{"id":20832211,"url":"https://github.com/scbd/dotawsenv","last_synced_at":"2026-04-21T17:35:08.270Z","repository":{"id":51284531,"uuid":"364351532","full_name":"scbd/dotawsenv","owner":"scbd","description":null,"archived":false,"fork":false,"pushed_at":"2023-02-15T19:37:31.000Z","size":136,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-12-12T18:57:07.932Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/scbd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"license","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-05-04T18:34:52.000Z","updated_at":"2023-02-09T18:39:24.000Z","dependencies_parsed_at":"2024-11-18T01:35:43.986Z","dependency_job_id":null,"html_url":"https://github.com/scbd/dotawsenv","commit_stats":{"total_commits":6,"total_committers":3,"mean_commits":2.0,"dds":0.5,"last_synced_commit":"25bb28c6d38f6cfdc9cba53cb9cc1690414b9949"},"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/scbd/dotawsenv","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scbd%2Fdotawsenv","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scbd%2Fdotawsenv/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scbd%2Fdotawsenv/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scbd%2Fdotawsenv/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/scbd","download_url":"https://codeload.github.com/scbd/dotawsenv/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scbd%2Fdotawsenv/sbom","scorecard":{"id":803583,"data":{"date":"2025-08-11","repo":{"name":"github.com/scbd/dotawsenv","commit":"25bb28c6d38f6cfdc9cba53cb9cc1690414b9949"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.8,"checks":[{"name":"Code-Review","score":3,"reason":"Found 2/6 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/npm-publish.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/scbd/dotawsenv/npm-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/scbd/dotawsenv/npm-publish.yml/master?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/npm-publish.yml:17","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: license:0","Info: FSF or OSI recognized license: MIT License: license:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 4 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Vulnerabilities","score":0,"reason":"13 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7","Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T11:11:41.945Z","repository_id":51284531,"created_at":"2025-08-23T11:11:41.945Z","updated_at":"2025-08-23T11:11:41.945Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32102438,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-21T11:25:29.218Z","status":"ssl_error","status_checked_at":"2026-04-21T11:25:28.499Z","response_time":128,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-18T00:10:45.674Z","updated_at":"2026-04-21T17:35:08.243Z","avatar_url":"https://github.com/scbd.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# **dotawsenv**\n\nThe project was inspired by [dotenv](https://github.com/motdotla/dotenv) and uses dotenv as dependency to load the config file. The idea is similar to dotenv and but in dotawsenv case the information is loaded from AWS secret manager. if the `.awsenv` file is found and if the environment variable declared do not have value than the lib will fetch the value from AWS Secret Manager.\n\nThe seret name is the value of the env variables in `.awsenv` file.\n\n## Install\n\n```bash\n# with npm\nnpm install dotawsenv\n\n# or with Yarn\nyarn add dotawsenv\n```\n\n## Usage\n\nAs early as possible in your application, require and configure dotawsenv.\n\n```javascript\nrequire('dotawsenv').config()\n```\n\n\nCreate a `.awsenv` file in the root directory of your project. Add\nenvironment-specific variables on new lines in the form of `NAME=VALUE`.\nFor example:\n\n```dosini\nDB_CREDENTIALS=msSQLCredentials\n```\nThe lib will fetch `msSQLCredentials` from AWS Secret Manager into DB_CREDENTIALS set inside `process.env` in format (string/binary) you have set in AWS Secret Manger.\n\n```javascript\nconst db = require('db')\nconst dbCredential = JSON.parse(process.env.DB_CREDENTIALS);\n\ndb.connect({\n  host: 'hostName',\n  username: dbCredential.userName,\n  password: dbCredential.password\n})\n```\n\n### Preload\n\nYou can use the `--require` (`-r`) [command line option](https://nodejs.org/api/cli.html#cli_r_require_module) to preload dotawsenv. By doing this, you do not need to require and load dotawsenv in your application code. This is the preferred approach when using `import` instead of `require`.\n\n```bash\n$ node -r dotawsenv/config your_script.js\n```\n\nYou can also chain with dotenv \n\n```bash\n$ node -r dotenv/config -r dotawsenv/config your_script.js\n```\n\nThe configuration options below are supported as command line arguments in the format `dotawsenv_config_\u003coption\u003e=value`\n\n```bash\n$ node -r dotawsenv/config your_script.js dotawsenv_config_path=/custom/path/to/.env dotawsenv_config_accessKeyId=ABSCHDH dotawsenv_config_secretAccessKey=DHYETHJD\n```\n\nAdditionally, you can use environment variables to set configuration options. Command line arguments will precede these.\n\n```bash\n$ dotawsenv_CONFIG_\u003cOPTION\u003e=value node -r dotawsenv/config your_script.js\n```\n\n```bash\n$ DOTAWSENV_CONFIG_ACCESS_KEY_ID=ABSCHDH DOTAWSENV_CONFIG_SECRET_ACCESS_KEY=DHYETHJD dotawsenv_CONFIG_ENCODING=latin1 node -r dotawsenv/config your_script.js dotawsenv_config_path=/custom/path/to/.awsenv\n```\n\n## Config\n\n`config` will read your `.awsenv` file, parse the contents, assign it to\n[`process.env`](https://nodejs.org/docs/latest/api/process.html#process_process_env),\nand return an Object with a `parsed` key containing the loaded content or an `error` key if it failed.\n\n```js\nconst result = dotawsenv.config()\n\nif (result.error) {\n  throw result.error\n}\n\nconsole.log(result.parsed)\n```\n\nYou can additionally, pass options to `config`.\n\n### Options\n\n| option            | cli param                          | | description |\n| ------            | -----------                        | -- | ----------- |\n| path              | dotawsenv_config_path              | `optional`, default: `path.resolve(process.cwd(), '.env')` | You may specify a custom path if your file containing environment variables is located elsewhere.|\n| encoding          | dotawsenv_config_encoding          | `optional`| You may specify the encoding of your file containing environment variables. |\n| accessKeyId       | dotawsenv_config_accessKeyId       | `required`, default: `AWS SDK will look for .aws file` | AWS Access Key|\n| secretAccessKey   | dotawsenv_config_secretAccessKey   | `required`, default: `AWS SDK will look for .aws file` | AWS Secret key |\n| region            | dotawsenv_config_region            | `required`, default: `AWS SDK will look for .aws file` | AWS secret region  |\n| async             | dotawsenv_config_async             | `optional`, default `false` | To run in async mode. |\n| debug             | dotawsenv_config_debug             | `optional`| To turn on debugging. |","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscbd%2Fdotawsenv","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fscbd%2Fdotawsenv","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscbd%2Fdotawsenv/lists"}