Update dependency dotenv to v16.4.7

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
dotenv	16.0.3 -> 16.4.7

---

Release Notes

motdotla/dotenv (dotenv)

v16.4.7

Compare Source

Changed

• Ignore .tap folder when publishing. (oops, sorry about that everyone. - @​motdotla) #​848

v16.4.6

Compare Source

Changed

• Clean up stale dev dependencies #​847
• Various README updates clarifying usage and alternative solutions using dotenvx

v16.4.5

Compare Source

Changed

• 🐞 fix recent regression when using path option. return to historical behavior: do not attempt to auto find .env if path set. (regression was introduced in 16.4.3) #​814

v16.4.4

Compare Source

Changed

• 🐞 Replaced chaining operator ?. with old school && (fixing node 12 failures) #​812

v16.4.3

Compare Source

Changed

• Fixed processing of multiple files in options.path #​805

v16.4.2

Compare Source

Changed

• Changed funding link in package.json to dotenvx.com

v16.4.1

Compare Source

• Patch support for array as path option #​797

v16.4.0

Compare Source

• Add error.code to error messages around .env.vault decryption handling #​795
• Add ability to find .env.vault file when filename(s) passed as an array #​784

v16.3.2

Compare Source

Added

• Add debug message when no encoding set #​735

Changed

• Fix output typing for populate #​792
• Use subarray instead of slice #​793

v16.3.1

Compare Source

Added

• Add missing type definitions for processEnv and DOTENV_KEY options. #​756

v16.3.0

Compare Source

Added

• Optionally pass DOTENV_KEY to options rather than relying on process.env.DOTENV_KEY. Defaults to process.env.DOTENV_KEY #​754

v16.2.0

Compare Source

Added

• Optionally write to your own target object rather than process.env. Defaults to process.env. #​753
• Add import type URL to types file #​751

v16.1.4

Compare Source

Added

• Added .github/ to .npmignore #​747

v16.1.3

Compare Source

Removed

• Removed browser keys for path, os, and crypto in package.json. These were set to false incorrectly as of 16.1. Instead, if using dotenv on the front-end make sure to include polyfills for path, os, and crypto. node-polyfill-webpack-plugin provides these.

v16.1.2

Compare Source

Changed

• Exposed private function _configDotenv as configDotenv. #​744

v16.1.1

Compare Source

Added

• Added type definition for decrypt function

Changed

• Fixed {crypto: false} in packageJson.browser

v16.1.0

Compare Source

Added

• Add populate convenience method #​733
• Accept URL as path option #​720
• Add dotenv to npm fund command
• Spanish language README #​698
• Add .env.vault support. 🎉 (#​730)

ℹ️ .env.vault extends the .env file format standard with a localized encrypted vault file. Package it securely with your production code deploys. It's cloud agnostic so that you can deploy your secrets anywhere – without risky third-party integrations. read more

Changed

• Fixed "cannot resolve 'fs'" error on tools like Replit #​693

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report↗︎

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/dotenv@16.4.7	None	0	75.8 kB	motdotenv, motdotla, scottmotte, ...1 more

🚮 Removed packages: npm/dotenv@16.0.3

View full report↗︎