/** * Minimal root options shape shared by CLI and generator layers. * Keep keys optional to respect exactOptionalPropertyTypes semantics. * * @public */ interface RootOptionsShape { /** Target environment (dotenv-expanded). */ env?: string; /** Explicit variable overrides (dotenv-expanded). */ vars?: string; /** Command to execute (dotenv-expanded). */ command?: string; /** Output path for the consolidated environment file (dotenv-expanded). */ outputPath?: string; /** * Shell execution strategy. * - `true`: use default OS shell. * - `false`: use plain execution (no shell). * - string: use specific shell path. */ shell?: string | boolean; /** Whether to load variables into `process.env`. */ loadProcess?: boolean; /** Exclude all variables from loading. */ excludeAll?: boolean; /** Exclude dynamic variables. */ excludeDynamic?: boolean; /** Exclude environment-specific variables. */ excludeEnv?: boolean; /** Exclude global variables. */ excludeGlobal?: boolean; /** Exclude private variables. */ excludePrivate?: boolean; /** Exclude public variables. */ excludePublic?: boolean; /** Enable console logging of loaded variables. */ log?: boolean; /** Enable debug logging to stderr. */ debug?: boolean; /** Capture child process stdio (useful for tests/CI). */ capture?: boolean; /** Fail on validation errors (schema/requiredKeys). */ strict?: boolean; /** Enable presentation-time redaction of secret-like keys. */ redact?: boolean; /** Enable entropy warnings for high-entropy values. */ warnEntropy?: boolean; /** Entropy threshold (bits/char) for warnings (default 3.8). */ entropyThreshold?: number; /** Minimum string length to check for entropy (default 16). */ entropyMinLength?: number; /** Regex patterns for keys to exclude from entropy checks. */ entropyWhitelist?: ReadonlyArray; /** Additional regex patterns for keys to redact. */ redactPatterns?: string[]; /** Default target environment when not specified. */ defaultEnv?: string; /** Env var name in global dotenv files that specifies the default environment. */ defaultEnvKey?: string; /** Token indicating a dotenv file (default: ".env"). */ dotenvToken?: string; /** Path to dynamic variables module (default: undefined). */ dynamicPath?: string; /** * Emit diagnostics for child env composition. * - `true`: trace all keys. * - `string[]`: trace selected keys. */ trace?: boolean | string[]; /** Paths to search for dotenv files (space-delimited string or array). */ paths?: string | string[]; /** Delimiter for paths string (default: space). */ pathsDelimiter?: string; /** Regex pattern for paths delimiter. */ pathsDelimiterPattern?: string; /** Token indicating private variables (default: "local"). */ privateToken?: string; /** Delimiter for vars string (default: space). */ varsDelimiter?: string; /** Regex pattern for vars delimiter. */ varsDelimiterPattern?: string; /** Assignment operator for vars (default: "="). */ varsAssignor?: string; /** Regex pattern for vars assignment operator. */ varsAssignorPattern?: string; /** Table of named scripts for execution. */ scripts?: ScriptsTable; } /** * Definition for a single script entry. */ interface ScriptDef { /** The command string to execute. */ cmd: string; /** Shell override for this script. */ shell?: TShell | undefined; } /** * Scripts table shape. */ type ScriptsTable = Record>; /** * A minimal representation of an environment key/value mapping. * Values may be `undefined` to represent "unset". */ type ProcessEnv = Record; /** * Unify Scripts via the generic ScriptsTable so shell types propagate. */ type Scripts = ScriptsTable; /** * Resolved configuration object type returned by {@link getDotenvConfigSchemaResolved}. * * @public */ type GetDotenvConfigResolved = { /** * Help-time/runtime root defaults applied by the host (collapsed families; CLI‑like). */ rootOptionDefaults?: Partial; /** * Help-time visibility for root flags; when a key is false the corresponding * option(s) are hidden in root help output. */ rootOptionVisibility?: Partial>; /** * Merged scripts table for resolving commands and shell behavior. * Entries may be strings or objects with `cmd` and optional `shell`. */ scripts?: Scripts; /** * Keys required to be present in the final composed environment. * Validation occurs after overlays and dynamics. */ requiredKeys?: string[]; /** * Optional validation schema (e.g., Zod). When present and it exposes * `safeParse(finalEnv)`, the host executes it once after overlays. */ schema?: unknown; /** * Public global variables (string‑only). */ vars?: Record; /** * Public per‑environment variables (string‑only). */ envVars?: Record>; /** * Dynamic variable definitions (JS/TS configs only). */ dynamic?: unknown; /** * Per‑plugin configuration slices keyed by realized mount path * (for example, "aws/whoami"). */ plugins?: Record; }; /** * Privacy scope of a configuration file ('public' is checked into git, 'local' is gitignored). */ type ConfigPrivacy = 'public' | 'local'; /** * Origin scope of a configuration file ('packaged' inside the library, 'project' in the consumer repo). */ type ConfigScope = 'packaged' | 'project'; /** * Represents a discovered configuration file. */ interface ConfigFile { /** Absolute path to the config file. */ path: string; /** Privacy scope (public vs local). */ privacy: ConfigPrivacy; /** Origin scope (packaged vs project). */ scope: ConfigScope; } /** * Discover JSON/YAML config files in the packaged root and project root. * Order: packaged public → project public → project local. */ declare const discoverConfigFiles: (importMetaUrl?: string) => Promise; /** * Load a single config file (JSON/YAML). JS/TS is not supported in this step. * Validates with Zod RAW schema, then normalizes to RESOLVED. * * For JSON/YAML: if a "dynamic" property is present, throws with guidance. * For JS/TS: default export is loaded; "dynamic" is allowed. */ declare const loadConfigFile: (filePath: string) => Promise; /** * Loaded configuration sources keyed by origin scope and privacy. * * This is the primary output of {@link resolveGetDotenvConfigSources}. * * @public */ interface ResolvedConfigSources { /** Configuration from the package root (public only). */ packaged?: GetDotenvConfigResolved; /** Configuration from the project root. */ project?: { /** Project public configuration. */ public?: GetDotenvConfigResolved; /** Project local configuration. */ local?: GetDotenvConfigResolved; }; } /** * Discover and load configs into resolved shapes, ordered by scope/privacy. * JSON/YAML/JS/TS supported; first match per scope/privacy applies. */ declare const resolveGetDotenvConfigSources: (importMetaUrl?: string) => Promise; /** * Utility primarily for tests: create a file: URL string from a path. * @param p - File path. */ declare const toFileUrl: (p: string) => string; /** * Validate a composed env against config-provided validation surfaces. * Precedence for validation definitions: * project.local -\> project.public -\> packaged * * Behavior: * - If a JS/TS `schema` is present, use schema.safeParse(finalEnv). * - Else if `requiredKeys` is present, check presence (value !== undefined). * - Returns a flat list of issue strings; caller decides warn vs fail. * * @param finalEnv - Final composed environment to validate. * @param sources - Resolved config sources providing `schema` and/or `requiredKeys`. * @returns A list of human-readable issue strings (empty when valid). */ declare const validateEnvAgainstSources: (finalEnv: ProcessEnv, sources: ResolvedConfigSources) => string[]; export { discoverConfigFiles, loadConfigFile, resolveGetDotenvConfigSources, toFileUrl, validateEnvAgainstSources }; export type { ConfigFile, ConfigPrivacy, ConfigScope, ResolvedConfigSources };