Skip to content

fix(deps): update dependency dotenv to v17 #94

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update dependency dotenv to v17 #94

wants to merge 1 commit into from
+6 −6

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 27, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
dotenv ^16.4.5 -> ^17.0.0 age confidence

Release Notes

motdotla/dotenv (dotenv)

v17.2.2

Compare Source

Added
  • 🙏 A big thank you to new sponsor Tuple.app - the premier screen sharing app for developers on macOS and Windows. Go check them out. It's wonderful and generous of them to give back to open source by sponsoring dotenv. Give them some love back.

v17.2.1

Compare Source

Changed
  • Fix clickable tip links by removing parentheses (#​897)

v17.2.0

Compare Source

Added
  • Optionally specify DOTENV_CONFIG_QUIET=true in your environment or .env file to quiet the runtime log (#​889)
  • Just like dotenv any DOTENV_CONFIG_ environment variables take precedence over any code set options like ({quiet: false})


v17.1.0


Compare Source


Added


    

  • Add additional security and configuration tips to the runtime log (#​884)
    • 

  • Dim the tips text from the main injection information text
    • 



const TIPS = [
  '🔐 encrypt with dotenvx: https://dotenvx.com',
  '🔐 prevent committing .env to code: https://dotenvx.com/precommit',
  '🔐 prevent building .env in docker: https://dotenvx.com/prebuild',
  '🛠️  run anywhere with `dotenvx run -- yourcommand`',
  '⚙️  specify custom .env file path with { path: \'/custom/path/.env\' }',
  '⚙️  enable debug logging with { debug: true }',
  '⚙️  override existing env vars with { override: true }',
  '⚙️  suppress all logs with { quiet: true }',
  '⚙️  write to custom object with { processEnv: myObject }',
  '⚙️  load multiple .env files with { path: [\'.env.local\', \'.env\'] }'
]


v17.0.1


Compare Source


Changed


    

  • Patched injected log to count only populated/set keys to process.env (#​879)
    • 



v17.0.0


Compare Source


Changed


    

  • Default quiet to false - informational (file and keys count) runtime log message shows by default (#​875)
    • 



v16.6.1


Compare Source


Changed


    

  • Default quiet to true – hiding the runtime log message (#​874)
    • 

  • NOTICE: 17.0.0 will be released with quiet defaulting to false. Use config({ quiet: true }) to suppress.
    • 

  • And check out the new dotenvx. As coding workflows evolve and agents increasingly handle secrets, encrypted .env files offer a much safer way to deploy both agents and code together with secure secrets. Simply switch require('dotenv').config() for require('@​dotenvx/dotenvx').config().
    • 



v16.6.0


Compare Source


Added


    

  • Default log helpful message [[email protected]] injecting env (1) from .env (#​870)
    • 

  • Use { quiet: true } to suppress
    • 

  • Aligns dotenv more closely with dotenvx.
    • 







Configuration


📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).


🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.


Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.


🔕 Ignore: Close this PR and you won't be reminded about this update again.




    

  •  If you want to rebase/retry this PR, check this box
    • 





This PR was generated by Mend Renovate. View the repository job log.


    

  
  



      


          

          
  
  

    
  
    
    

  

  

  



          

        
      




  




      

       
            



      

  
      



  

  @coderabbitai

    
      coderabbitai
    




  



    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
    Contributor


      

  


  

    

      

      
            coderabbitai
  bot

      

      

      commented


        Jun 27, 2025


      
  

  

    
      

        
          edited
          
        
        
      

    
    
      
  
        
      Loading


  
    
  



    


  





      


        



  
    

      
          


Important


Review skipped


Bot user detected.


To trigger a single review, invoke the @coderabbitai review command.


You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.









🪧 Tips

Chat


There are 3 ways to chat with CodeRabbit:


    

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:

      

    • I pushed a fix in commit <commit_id>, please review it.
      • 

    • Open a follow-up GitHub issue for this discussion.
      • 

    

    • 

  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
    • 

  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:

      

    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
      • 

    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
      • 

    

    • 



Support


Need help? Join our Discord community for assistance with any issues or questions.


CodeRabbit Commands (Invoked using PR/Issue comments)


Type @coderabbitai help to get the list of available commands.


Other keywords and placeholders


    

  • Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
    • 

  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
    • 

  • Add @coderabbitai anywhere in the PR title to generate the title automatically.
    • 



CodeRabbit Configuration File (.coderabbit.yaml)


    

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
    • 

  • Please see the configuration documentation for more information.
    • 

  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
    • 



Status, Documentation and Community


    

  • Visit our Status Page to check the current availability of CodeRabbit.
    • 

  • Visit our Documentation for detailed information on how to use CodeRabbit.
    • 

  • Join our Discord Community to get help, request features, and share feedback.
    • 

  • Follow us on X/Twitter for updates and announcements.
    • 





      		
    

  





        


            

            
            

              
            

        

      


      

            
  
  

    
  
    
    

  

  

  


    












      

  
          

  
  

  
      @renovate
  renovate
bot

        force-pushed
    the
        
      
  renovate/dotenv-17.x


    
 branch
    from
    f664d83    to
    1fdc4e3      
    Compare
  



    July 25, 2025 01:05    
    









      

  
        





      

  
          

  
  

  
      @renovate
  renovate
bot

        force-pushed
    the
        
      
  renovate/dotenv-17.x


    
 branch
    from
    1fdc4e3    to
    47e8d73      
    Compare
  



    September 3, 2025 00:40    
    













  
  

    

      

  




      


    


    

      

        
      

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



      

    

  




  
          



      

  

    
    

    

  

    Reviewers
  


    

    No reviews






    

  


      
  

    Assignees
  



        


    No one assigned







      


  


  

    Labels
  



    

    None yet







      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    

      
        

          
  

    Development
  



            


Successfully merging this pull request may close these issues.





  
  



      
    

  




      

    

  
      

  

    

      0 participants