Overhauls Config System, Adds CLI Management & Fixes Node.js Loading#5
Overhauls Config System, Adds CLI Management & Fixes Node.js Loading#5amannirala13 wants to merge 4 commits intomainfrom
Conversation
BREAKING CHANGE: Auto-loading removed
## Phase 1 Complete: Remove Auto-Load Race Condition
### Breaking Changes
- Removed config.ts auto-load entry point
- Removed register.ts --require hook
- Removed exports for ./config and ./register
- All users MUST use explicit async API
### Reason
The auto-load implementation had a critical race condition where the
async IIFE returned immediately without waiting for secrets to load,
causing process.env secrets to be undefined.
### Migration Required
Before (v0.2.x - broken):
```js
require('@envguard/node/config');
console.log(process.env.API_KEY); // undefined!
```
After (v0.3.0 - fixed):
```js
(async () => {
await require('@envguard/node').config();
console.log(process.env.API_KEY); // Works!
})();
```
### Changes
- Delete config.ts and register.ts
- Update package.json exports (remove config/register)
- Update tsup.config.ts (remove from build)
- Update README with async-only examples
- Add MIGRATION_GUIDE_V03.md
- Update CHANGELOG with v0.3.0 breaking changes
- Version bump: 0.2.0 → 0.3.0
### Testing
- All 88 tests passing ✅
- Build successful ✅
- No config/register in dist ✅
### Next Steps
- Phase 2: PackageNameResolver
- Phase 3: Config v2 schema
- Phase 4-7: Full enterprise config system
See IMPLEMENTATION_SPEC.md for complete roadmap.
Co-authored-by: Claude <noreply@anthropic.com>
Add PackageNameResolver with multi-strategy package name detection: - Reverse domain notation support (com.company.app) - NPM package name detection - Git remote URL parsing - Directory name fallback - Interactive package name selection in init command Key Changes: - packages/core/src/config/package-name-resolver.ts: New resolver class with 4 strategies (AUTO, REVERSE_DOMAIN, NPM, MANUAL) - packages/core/__tests__/config/package-name-resolver.test.ts: 19 comprehensive tests - packages/cli/src/commands/init.action.ts: Updated to use PackageNameResolver with interactive prompts - packages/core/src/config/index.ts: Export new resolver types Features: - Auto-detect package names from package.json, git remotes, or directory - Validate package names (no spaces, valid chars, reverse domain recommended) - Convert npm names to reverse domain (e.g., @envguard/node → dev.envguard.node) - Parse git URLs (SSH and HTTPS) to reverse domain format - Interactive selection with suggestions marked as "(recommended)" - Multi-language project support (no package.json dependency) Tests: All 19 PackageNameResolver tests passing Build: Clean builds for core and cli packages 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
… (Phase 3) Add comprehensive v2 configuration system with enhanced structure, automatic migration, and backward compatibility with v1 configs. Core Changes: - packages/core/src/config/config.ts: Add EnvGuardConfigV2 class with 8 structured interfaces * IPackageConfig: name, displayName, type (reverse-domain/npm/manual) * IEnvironmentConfig: allowed list, default, naming mode (strict/relaxed) * IPathsConfig: template and manifest paths * IValidationConfig: enabled, strictMode, enforceRotation * ISecurityConfig: auditLog, requireConfirmation, allowedCommands * IManifestConfig: version, autoSync * IConfigMetadata: created, lastModified, modifiedBy * 13 getter methods, updateMetadata(), isValid(), createDefault() - packages/core/src/config/config-migrator.ts: Automatic v1→v2 migration system * detectVersion(): Detect v1 or v2 config from file * migrateV1ToV2(): Convert v1 to v2 preserving settings * backupV1Config(): Create timestamped backup before migration * performMigration(): Full migration with backup + validation * needsMigration(): Check if migration required * loadConfig(): Unified loader for both v1 and v2 - packages/core/src/config/config.manager.ts: Support both v1 and v2 * load(): Returns v1 or v2 instance * loadOrMigrate(): Auto-migrates v1→v2 transparently * createV2(): Create new v2 config (default for new projects) * getPackageName(): Handle both v1.getPackage() and v2.getPackageName() * update(): Update v1 or v2 with type-safe field mapping - packages/core/src/config/config.parser.ts: Handle both versions * writeToFile(): Accept EnvGuardConfig | EnvGuardConfigV2 * serializeToJSON(): Serialize v1 or v2 to JSON Updated Components: - packages/cli/src/commands/init.action.ts: Use createV2() for new projects - packages/node/src/loader/index.ts: Support both v1 and v2 package name getters - packages/core/src/config/index.ts: Export