Update dependency @dotenvx/dotenvx to ^0.45.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@dotenvx/dotenvx	^0.35.0 → ^0.45.0

---

Release Notes

dotenvx/dotenvx (@​dotenvx/dotenvx)

v0.45.0

Compare Source

Changed

• Rename dotenvx vault convert to dotenvx vault migrate (#​251)
• Update install.sh regex version check to be sh compatible (not just bash)

v0.44.6

Compare Source

Added

• Added checksums.txt as part of each release

v0.44.5

Compare Source

Changed

• Removed .github folder from published binaries on npm (example: npm code)
• Add help message to install.sh

v0.44.4

Compare Source

Changed

• Automated deployment of install.sh along with sanity checks (#​250)

v0.44.3

Compare Source

Added

• Include CHANGELOG.md in npm release
• Include install.sh in package release

v0.44.2

Compare Source

Changed

• Fix license in package.json to match project's license BSD-3.

v0.44.1

Compare Source

Changed

• Respect decryption of zero length strings - dotenvx set HELLO '' --encrypt (#​236)

v0.44.0

Compare Source

Added

• Added options.debug, options.verbose, options.quiet, and options.logLevel to .config() (#​233)

v0.43.2

Compare Source

Changed

• Patch replace when replacing double, single, or backticked quoted at anywhere in the .env file. (#​232)

v0.43.1

Compare Source

Changed

• Improved replace function regex - to handle more edge case scenarios with replacing KEY/values (#​227)

v0.43.0

Compare Source

Added

• Support require('@​dotenvx/dotenvx').config() for DOTENV_PRIVATE_KEY decryption (#​225)

v0.42.0

Compare Source

Added

• Added .env.vault deprecated warning when using DOTENV_KEY. Provide instructions to convert to encrypted .env files. (#​224)

v0.41.0

Compare Source

Added

• Added vault convert command to list convert instructions for converting .env.vault to encrypted .env files (#​222)

To convert your .env.vault file to encrypted .env file(s):

  1. Run [dotenvx vault decrypt]
  2. Run [ls -a .env*]

Lastly, convert each .env(.environment) file:

  3. Run [dotenvx convert -f .env.production]

For example:

  $ dotenvx convert -f .env
  $ dotenvx convert -f .env.ci
  $ dotenvx convert -f .env.production

Afterward:

Update production with your new DOTENV_PRIVATE_KEY_PRODUCTION located in .env.keys

Learn more at [https://dotenvx.com/docs/quickstart#add-encryption]

Changed

• Rename encryptme to convert (#​222)

v0.40.0

Compare Source

Added

• Added dotenvx encryptme command to convert an entire .env file to an encrypted .env file. (#​213)

Changed

• Made precommit smart enough to check if a .env* file is encrypted or not. If fully encrypted, then allow precommit check to pass (#​211)

Removed

• Do not warn of missing files for conventions (too noisy) (#​216)

v0.39.0

Compare Source

Added

• Add --convention flag to get

Removed

• Removed help messages like 'in production' and 'in ci'. Too specific and could lead to confusion.

v0.38.0

Compare Source

Changed

• ⚠️ DEPRECATION NOTICE: the following commands are being moved. Please, update any code and muscle memory you have related to these:
  • dotenvx encrypt => dotenvx vault encrypt
  • dotenvx decrypt => dotenvx vault decrypt
  • dotenvx status => dotenvx vault status
• ⚠️ DEPRECATION NOTICE: the beta hub commands are being completely deprecated (they will be fully removed in upcoming 1.0.0 release). We will provide .env.keys tooling at a later time (replacing hub) but in the context of the new --encrypt flag functionality below

Added

• Add encryption to your .env files with a single command. Pass the --encrypt flag. 🎉

$ dotenvx set HELLO World --encrypt
set HELLO with encryption (.env)

A DOTENV_PUBLIC_KEY (encryption key) and a DOTENV_PRIVATE_KEY (decryption key) is generated using the same public-key cryptography as Bitcoin.

Further notes:

• DOTENV_PUBLIC_KEY lives in the .env file. You can safely share this with whomever you wish.
• DOTENV_PRIVATE_KEY lives in your .env.keys file. Share this only with those you trust to decrypt your secrets.
• If using encrypted .env files like this it is safe to commit them to source code. This makes reviewing PRs that contain secrets much easier.
• Tell your contributors to contribute a secret using the command dotenvx set HELLO world --encrypt.
• Set your DOTENV_PRIVATE_KEY on your server to decrypt these values using dotenvx run -- yourcommand
• You can repeat all this per environment by modifying your set command to dotenvx set HELLO production -f .env.production --encrypt (for example)
• In time we will add better tooling for sharing the private keys living in .env.keys, but until then safely share with team members you trust.
• This mechanism should be particularly useful for open source projects that want to permit secrets contributions without handing out the decryption keys. Now anyone can contribute a secret and only you can decrypt it to see what was changed.
• This solution is brand new, but I intend it to be the future for .env files. It has many benefits over .env.vault files. We will be sunsetting the .env.vault mechanism but its tooling will stay around in dotenvx for at least 1 year to come - under dotenvx vault parent command.
• Be patient as we update our documentation to prioritize this improved encryption format for .env files.

v0.37.1

Compare Source

• warn when running dotenvx status against any untracked (not in .env.vault) files (#​196)

v0.37.0

Compare Source

• add --convention nextjs flag to dotenvx run (#​193)
• improve status error message when decrypt fails or no .env* files (#​192)

v0.36.1

Compare Source

• handle SIGTERM (#​191)

v0.36.0

Compare Source

• add dotenvx status command (#​186)
• add dotenvx decrypt [directory] argument option (#​186)
• add dotenvx decrypt --environment flag option (#​186)
• normalize windows \ paths (#​186)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.