diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..6151c64 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,10 @@ +version: 2 +updates: + - package-ecosystem: "gomod" + directory: / + schedule: + interval: "daily" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c10a96b..c740ad0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,56 +8,13 @@ jobs: strategy: fail-fast: false matrix: - go: [ '1.17', '1.16', '1.15', '1.14' ] + go: [ '1.18', '1.17', '1.16', '1.15' ] os: [ ubuntu-latest, macOS-latest, windows-latest ] name: ${{ matrix.os }} Go ${{ matrix.go }} Tests steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Setup go - uses: actions/setup-go@v2 + uses: actions/setup-go@v3 with: go-version: ${{ matrix.go }} - run: go test - - test-non-amd64: - strategy: - fail-fast: false - matrix: - arch: - # For some reasons this is segfaulting on go env - # - name: IBM Z and LinuxONE - # architecture: "s390x" - - name: POWER8 - architecture: "ppc64le" - - runs-on: ubuntu-latest - name: Test on ${{ matrix.arch.name }} - steps: - - uses: actions/checkout@v2 - - uses: uraimo/run-on-arch-action@master - with: - arch: ${{ matrix.arch.architecture }} - distro: ubuntu20.04 - env: | # YAML pipe - GOARCH: ${{ matrix.arch.architecture }} - CGO_ENABLED: 0 - GOINSECURE: "**/*" - run: | - apt-get update - apt-get install -q -y curl wget git - latestGo=$(curl "https://golang.org/VERSION?m=text") - wget "https://dl.google.com/go/${latestGo}.linux-${GOARCH}.tar.gz" - rm -f $(which go) - rm -rf /usr/local/go - tar -C /usr/local -xzf "${latestGo}.linux-${GOARCH}.tar.gz" - export PATH=/usr/local/go/bin:$PATH - printf "Using go at: $(which go)\n" - printf "Go version: $(go version)\n" - printf "\n\nGo environment:\n\n" - go env - printf "\n\nSystem environment:\n\n" - env - go get -v -t -d ./... - go test ./... - cd ./cmd/godotenv - go build -trimpath -ldflags="-w -s" -v \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..db5c760 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,72 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '31 4 * * 2' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'go' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dc2c692..e378b78 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,11 +11,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Generate build files - uses: thatisuday/go-cross-build@v1 + uses: thatisuday/go-cross-build@v1.0.2 with: - platforms: 'linux/amd64, linux/ppc64le, darwin/amd64, windows/amd64' + platforms: 'linux/amd64, linux/ppc64le, darwin/amd64, darwin/arm64, windows/amd64' package: 'cmd/godotenv' name: 'godotenv' compress: 'true' @@ -29,4 +29,3 @@ jobs: file: dist/* file_glob: true overwrite: true - \ No newline at end of file diff --git a/README.md b/README.md index 1ec45b2..0f170cb 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # GoDotEnv ![CI](https://github.com/joho/godotenv/workflows/CI/badge.svg) [![Go Report Card](https://goreportcard.com/badge/github.com/joho/godotenv)](https://goreportcard.com/report/github.com/joho/godotenv) -A Go (golang) port of the Ruby dotenv project (which loads env vars from a .env file) +A Go (golang) port of the Ruby [dotenv](https://github.com/bkeepers/dotenv) project (which loads env vars from a .env file). From the original Library: @@ -8,9 +8,9 @@ From the original Library: > > But it is not always practical to set environment variables on development machines or continuous integration servers where multiple projects are run. Dotenv load variables from a .env file into ENV when the environment is bootstrapped. -It can be used as a library (for loading in env for your own daemons etc) or as a bin command. +It can be used as a library (for loading in env for your own daemons etc.) or as a bin command. -There is test coverage and CI for both linuxish and windows environments, but I make no guarantees about the bin version working on windows. +There is test coverage and CI for both linuxish and Windows environments, but I make no guarantees about the bin version working on Windows. ## Installation @@ -21,6 +21,13 @@ go get github.com/joho/godotenv ``` or if you want to use it as a bin command + +go >= 1.17 +```shell +go install github.com/joho/godotenv/cmd/godotenv@latest +``` + +go < 1.17 ```shell go get github.com/joho/godotenv/cmd/godotenv ``` @@ -40,9 +47,10 @@ Then in your Go app you can do something like package main import ( - "github.com/joho/godotenv" "log" "os" + + "github.com/joho/godotenv" ) func main() { @@ -163,9 +171,17 @@ content, err := godotenv.Marshal(env) ## Contributing -Contributions are most welcome! The parser itself is pretty stupidly naive and I wouldn't be surprised if it breaks with edge cases. +Contributions are welcome, but with some caveats. -*code changes without tests will not be accepted* +This library has been declared feature complete (see [#182](https://github.com/joho/godotenv/issues/182) for background) and will not be accepting issues or pull requests adding new functionality or breaking the library API. + +Contributions would be gladly accepted that: + +* bring this library's parsing into closer compatibility with the mainline dotenv implementations, in particular [Ruby's dotenv](https://github.com/bkeepers/dotenv) and [Node.js' dotenv](https://github.com/motdotla/dotenv) +* keep the library up to date with the go ecosystem (ie CI bumps, documentation changes, changes in the core libraries) +* bug fixes for use cases that pertain to the library's purpose of easing development of codebases deployed into twelve factor environments + +*code changes without tests and references to peer dotenv implementations will not be accepted* 1. Fork it 2. Create your feature branch (`git checkout -b my-new-feature`) @@ -179,10 +195,6 @@ Releases should follow [Semver](http://semver.org/) though the first couple of r Use [annotated tags