all v2 types and classes Tests: - packages/core/__tests__/config/config-v2.test.ts: 23 tests for EnvGuardConfigV2 * createDefault with different package types * All getter methods * isEnvironmentAllowed validation * updateMetadata functionality * isValid comprehensive validation * toObject serialization - packages/core/__tests__/config/config-migrator.test.ts: 16 tests for migration * detectVersion for v1, v2, invalid, missing * migrateV1ToV2 with field preservation * backupV1Config file creation * performMigration full workflow * needsMigration detection * loadConfig unified loading Benefits: - Multi-language support via reverse domain notation - Environment management with allowed list (prevent typos) - Validation and security policies - Metadata tracking for audit trails - Automatic migration preserves user settings - Backward compatible - old projects continue to work - Enterprise-ready configuration structure All Tests Passing: - @envguard/core: 58 tests (19 + 23 + 16 new) - @envguard/node: 88 tests - @envguard/cli: 19 tests - Build: Clean for all packages 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Add comprehensive config management commands with 7 subcommands for
viewing, editing, validating, backing up, and migrating configurations.
New Commands:
- envg config get <key>: Get config value with dot notation support
* Examples: envg config get package.name, envg config get environments.default
* Returns formatted JSON for objects, plain values for primitives
- envg config set <key> <value>: Set config value with dot notation
* Auto-migrates v1→v2 before setting values
* Updates metadata timestamps automatically
* Type-safe value conversion (boolean, number, array, string)
- envg config list: Display complete configuration as JSON
* Works with both v1 and v2 configs
* Pretty-printed output
- envg config validate: Validate current configuration
* Checks all required fields
* Validates environment consistency (default must be in allowed list)
* Provides detailed error messages for v2 configs
- envg config backup: Create timestamped backup
* Default path: .envguard/config.backup.{timestamp}.json
* Custom path via --output flag
- envg config restore <file>: Restore from backup
* Auto-creates backup of current config before restoring
* Validates backup file format
* Supports both v1 and v2 backups
- envg config migrate: Migrate v1→v2 manually
* Auto-detects current version
* Creates backup before migration
* Skips if already v2
Implementation Details:
- packages/cli/src/commands/config.action.ts: Core implementation (430 lines)
* configGetAction: Nested object access with dot notation
* configSetAction: Type-aware value setting with auto-migration
* configListAction: Pretty JSON display
* configValidateAction: Comprehensive validation with detailed errors
* configBackupAction: Timestamped backup creation
* configRestoreAction: Safe restore with auto-backup
* configMigrateAction: v1→v2 migration workflow
* Helper functions: getNestedValue(), setNestedValue()
- packages/cli/src/cli.ts: Command registration
* Registered config command with 7 subcommands
* Commander.js subcommand pattern
* Consistent --verbose flag support
- packages/cli/src/commands/index.ts: Export config actions
Features:
- Dot notation for nested config access (e.g., "package.name", "environments.allowed")
- Auto-migration from v1→v2 when setting values
- Metadata tracking (lastModified, modifiedBy)
- Safe restore with automatic backup creation
- Type-safe value conversion (string→boolean/number/array)
- Comprehensive validation with actionable error messages
- Timestamped backups for audit trails
CLI Help Output:
$ envg config --help
Usage: envg config [options] [command]
Manage EnvGuard configuration
Commands:
get [options] <key> Get a config value (supports dot notation)
set [options] <key> <value> Set a config value (supports dot notation)
list [options] List all config values
validate [options] Validate current config
backup [options] Backup current config
restore [options] <file> Restore config from backup
migrate [options] Migrate config from v1 to v2
All Tests Passing:
- @envguard/core: 58 tests
- @envguard/node: 88 tests
- @envguard/cli: 12 tests
- Build: Clean for all packages
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
amannirala13
added
the
ai-agent
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a comprehensive overhaul of EnvGuard's configuration system and addresses a critical race condition in the Node.js runtime. The changes enable enterprise adoption through improved package naming, structured configuration management, and explicit async secret loading.
