Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Build(deps): Bump dotenv from 16.5.0 to 17.0.0 #200

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 1, 2025
Merged

Build(deps): Bump dotenv from 16.5.0 to 17.0.0 #200

merged 1 commit into from
Jul 1, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 1, 2025
edited
Loading

Bumps dotenv from 16.5.0 to 17.0.0.

Changelog

Sourced from dotenv's changelog.

17.0.0 (2025-06-27)

Changed

  • Default quiet to false - informational (file and keys count) runtime log message shows by default (#875)

16.6.1 (2025-06-27)

Changed

  • Default quiet to true – hiding the runtime log message (#874)
  • NOTICE: 17.0.0 will be released with quiet defaulting to false. Use config({ quiet: true }) to suppress.
  • And check out the new dotenvx. As coding workflows evolve and agents increasingly handle secrets, encrypted .env files offer a much safer way to deploy both agents and code together with secure secrets. Simply switch require('dotenv').config() for require('@dotenvx/dotenvx').config().

16.6.0 (2025-06-26)

Added

  • Default log helpful message [[email protected]] injecting env (1) from .env (#870)
  • Use { quiet: true } to suppress
  • Aligns dotenv more closely with dotenvx.
Commits
  • f28bfd5 17.0.0
  • 3348b36 changelog πŸͺ΅
  • a814691 Merge pull request #875 from motdotla/quiet-true
  • e8978b0 mention dotenvx in runtime message to point people to safer .env files
  • 661b247 update README with quiet option
  • b1d4a78 quiet defaults to false - use quiet: true to suppress info log
  • 6acdb0a changelog πŸͺ΅
  • 076ba3b 16.6.1
  • 8867fe0 changelog πŸͺ΅
  • 424c32d Merge pull request #874 from motdotla/default-quiet-to-true
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependabot Dependabot issues and PRs npm Node.js issues and PRs labels Jul 1, 2025
@dependabot dependabot bot requested a review from ncalteen as a code owner July 1, 2025 12:49
@dependabot dependabot bot added dependabot Dependabot issues and PRs npm Node.js issues and PRs labels Jul 1, 2025
@github-actions
Copy link

github-actions bot commented Jul 1, 2025
edited
Loading

πŸ¦™ MegaLinter status: ❌ ERROR

Descriptor Linter Files Fixed Errors Warnings Elapsed time
βœ… ACTION actionlint 5 0 0 0.13s
βœ… JAVASCRIPT prettier 11 0 0 3.68s
βœ… JSON npm-package-json-lint yes no no 0.83s
βœ… JSON prettier 29 0 0 1.72s
βœ… MARKDOWN markdownlint 9 0 0 1.14s
βœ… REPOSITORY checkov yes no no 23.26s
βœ… REPOSITORY gitleaks yes no no 1.41s
βœ… REPOSITORY git_diff yes no no 0.01s
❌ REPOSITORY grype yes 3 no 43.9s
βœ… REPOSITORY secretlint yes no no 0.94s
βœ… REPOSITORY syft yes no no 6.36s
βœ… REPOSITORY trivy yes no no 13.35s
βœ… REPOSITORY trivy-sbom yes no no 5.3s
βœ… REPOSITORY trufflehog yes no no 29.01s
βœ… TYPESCRIPT prettier 82 0 0 4.44s
βœ… YAML prettier 24 0 0 0.84s
βœ… YAML yamllint 24 0 0 0.76s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by OX Security

@dependabot
Build(deps): Bump dotenv from 16.5.0 to 17.0.0
f951123 
Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.5.0 to 17.0.0.
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.5.0...v17.0.0)

---
updated-dependencies:
- dependency-name: dotenv
  dependency-version: 17.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/dotenv-17.0.0 branch from 75e4280 to f951123 Compare July 1, 2025 14:27
@ncalteen ncalteen merged commit 25552a2 into main Jul 1, 2025
13 of 14 checks passed
@ncalteen ncalteen deleted the dependabot/npm_and_yarn/dotenv-17.0.0 branch July 1, 2025 14:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ncalteen ncalteen ncalteen approved these changes

Assignees

No one assigned

Labels

dependabot Dependabot issues and PRs npm Node.js issues and PRs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ncalteen