for all releases](https://github.com/joho/godotenv/issues/30). Example `git tag -a v1.2.1` -## CI - -Linux: [![Build Status](https://travis-ci.org/joho/godotenv.svg?branch=master)](https://travis-ci.org/joho/godotenv) Windows: [![Build status](https://ci.appveyor.com/api/projects/status/9v40vnfvvgde64u4)](https://ci.appveyor.com/project/joho/godotenv) - ## Who? The original library [dotenv](https://github.com/bkeepers/dotenv) was written by [Brandon Keepers](http://opensoul.org/), and this port was done by [John Barton](https://johnbarton.co/) based off the tests/fixtures in the original library. diff --git a/godotenv.go b/godotenv.go index 9b4bd3e..a281d3a 100644 --- a/godotenv.go +++ b/godotenv.go @@ -1,6 +1,6 @@ // Package godotenv is a go port of the ruby dotenv library (https://github.com/bkeepers/dotenv) // -// Examples/readme can be found on the github page at https://github.com/joho/godotenv +// Examples/readme can be found on the GitHub page at https://github.com/joho/godotenv // // The TL;DR is that you make a .env file that looks something like // @@ -40,15 +40,15 @@ func Parse(r io.Reader) (map[string]string, error) { // Load will read your env file(s) and load them into ENV for this process. // -// Call this function as close as possible to the start of your program (ideally in main) +// Call this function as close as possible to the start of your program (ideally in main). // -// If you call Load without any args it will default to loading .env in the current path +// If you call Load without any args it will default to loading .env in the current path. // -// You can otherwise tell it which files to load (there can be more than one) like +// You can otherwise tell it which files to load (there can be more than one) like: // // godotenv.Load("fileone", "filetwo") // -// It's important to note that it WILL NOT OVERRIDE an env variable that already exists - consider the .env file to set dev vars or sensible defaults +// It's important to note that it WILL NOT OVERRIDE an env variable that already exists - consider the .env file to set dev vars or sensible defaults. func Load(filenames ...string) (err error) { filenames = filenamesOrDefault(filenames) @@ -63,15 +63,15 @@ func Load(filenames ...string) (err error) { // Overload will read your env file(s) and load them into ENV for this process. // -// Call this function as close as possible to the start of your program (ideally in main) +// Call this function as close as possible to the start of your program (ideally in main). // -// If you call Overload without any args it will default to loading .env in the current path +// If you call Overload without any args it will default to loading .env in the current path. // -// You can otherwise tell it which files to load (there can be more than one) like +// You can otherwise tell it which files to load (there can be more than one) like: // // godotenv.Overload("fileone", "filetwo") // -// It's important to note this WILL OVERRIDE an env variable that already exists - consider the .env file to forcefilly set all vars. +// It's important to note this WILL OVERRIDE an env variable that already exists - consider the .env file to forcefully set all vars. func Overload(filenames ...string) (err error) { filenames = filenamesOrDefault(filenames) @@ -108,20 +108,13 @@ func Read(filenames ...string) (envMap map[string]string, err error) { // Unmarshal reads an env file from a string, returning a map of keys and values. func Unmarshal(str string) (envMap map[string]string, err error) { - return UnmarshalBytes([]byte(str)) -} - -// UnmarshalBytes parses env file from byte slice of chars, returning a map of keys and values. -func UnmarshalBytes(src []byte) (map[string]string, error) { - out := make(map[string]string) - err := parseBytes(src, out) - return out, err + return Parse(strings.NewReader(str)) } // Exec loads env vars from the specified filenames (empty map falls back to default) // then executes the cmd specified. // -// Simply hooks up os.Stdin/err/out to the command and calls Run() +// Simply hooks up os.Stdin/err/out to the command and calls Run(). // // If you want more fine grained control over your command it's recommended // that you use `Load()` or `Read()` and the `os/exec` package yourself. @@ -137,7 +130,7 @@ func Exec(filenames []string, cmd string, cmdArgs []string) error { return command.Run() } -// Write serializes the given environment and writes it to a file +// Write serializes the given environment and writes it to a file. func Write(envMap map[string]string, filename string) error { content, err := Marshal(envMap) if err != nil { diff --git a/godotenv_test.go b/godotenv_test.go index 28192c0..05aaca8 100644 --- a/godotenv_test.go +++ b/godotenv_test.go @@ -131,7 +131,7 @@ func TestLoadDoesNotOverride(t *testing.T) { loadEnvAndCompareValues(t, Load, envFileName, expectedValues, presets) } -func TestOveroadDoesOverride(t *testing.T) { +func TestOverloadDoesOverride(t *testing.T) { envFileName := "fixtures/plain.env" // ensure NO overload @@ -357,11 +357,11 @@ func TestParsing(t *testing.T) { // expect(env('FOO="bar\nbaz"')).to eql('FOO' => "bar\nbaz") parseAndCompare(t, `FOO="bar\nbaz"`, "FOO", "bar\nbaz") - // it 'parses varibales with "." in the name' do + // it 'parses variables with "." in the name' do // expect(env('FOO.BAR=foobar')).to eql('FOO.BAR' => 'foobar') parseAndCompare(t, "FOO.BAR=foobar", "FOO.BAR", "foobar") - // it 'parses varibales with several "=" in the value' do + // it 'parses variables with several "=" in the value' do // expect(env('FOO=foobar=')).to eql('FOO' => 'foobar=') parseAndCompare(t, "FOO=foobar=", "FOO", "foobar=") diff --git a/renovate.json b/renovate.json deleted file mode 100644 index f45d8f1..0000000 --- a/renovate.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "extends": [ - "config:base" - ] -}