Key Changes:
- Implements Config v2 schema with enhanced environment management, validation policies, and security settings
- Adds CLI commands for programmatic configuration management (
envg config get/set/list/validate/backup/restore/migrate) - Removes auto-loading from
@envguard/nodeto fix race condition and enforces explicit async loading pattern
Reviewed Changes
Copilot reviewed 23 out of 23 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
packages/node/package.json |
Bumps version to 0.3.0 and removes config/register export endpoints |
packages/node/src/config.ts |
Removes auto-load module (breaking change) |
packages/node/src/register.ts |
Removes --require hook entry point (breaking change) |
packages/node/src/loader/index.ts |
Adds backward compatibility for v1/v2 config package name getters |
packages/core/src/config/package-name-resolver.ts |
Implements multi-strategy package name resolution with reverse-domain notation support |
packages/core/src/config/config.ts |
Adds EnvGuardConfigV2 class with structured configuration fields |
packages/core/src/config/config-migrator.ts |
Implements v1→v2 config migration with automatic backup |
packages/core/src/config/config.manager.ts |
Adds v2 config support and auto-migration capabilities |
packages/cli/src/commands/init.action.ts |
Updates init flow with interactive package name selection and validation |
packages/cli/src/commands/config.action.ts |
Implements config management CLI commands |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| const sshMatch = gitRemote.match(/git@([^:]+):([^/]+)\/([^.]+)\.git/); | ||
| if (sshMatch && sshMatch[1] && sshMatch[2] && sshMatch[3]) { | ||
| const [, host, org, repo] = sshMatch; |
There was a problem hiding this comment.
Array destructuring without verifying array length. The regex capture groups are checked for existence in the parent condition, but TypeScript doesn't guarantee the array indices exist. This could throw if the regex unexpectedly fails to capture all groups.
| /https?:\/\/([^/]+)\/([^/]+)\/([^.]+)\.git/ | ||
| ); | ||
| if (httpsMatch && httpsMatch[1] && httpsMatch[2] && httpsMatch[3]) { | ||
| const [, host, org, repo] = httpsMatch; |
There was a problem hiding this comment.
Array destructuring without verifying array length. The regex capture groups are checked for existence in the parent condition, but TypeScript doesn't guarantee the array indices exist. This could throw if the regex unexpectedly fails to capture all groups.
| */ | ||
| static createDefault( | ||
| packageName: string, | ||
| cliVersion: string = '0.3.0' |
There was a problem hiding this comment.
Hardcoded CLI version in default parameter creates maintenance burden. Consider obtaining version from package.json dynamically to keep it synchronized with actual releases.
| */ | ||
| static migrateV1ToV2( | ||
| v1Config: EnvGuardConfig, | ||
| cliVersion: string = '0.3.0' |
There was a problem hiding this comment.
Hardcoded CLI version in default parameter creates maintenance burden. Consider obtaining version from package.json dynamically or accepting it as a required parameter to ensure version tracking accuracy.
| } | ||
|
|
||
| // Update metadata | ||
| config.updateMetadata('envg-cli'); |
There was a problem hiding this comment.
