From d613bfa0410e7ef8451fc8ea20e57a7db67f7994 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 8 Jul 2025 10:59:03 -0400 Subject: [PATCH] fix(deps): update dependency dotenv to v17 (#1474) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [dotenv](https://redirect.github.com/motdotla/dotenv) | [`16.5.0` -> `17.1.0`](https://renovatebot.com/diffs/npm/dotenv/16.5.0/17.1.0) | [![age](https://developer.mend.io/api/mc/badges/age/npm/dotenv/17.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/dotenv/16.5.0/17.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes
motdotla/dotenv (dotenv) ### [`v17.1.0`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1710-2025-07-07) [Compare Source](https://redirect.github.com/motdotla/dotenv/compare/v17.0.1...v17.1.0) ##### Added - Add additional security and configuration tips to the runtime log ([#​884](https://redirect.github.com/motdotla/dotenv/pull/884)) - Dim the tips text from the main injection information text ```js const TIPS = [ '🔐 encrypt with dotenvx: https://dotenvx.com', '🔐 prevent committing .env to code: https://dotenvx.com/precommit', '🔐 prevent building .env in docker: https://dotenvx.com/prebuild', '🛠️ run anywhere with `dotenvx run -- yourcommand`', '⚙️ specify custom .env file path with { path: \'/custom/path/.env\' }', '⚙️ enable debug logging with { debug: true }', '⚙️ override existing env vars with { override: true }', '⚙️ suppress all logs with { quiet: true }', '⚙️ write to custom object with { processEnv: myObject }', '⚙️ load multiple .env files with { path: [\'.env.local\', \'.env\'] }' ] ``` ### [`v17.0.1`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1701-2025-07-01) [Compare Source](https://redirect.github.com/motdotla/dotenv/compare/v17.0.0...v17.0.1) ##### Changed - Patched injected log to count only populated/set keys to process.env ([#​879](https://redirect.github.com/motdotla/dotenv/pull/879)) ### [`v17.0.0`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1700-2025-06-27) [Compare Source](https://redirect.github.com/motdotla/dotenv/compare/v16.6.1...v17.0.0) ##### Changed - Default `quiet` to false - informational (file and keys count) runtime log message shows by default ([#​875](https://redirect.github.com/motdotla/dotenv/pull/874)) ### [`v16.6.1`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1661-2025-06-27) [Compare Source](https://redirect.github.com/motdotla/dotenv/compare/v16.6.0...v16.6.1) ##### Changed - Default `quiet` to true – hiding the runtime log message ([#​874](https://redirect.github.com/motdotla/dotenv/pull/874)) - NOTICE: 17.0.0 will be released with quiet defaulting to false. Use `config({ quiet: true })` to suppress. - And check out the new [dotenvx](https://redirect.github.com/dotenvx/dotenvx). As coding workflows evolve and agents increasingly handle secrets, encrypted .env files offer a much safer way to deploy both agents and code together with secure secrets. Simply switch `require('dotenv').config()` for `require('@​dotenvx/dotenvx').config()`. ### [`v16.6.0`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1660-2025-06-26) [Compare Source](https://redirect.github.com/motdotla/dotenv/compare/v16.5.0...v16.6.0) ##### Added - Default log helpful message `[dotenv@16.6.0] injecting env (1) from .env` ([#​870](https://redirect.github.com/motdotla/dotenv/pull/870)) - Use `{ quiet: true }` to suppress - Aligns dotenv more closely with [dotenvx](https://redirect.github.com/dotenvx/dotenvx).
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/unraid/api). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- api/package.json | 2 +- pnpm-lock.yaml | 10 ++++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/api/package.json b/api/package.json index fd8c0fafe..a29e5d076 100644 --- a/api/package.json +++ b/api/package.json @@ -98,7 +98,7 @@ "cross-fetch": "4.1.0", "diff": "8.0.2", "dockerode": "4.0.7", - "dotenv": "16.5.0", + "dotenv": "17.1.0", "execa": "9.6.0", "exit-hook": "4.0.0", "fastify": "5.4.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 278e714b4..1a36ef9cb 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -169,8 +169,8 @@ importers: specifier: 4.0.7 version: 4.0.7 dotenv: - specifier: 16.5.0 - version: 16.5.0 + specifier: 17.1.0 + version: 17.1.0 execa: specifier: 9.6.0 version: 9.6.0 @@ -6653,6 +6653,10 @@ packages: resolution: {integrity: sha512-m/C+AwOAr9/W1UOIZUo232ejMNnJAJtYQjUbHoNTBNTJSvqzzDh7vnrei3o3r3m9blf6ZoDkvcw0VmozNRFJxg==} engines: {node: '>=12'} + dotenv@17.1.0: + resolution: {integrity: sha512-tG9VUTJTuju6GcXgbdsOuRhupE8cb4mRgY5JLRCh4MtGoVo3/gfGUtOMwmProM6d0ba2mCFvv+WrpYJV6qgJXQ==} + engines: {node: '>=12'} + dotgitignore@2.1.0: resolution: {integrity: sha512-sCm11ak2oY6DglEPpCB8TixLjWAxd3kJTs6UIcSasNYxXdFPV+YKlye92c8H4kKFqV5qYMIh7d+cYecEg0dIkA==} engines: {node: '>=6'} @@ -19316,6 +19320,8 @@ snapshots: dotenv@16.5.0: {} + dotenv@17.1.0: {} + dotgitignore@2.1.0: dependencies: find-up: 3.0.0