Skip to content

Node v0.1.0-alpha.6 — Auto-load .env.local

Pre-release
Pre-release

Choose a tag to compare

View all tags
@davidalmeidac davidalmeidac released this 07 May 18:58
· 86 commits to main since this release
node-v0.1.0-alpha.6
e6d6720

UX-focused release. No wire-format changes — files sealed by 0.1.0-alpha.4/5 decrypt cleanly on 0.1.0-alpha.6 and vice versa.

Added

Auto-loading of SEALED_ENV_* from .env.local. Every CLI command (except init/version/help) reads .env.local in the current directory at startup and injects any SEALED_ENV_* keys it finds — but only for keys that aren't already set in the environment.

Before alpha.6

sealed-env init --mode enterprise
:: imprime keys, escribe .env.local
:: pero el user tiene que correr manualmente:
set SEALED_ENV_KEY=ce55...
set SEALED_ENV_SIGNING_KEY=b384...
set SEALED_ENV_TOTP_SECRET=KVED...
sealed-env encrypt .env --mode enterprise

After alpha.6

sealed-env init --mode enterprise
sealed-env encrypt .env --mode enterprise
:: ya está. nunca tocó env vars.

Properties

  • Dev machines: zero friction. After init, every sealed-env command in that directory just works.
  • CI / production: explicit env vars always win. A stray .env.local cannot override platform secrets.
  • Other dotenv vars: ignored. The auto-loader is NOT a generic dotenv loader — only SEALED_ENV_* keys are touched, so no collision with dotenv / framework env loading.
  • Opt-out: set SEALED_ENV_NO_AUTOLOAD=1.
  • Visibility: the CLI prints (loaded N SEALED_ENV_* vars from .env.local) to stderr so users know auto-loading happened.

Migration

None. This is a pure UX addition. .env.local has been generated by init since alpha.1.

Full changelog: CHANGELOG.md

Assets 2
Loading