The modifiedBy value 'envg-cli' lacks version information. Consider including the CLI version (e.g., 'envg-cli@0.3.0') to track which version made the modification, consistent with the createDefault method.
| // 4. Create config | ||
| await configManager.create(packageName, templateFile); | ||
| // 4. Create config (v2) | ||
| await configManager.createV2(packageName); |
There was a problem hiding this comment.
The templateFile variable is determined earlier in the function but is no longer passed to createV2(). This means the user's template file selection (including --template option and interactive prompts) is ignored, and only the default '.env.template' from createDefault() is used.
| await configManager.createV2(packageName); | |
| await configManager.createV2(packageName, templateFile); |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| async load(): Promise<EnvGuardConfig | EnvGuardConfigV2 | null> { | ||
| return await ConfigMigrator.loadConfig(this.configPath); | ||
| } | ||
|
|
||
| /** | ||
| * Load config and auto-migrate if needed | ||
| * | ||
| * @param cliVersion - CLI version for metadata | ||
| * @returns EnvGuardConfigV2 instance or null if not initialized | ||
| */ | ||
| async loadOrMigrate( | ||
| cliVersion: string = '0.3.0' | ||
| ): Promise<EnvGuardConfigV2 | null> { | ||
| const config = await this.load(); | ||
|
|
||
| if (!config) { | ||
| return null; | ||
| } | ||
|
|
||
| // Already v2 | ||
| if (config instanceof EnvGuardConfigV2) { | ||
| return config; |
There was a problem hiding this comment.
After load() was widened to return EnvGuardConfig | EnvGuardConfigV2, callers such as get.action.ts, check.action.ts, etc. still invoke config.getPackage()/config.getDefaultEnvironment() which only exist on the v1 class. Once init creates a v2 config, those commands will crash at runtime (TypeError: config.getPackage is not a function). Either adapt load() to provide a backward‑compatible interface or update the commands to use ConfigManager.getPackageName() / instanceof guards.
Useful? React with 👍 / 👎.
| return migratedConfig as EnvGuardConfigV2; | ||
| } | ||
|
|
||
| /** |
There was a problem hiding this comment.
ConfigManager.save can no longer accept v2 configs
save() still declares its parameter as EnvGuardConfig, but configSetAction now operates on EnvGuardConfigV2 instances and passes them into this method. Under the repo’s strict TypeScript settings the build will fail because EnvGuardConfigV2 is structurally incompatible with EnvGuardConfig. The method should accept a union or overload so both versions can be persisted without casting.
Useful? React with 👍 / 👎.
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This is a substantial and well-thought-out pull request that significantly improves the configuration system, making it more robust and enterprise-ready. The introduction of the v2 config schema, the PackageNameResolver for multi-language support, and the comprehensive envg config CLI commands are excellent additions. The fix for the race condition in the Node.js package by enforcing explicit async loading is a critical improvement for reliability. The documentation, including the detailed architecture audit, implementation spec, and migration guides, is exemplary and shows great attention to detail. I've found a critical issue related to saving the new v2 config that will prevent the envg config set command from working, along with a few medium-severity suggestions to improve code clarity, maintainability, and user experience. Overall, this is a fantastic contribution that moves the project forward significantly.
