsed values -function populate (processEnv, parsed, options = {}) { - const debug = Boolean(options && options.debug) - const override = Boolean(options && options.override) - - if (typeof parsed !== 'object') { - throw new Error('OBJECT_REQUIRED: Please check the processEnv argument being passed to populate') - } - - // Set process.env - for (const key of Object.keys(parsed)) { - if (Object.prototype.hasOwnProperty.call(processEnv, key)) { - if (override === true) { - processEnv[key] = parsed[key] - } - - if (debug) { - if (override === true) { - _debug(`"${key}" is already defined and WAS overwritten`) - } else { - _debug(`"${key}" is already defined and was NOT overwritten`) - } - } - } else { - processEnv[key] = parsed[key] - } - } -} - -const DotenvModule = { - configDotenv, - _configVault, - _parseVault, - config, - decrypt, - parse, - populate -} - -module.exports.configDotenv = DotenvModule.configDotenv -module.exports._configVault = DotenvModule._configVault -module.exports._parseVault = DotenvModule._parseVault -module.exports.config = DotenvModule.config -module.exports.decrypt = DotenvModule.decrypt -module.exports.parse = DotenvModule.parse -module.exports.populate = DotenvModule.populate - -module.exports = DotenvModule - - /***/ }), /***/ 1223: @@ -31083,7 +30762,6 @@ module.exports = parseParams const core = __nccwpck_require__(2186) const github = __nccwpck_require__(5438) -__nccwpck_require__(2437).config() const IS_PR = [ 'pull_request', 'pull_request_target' ].includes(github.context.eventName) @@ -31477,14 +31155,6 @@ module.exports = { init } -/***/ }), - -/***/ 9968: -/***/ ((module) => { - -"use strict"; -module.exports = JSON.parse('{"name":"dotenv","version":"16.3.1","description":"Loads environment variables from .env file","main":"lib/main.js","types":"lib/main.d.ts","exports":{".":{"types":"./lib/main.d.ts","require":"./lib/main.js","default":"./lib/main.js"},"./config":"./config.js","./config.js":"./config.js","./lib/env-options":"./lib/env-options.js","./lib/env-options.js":"./lib/env-options.js","./lib/cli-options":"./lib/cli-options.js","./lib/cli-options.js":"./lib/cli-options.js","./package.json":"./package.json"},"scripts":{"dts-check":"tsc --project tests/types/tsconfig.json","lint":"standard","lint-readme":"standard-markdown","pretest":"npm run lint && npm run dts-check","test":"tap tests/*.js --100 -Rspec","prerelease":"npm test","release":"standard-version"},"repository":{"type":"git","url":"git://github.com/motdotla/dotenv.git"},"funding":"https://github.com/motdotla/dotenv?sponsor=1","keywords":["dotenv","env",".env","environment","variables","config","settings"],"readmeFilename":"README.md","license":"BSD-2-Clause","devDependencies":{"@definitelytyped/dtslint":"^0.0.133","@types/node":"^18.11.3","decache":"^4.6.1","sinon":"^14.0.1","standard":"^17.0.0","standard-markdown":"^7.1.0","standard-version":"^9.5.0","tap":"^16.3.0","tar":"^6.1.11","typescript":"^4.8.4"},"engines":{"node":">=12"},"browser":{"fs":false}}'); - /***/ }) /******/ }); diff --git a/package-lock.json b/package-lock.json index f2d56680..caa8c1bd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,7 +12,6 @@ "@actions/core": "^1.10.1", "@actions/exec": "^1.1.1", "@actions/github": "6.0.0", - "dotenv": "16.3.1", "vercel": "33.0.1" }, "devDependencies": { @@ -2368,17 +2367,6 @@ "node": ">=8" } }, - "node_modules/dotenv": { - "version": "16.3.1", - "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.3.1.tgz", - "integrity": "sha512-IPzF4w4/Rd94bA9imS68tZBaYyBWSCE47V1RGuMrB94iyTOIEwRmVL2x/4An+6mETpLrKJ5hQkB8W4kFAadeIQ==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/motdotla/dotenv?sponsor=1" - } - }, "node_modules/duplexer2": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/duplexer2/-/duplexer2-0.1.4.tgz", diff --git a/package.json b/package.json index 3f98e1da..0d8c8e71 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,6 @@ "@actions/core": "^1.10.1", "@actions/exec": "^1.1.1", "@actions/github": "6.0.0", - "dotenv": "16.3.1", "vercel": "33.0.1" }, "devDependencies": { diff --git a/src/config.js b/src/config.js index dd0096a3..c396315d 100644 --- a/src/config.js +++ b/src/config.js @@ -1,6 +1,5 @@ const core = require('@actions/core') const github = require('@actions/github') -require('dotenv').config() const IS_PR = [ 'pull_request', 'pull_request_target' ].includes(github.context.eventName)