Skip to content

Bump dotenv from 8.6.0 to 16.3.0

Hannes Heine requested to merge dependabot/npm_and_yarn/dotenv-16.3.0 into master

Created by: dependabot[bot]

Bumps dotenv from 8.6.0 to 16.3.0.

Changelog

Sourced from dotenv's changelog.

16.3.0 (2023-06-16)

Added

  • Optionally pass DOTENV_KEY to options rather than relying on process.env.DOTENV_KEY. Defaults to process.env.DOTENV_KEY #754

16.2.0 (2023-06-15)

Added

  • Optionally write to your own target object rather than process.env. Defaults to process.env. #753
  • Add import type URL to types file #751

16.1.4 (2023-06-04)

Added

  • Added .github/ to .npmignore #747

16.1.3 (2023-05-31)

Removed

  • Removed browser keys for path, os, and crypto in package.json. These were set to false incorrectly as of 16.1. Instead, if using dotenv on the front-end make sure to include polyfills for path, os, and crypto. node-polyfill-webpack-plugin provides these.

16.1.2 (2023-05-31)

Changed

  • Exposed private function _configDotenv as configDotenv. #744

16.1.1 (2023-05-30)

Added

  • Added type definition for decrypt function

Changed

  • Fixed {crypto: false} in packageJson.browser

16.1.0 (2023-05-30)

Added

  • Add populate convenience method #733
  • Accept URL as path option #720
  • Add dotenv to npm fund command
  • Spanish language README #698
  • Add .env.vault support. 🎉 (#730)

... (truncated)

Commits
  • 76d3682 16.3.0
  • 80219ae Merge pull request #754 from motdotla/dotenv-key-option
  • dacd450 Add DOTENV_KEY to cli config and environment config options
  • f20e646 Add options.DOTENV_KEY
  • 5861f6a Add failing test demonstrating need for DOTENV_KEY option
  • 4f48954 Update README
  • ab578c1 Add example of writing to a custom object rather than process.env
  • a0e21a5 16.2.0
  • 406f2c3 Merge pull request #753 from motdotla/target
  • ea8db8c update README
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Merge request reports