| export async function configSetAction( | ||
| key: string, | ||
| value: string, | ||
| options: ConfigSetOptions | ||
| ): Promise<void> { | ||
| try { | ||
| const configManager = new ConfigManager(); | ||
| let config = await configManager.load(); | ||
|
|
||
| if (!config) { | ||
| error('EnvGuard not initialized. Run "envg init" first.'); | ||
| process.exit(1); | ||
| } | ||
|
|
||
| // Auto-migrate to v2 if needed | ||
| if (!(config instanceof EnvGuardConfigV2)) { | ||
| info('Migrating config to v2...'); | ||
| config = await configManager.loadOrMigrate(); | ||
| if (!config) { | ||
| error('Migration failed'); | ||
| process.exit(1); | ||
| } | ||
| } | ||
|
|
||
| // Set the value | ||
| const success = setNestedValue(config, key, value); | ||
| if (!success) { | ||
| error(`Cannot set config key "${key}"`); | ||
| process.exit(1); | ||
| } | ||
|
|
||
| // Update metadata | ||
| config.updateMetadata('envg-cli'); | ||
|
|
||
| // Save | ||
| await configManager.save(config); | ||
|
|
||
| info(`✓ Updated ${key} = ${value}`); | ||
| } catch (err) { | ||
| error(`Failed to set config: ${(err as Error).message}`); | ||
| process.exit(1); | ||
| } | ||
| } |
There was a problem hiding this comment.
This action correctly attempts to save the modified v2 configuration. However, the configManager.save(config) call on line 149 will fail. The ConfigManager.save method in @envguard/core is currently typed to only accept an EnvGuardConfig (v1) instance, but here it is being passed an EnvGuardConfigV2 instance. This will cause a type error at compile time and a runtime failure.
To fix this, the ConfigManager.save method needs to be updated to accept both v1 and v2 config types, or a new generic save method should be used. For example:
// In packages/core/src/config/config.manager.ts
async save(config: EnvGuardConfig | EnvGuardConfigV2): Promise<void> {
await this.parser.writeToFile(this.configPath, config);
}Since ConfigManager.update already seems to handle both types via parser.writeToFile, another option could be to refactor this action to use configManager.update, though modifying save is the most direct fix.
| async function promptPackageName(): Promise<string> { | ||
| // Get suggestions from project context | ||
| const suggestions = await PackageNameResolver.suggest(process.cwd()); | ||
|
|
||
| // If we have no suggestions, ask user to enter manually | ||
| if (suggestions.length === 0) { | ||
| const answer = await inquirer.prompt([ | ||
| { | ||
| type: 'input', | ||
| name: 'packageName', | ||
| message: 'Enter package name (e.g., com.company.app):', | ||
| default: 'local.my-app', | ||
| validate: (input: string) => { | ||
| const validation = PackageNameResolver.validate(input); | ||
| if (!validation.valid) { | ||
| return validation.error || 'Invalid package name'; | ||
| } | ||
| if (validation.error) { | ||
| warn(validation.error); | ||
| } | ||
| return true; | ||
| }, | ||
| }, | ||
| ]); | ||
| return answer.packageName; | ||
| } | ||
|
|
||
| // Show suggestions with option for custom input | ||
| const answer = await inquirer.prompt([ | ||
| { | ||
| type: 'list', | ||
| name: 'packageName', | ||
| message: 'Select package identifier:', | ||
| choices: [ | ||
| ...suggestions.map((s) => ({ | ||
| name: `${s}${PackageNameResolver.isReverseDomain(s) ? ' (recommended)' : ''}`, | ||
| value: s, | ||
| })), | ||
| { name: '→ Enter custom name', value: '__custom__' }, | ||
| ], | ||
| }, | ||
| ]); | ||
|
|
||
| // If custom selected, prompt for input | ||
| if (answer.packageName === '__custom__') { | ||
| const customAnswer = await inquirer.prompt([ | ||
| { | ||
| type: 'input', | ||
| name: 'customName', | ||
| message: 'Enter package name (e.g., com.company.app):', | ||
| validate: (input: string) => { | ||
| const validation = PackageNameResolver.validate(input); | ||
| if (!validation.valid) { | ||
| return validation.error || 'Invalid package name'; | ||
| } | ||
| if (validation.error) { | ||
| warn(validation.error); | ||
| } | ||
| return true; | ||
| }, | ||
| }, | ||
| ]); | ||
| return customAnswer.customName; | ||
| } | ||
|
|
||
| return answer.packageName; | ||
| } |
There was a problem hiding this comment.
