Merge pull request #18 from imcatwhocode/dev

Release 2.3.0
imcatwhocode · Feb 22, 2024 · 9048e29 · 9048e29
2 parents 1a6c9f8 + 44dfd04
commit 9048e29
Show file tree

Hide file tree

Showing 6 changed files with 70 additions and 35 deletions.
diff --git a/README.md b/README.md
@@ -109,6 +109,16 @@ branding:
 #define NON_SECURE_STUFF /* @envienc no-encrypt */ "not_secret_at_all"
 ```
 
+## Log
+
+Envienc uses `pino` for logging. By default, output is prettified using `pino-pretty` package.
+If you want to output logs in default JSON format, set `LOG_JSON` environment variable to `true`.
+
+```bash
+# This will output logs in Pino's default JSON format
+LOG_JSON=true npx envienc encrypt
+```
+
 ## Encryption
 
 Under the hood, envienc uses the AES-256-GCM algorithm to encrypt the values.

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,8 +1,8 @@
 {
   "name": "envienc",
-  "version": "2.2.1",
+  "version": "2.3.0",
   "private": false,
-  "description": "🔐 Tool for dotenv values encryption",
+  "description": "🔐 Encrypt dotenv, YAML and Hpp values keeping the rest of file intact",
   "repository": "https://github.com/imcatwhocode/envienc",
   "license": "MIT",
   "author": "Dmitry Nourell <[email protected]>",
@@ -27,6 +27,7 @@
     "enquirer": "^2.4.1",
     "glob": "^10.3.10",
     "pino": "^8.18.0",
+    "pino-pretty": "^10.3.1",
     "yaml": "^2.3.4",
     "zod": "^3.22.4"
   },
@@ -35,7 +36,6 @@
     "@types/node": "^18.15.0",
     "@vercel/style-guide": "^5.2.0",
     "jest": "^29.7.0",
-    "pino-pretty": "^10.3.1",
     "prettier": "^3.2.4",
     "rimraf": "^5.0.5",
     "source-map-support": "^0.5.21",

diff --git a/src/actions/decrypt.ts b/src/actions/decrypt.ts
@@ -6,6 +6,13 @@ import { findEncrypted } from '../glob';
 import { getParser } from '../languages';
 import { logger } from '../output';
 
+function exitWithPasswordError(): never {
+  logger.error(
+    'Password is missing. Provide it via "-p <password>" argument, "ENVIENC_PASSWORD" environment variable or enter manually on prompt.',
+  );
+  process.exit(1);
+}
+
 /**
  * Implements "decrypt" action
  * @param opts - Arguments
@@ -33,11 +40,11 @@ export async function decryptAction(
         type: 'password',
         name: 'password',
         message: '🔑 Encryption password:',
+        onCancel: exitWithPasswordError,
       });
+
       if (!input.password) {
-        throw new Error(
-          'Password is missing. Provide it via "-p <password>" argument, "ENVIENC_PASSWORD" environment variable or enter manually on prompt.',
-        );
+        exitWithPasswordError();
       }
 
       password = input.password;
@@ -68,13 +75,29 @@ export async function decryptAction(
   const changes: [string, string][] = paths.map((path) => {
     let contents = readFileSync(path, 'utf-8');
     const { decryptFile } = getParser(path, contents);
-    contents = decryptFile(contents, decryptor);
+
+    try {
+      contents = decryptFile(contents, decryptor);
+    } catch (err) {
+      // I wish Node had a better way to filter that error, but it doesn't
+      if (
+        (err as Error).message ===
+        'Unsupported state or unable to authenticate data'
+      ) {
+        logger.error(
+          `Password is incorrect or encrypted data is corrupted for: %s`,
+          path,
+        );
+        process.exit(1);
+      }
+      throw err;
+    }
     return [path.split('.').slice(0, -1).join('.'), contents];
   });
 
   changes.forEach(([path, contents]) => {
     writeFileSync(path, contents, 'utf-8');
-    logger.info('Decrypted:', path);
+    logger.info('Decrypted: %s', path);
   });
 
   logger.info('Done!');

diff --git a/src/actions/encrypt.ts b/src/actions/encrypt.ts
@@ -6,6 +6,13 @@ import { EXTENSION, findPlaintext } from '../glob';
 import { logger } from '../output';
 import { getParser } from '../languages';
 
+function exitWithPasswordError(): never {
+  logger.error(
+    'Password is missing. Provide it via "-p <password>" argument, "ENVIENC_PASSWORD" environment variable or enter manually on prompt.',
+  );
+  process.exit(1);
+}
+
 /**
  * Implements "encrypt" action
  * @param opts - Arguments
@@ -22,7 +29,7 @@ export async function encryptAction(
     passwordArgument ?? process.env.ENVIENC_PASSWORD ?? process.env.ENVIENC_PWD;
   if (!config) {
     logger.error(
-      'Configuration file is missing. Initialize first with "envienc init"',
+      'Configuration file is missing. Initialize with "envienc init" first.',
     );
     process.exit(1);
   }
@@ -33,11 +40,10 @@ export async function encryptAction(
         type: 'password',
         name: 'password',
         message: '🔑 Encryption password:',
+        onCancel: exitWithPasswordError,
       });
       if (!input.password) {
-        throw new Error(
-          'Password is missing. Provide it via "-p <password>" argument, "ENVIENC_PASSWORD" environment variable or enter manually on prompt.',
-        );
+        exitWithPasswordError();
       }
 
       password = input.password;

diff --git a/src/output.ts b/src/output.ts
@@ -2,4 +2,14 @@ import { pino } from 'pino';
 
 export const logger = pino({
   name: 'envienc',
+  transport:
+    process.env.LOG_JSON === 'true'
+      ? undefined
+      : {
+          target: 'pino-pretty',
+          options: {
+            colorize: true,
+            ignore: 'pid,hostname',
+          },
+        },
 });