The validation logic for the package name is duplicated for the manual input flow (lines 66-75) and the custom name flow (lines 104-113). To improve maintainability and reduce redundancy, you could extract this validation logic into a separate helper function that can be reused in both inquirer prompts.
const validatePackageName = (input: string) => {
const validation = PackageNameResolver.validate(input);
if (!validation.valid) {
return validation.error || 'Invalid package name';
}
if (validation.error) {
// This is a non-blocking warning
warn(validation.error);
}
return true;
};
// Then use it in both prompts:
// validate: validatePackageName| // Type conversion for known fields | ||
| if (lastKey === 'allowed' && Array.isArray(target[lastKey])) { | ||
| // Parse as array | ||
| try { | ||
| target[lastKey] = JSON.parse(value); | ||
| } catch { | ||
| return false; | ||
| } |
There was a problem hiding this comment.
The special handling for the allowed key, which requires the user to provide a JSON-formatted string for the array (e.g., '["dev", "prod"]'), is not very intuitive for a command-line interface. This could lead to user confusion and errors.
While dedicated commands like envg env add/remove are the long-term solution, for this generic set command, consider one of the following improvements:
- Disallow setting arrays: Throw an error if the user tries to set a value that is an array, and guide them to edit the file manually or wait for dedicated commands.
- Support comma-separated values: Parse a comma-separated string like
"dev,prod"into an array. This is a more common CLI pattern. - Add documentation: At a minimum, the command's description or help text should clarify the expected format for array values.
| static npmToReverseDomain(npmName: string): string { | ||
| if (!npmName) { | ||
| return 'local.my-app'; | ||
| } | ||
|
|
||
| // @envguard/node → dev.envguard.node | ||
| if (npmName.startsWith('@')) { | ||
| const parts = npmName.slice(1).split('/'); | ||
| return `dev.${parts.join('.')}`; | ||
| } | ||
|
|
||
| // my-app → local.my-app | ||
| return `local.${npmName}`; | ||
| } |
There was a problem hiding this comment.
This function falls back to 'local.my-app' if the input npmName is falsy (e.g., null or an empty string). While this provides a default, it happens implicitly. This could lead to unexpected behavior, for instance if detectNpmName returns null and this fallback is not the desired outcome.
To make the code more explicit and robust, consider adding a guard clause at the beginning of the function to handle falsy inputs clearly.
| static npmToReverseDomain(npmName: string): string { | |
| if (!npmName) { | |
| return 'local.my-app'; | |
| } | |
| // @envguard/node → dev.envguard.node | |
| if (npmName.startsWith('@')) { | |
| const parts = npmName.slice(1).split('/'); | |
| return `dev.${parts.join('.')}`; | |
| } | |
| // my-app → local.my-app | |
| return `local.${npmName}`; | |
| } | |
| static npmToReverseDomain(npmName: string): string { | |
| if (!npmName) { | |
| return 'local.my-app'; // Explicitly handle empty input | |
| } | |
| // @envguard/node → dev.envguard.node | |
| if (npmName.startsWith('@')) { | |
| const parts = npmName.slice(1).split('/'); | |
| return `dev.${parts.join('.')}`; | |
| } | |
| // my-app → local.my-app | |
| return `local.${npmName}`; | |
| } |
|
@gemini-code-assist review this PR |
There was a problem hiding this comment.
Code Review
This pull request introduces a comprehensive overhaul of the EnvGuard configuration system, including a new configuration schema (v2), CLI config management commands, and a fix for a race condition in the Node.js runtime. The changes aim to enhance enterprise readiness, improve developer experience, and ensure reliable secret loading. The review focuses on identifying potential issues related to correctness and security, as requested by the repository maintainer.
|
|
||
| ## Executive Summary | ||
|
|
||
| EnvGuard has **critical architectural gaps** that prevent it from being enterprise-ready: |
There was a problem hiding this comment.
This statement highlights critical architectural gaps. It would be beneficial to provide a brief overview of the existing architecture to give context to the identified gaps. This would help readers understand the severity and impact of these issues more effectively.
Consider adding a section briefly describing the current architecture before diving into the critical issues.
|
|
||
| | Risk | Impact | Mitigation | | ||
| | ----------------------------------- | ------ | -------------------------------------------- | | ||
| | Breaking changes for existing users | HIGH | Automatic migration + backward compatibility | |
There was a problem hiding this comment.
Mitigation strategies are mentioned here. It would be helpful to elaborate on how "Automatic migration + backward compatibility" mitigates the risk of breaking changes for existing users. Providing specific details or examples can increase confidence in the proposed solution.
| const configCommand = program | ||
| .command('config') | ||
| .description('Manage EnvGuard configuration'); | ||
|
|
||
| configCommand | ||
| .command('get <key>') | ||
| .description('Get a config value (supports dot notation)') | ||
| .option('-v, --verbose', 'Enable verbose logging', false) | ||
| .action(async (key: string, options) => { | ||
| await configGetAction(key, options); | ||
| }); | ||
|
|
||
| configCommand | ||
| .command('set <key> <value>') | ||
| .description('Set a config value (supports dot notation)') | ||
| .option('-v, --verbose', 'Enable verbose logging', false) | ||
| .action(async (key: string, value: string, options) => { | ||
| await configSetAction(key, value, options); | ||
| }); | ||
|
|
||
| configCommand | ||
| .command('list') | ||
| .description('List all config values') | ||
| .option('-v, --verbose', 'Enable verbose logging', false) | ||
| .action(async (options) => { | ||
| await configListAction(options); | ||
| }); | ||
|
|
||
| configCommand | ||
| .command('validate') | ||
| .description('Validate current config') | ||
| .option('-v, --verbose', 'Enable verbose logging', false) | ||
| .action(async (options) => { | ||
| await configValidateAction(options); | ||
| }); | ||
|
|
||
| configCommand | ||
| .command('backup') | ||
| .description('Backup current config') | ||
| .option('-o, --output <path>', 'Output path for backup file') | ||
| .option('-v, --verbose', 'Enable verbose logging', false) | ||
| .action(async (options) => { | ||
| await configBackupAction(options); | ||
| }); | ||
|
|
||
| configCommand | ||
| .command('restore <file>') | ||
| .description('Restore config from backup') | ||
| .option('-v, --verbose', 'Enable verbose logging', false) | ||
| .action(async (file: string, options) => { | ||
| await configRestoreAction(file, options); | ||
| }); | ||
|
|
||
| configCommand | ||
| .command('migrate') | ||
| .description('Migrate config from v1 to v2') | ||
| .option('--no-backup', 'Skip creating backup before migration') | ||
| .option('-v, --verbose', 'Enable verbose logging', false) | ||
| .action(async (options) => { | ||
| await configMigrateAction(options); | ||
| }); |
There was a problem hiding this comment.
The config command and its subcommands are registered directly within the cli.ts file. For better code organization and maintainability, consider moving the registration of these commands to a separate module or file (e.g., config-commands.ts) and importing them into cli.ts. This would improve the separation of concerns and make the code easier to navigate and test.
| * @param value - Value to set | ||
| * @returns True if successful | ||
| */ | ||
| function setNestedValue(obj: any, key: string, value: string): boolean { |
There was a problem hiding this comment.
The setNestedValue function modifies the config object directly. While this approach works, it might be beneficial to consider a more immutable approach where the function returns a new config object with the updated value. This can help prevent unintended side effects and make the code easier to reason about, especially as the config schema grows more complex.
| if (lastKey === 'allowed' && Array.isArray(target[lastKey])) { | ||
| // Parse as array | ||
| try { | ||
| target[lastKey] = JSON.parse(value); | ||
| } catch { | ||
| return false; | ||
| } | ||
| } else if (typeof target[lastKey] === 'boolean') { | ||
| target[lastKey] = value === 'true'; | ||
| } else if (typeof target[lastKey] === 'number') { | ||
| target[lastKey] = Number(value); | ||
| } else { |
There was a problem hiding this comment.
This logic handles type conversion for specific fields. Consider creating a more generic type conversion mechanism that can handle different data types and validation rules based on the config schema. This would make the code more extensible and easier to maintain as new config options are added.
| name: `${s}${PackageNameResolver.isReverseDomain(s) ? ' (recommended)' : ''}`, | ||
| value: s, | ||
| })), |
There was a problem hiding this comment.
The name property in the choices array is being constructed by concatenating the s variable with a ternary operator. This can be simplified by using a template literal, which improves readability.
Consider using a template literal to construct the name property for better readability.
| name: `${s}${PackageNameResolver.isReverseDomain(s) ? ' (recommended)' : ''}`, | |
| value: s, | |
| })), | |
| name: `${s}${PackageNameResolver.isReverseDomain(s) ? ' (recommended)' : ''}`, |
| static migrateV1ToV2( | ||
| v1Config: EnvGuardConfig, | ||
| cliVersion: string = '0.3.0' | ||
| ): EnvGuardConfigV2 { |
There was a problem hiding this comment.
The migrateV1ToV2 function uses a default CLI version. It would be better to pass the CLI version as an argument to ensure consistency and avoid hardcoding values. This makes the function more flexible and testable.
| static async performMigration( | ||
| configPath: string, | ||
| v1Config: EnvGuardConfig, | ||
| cliVersion: string = '0.3.0' | ||
| ): Promise<IMigrationResult> { |
There was a problem hiding this comment.
The performMigration function catches any error during the migration process. It would be beneficial to implement more specific error handling to differentiate between different types of errors (e.g., file I/O errors, JSON parsing errors) and provide more informative error messages to the user.
| if (!/^[@a-zA-Z0-9._/-]+$/.test(name)) { | ||
| return { | ||
| valid: false, | ||
| error: | ||
| 'Package name can only contain letters, numbers, dots, hyphens, underscores, and slashes', | ||
| }; | ||
| } |
There was a problem hiding this comment.
The regular expression ^[@a-zA-Z0-9._/-]+$ allows forward slashes, which might not be desirable in all contexts. Consider whether forward slashes should be explicitly allowed or disallowed based on the requirements for package names.
|
|
||
| ### 3. Use in your app | ||
|
|
||
| ⚠️ **v0.3.0 Breaking Change**: Auto-loading removed. See [MIGRATION_GUIDE_V03.md](./MIGRATION_GUIDE_V03.md) |
There was a problem hiding this comment.
This line indicates a breaking change. Consider adding a more direct link to the migration guide within this README for users who are upgrading.
This release introduces significant architectural improvements to EnvGuard's configuration system, enabling enterprise readiness and addressing a critical race condition in the Node.js runtime.
Key Changes:
Config System Overhaul (v2):
EnvGuardConfigV2schema, providing a more structured and extensible configuration format for projects.PackageNameResolverto support globally unique package identifiers, including reverse-domain notation, and provides validation and suggestions during project initialization (envg init).ConfigMigratorto automatically detect and migrate existing v1 configurations to the new v2 schema upon the first command execution, ensuring a smooth transition with automatic backups.CLI Config Management:
envg configcommands:get,set,list,validate,backup,restore, andmigrate.Node.js Runtime Fix (v0.3.0 Breaking Change):
require('@envguard/node/config')and Node.js--requirehook) from the@envguard/nodepackage.await require('@envguard/node').config()).MIGRATION_GUIDE_V03.mdto assist users in updating their Node.js applications to the new explicit loading pattern.Benefits: