Add password prompt fallback and stdin handling for envcrypt

[deeprave]

• envcrypt: Added a fallback prompt for passwords when stdin is a terminal.
• Updated input file rules for encrypted .env handling
• Replacing /-based paths with @ prefix for file reading.
• Updated documentation to reflect encrypted environment file usage and compatibility.

Summary by Sourcery

Add support for encrypted environment files and a password prompt fallback for the envcrypt utility.

New Features:

• Support AES-256 encrypted environment files using the .env.enc extension. The envcrypt utility encrypts and decrypts environment files.
• Implement a fallback mechanism in envcrypt to prompt for the password when stdin is a terminal.

Tests:

• Updated input file rules for encrypted .env handling.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request introduces a fallback password prompt for the envcrypt utility when stdin is a terminal, updates input file rules for encrypted .env handling, replaces /-based paths with @ prefix for file reading, and updates documentation to reflect these changes.

Sequence diagram for password handling in envcrypt

sequenceDiagram
    actor User
    participant Envcrypt
    participant FileSystem
    participant Terminal

    alt Password provided via command line
        User->>Envcrypt: Run with -P/--password
        Envcrypt->>Envcrypt: Use provided password
    else Password from environment
        User->>Envcrypt: Run with -E/--environ
        Envcrypt->>Envcrypt: Read from environment variable
    else Password from file
        User->>Envcrypt: Run with -F/--file @filepath
        Envcrypt->>FileSystem: Read password from file
        FileSystem-->>Envcrypt: Return password
    else No password provided and stdin is terminal
        User->>Envcrypt: Run without password
        Envcrypt->>Terminal: Prompt for password
        Terminal-->>User: Display password prompt
        User->>Terminal: Enter password
        Terminal-->>Envcrypt: Return password
    end

    Envcrypt->>Envcrypt: Process encryption/decryption

Loading

State diagram for envcrypt password resolution

stateDiagram-v2
    [*] --> CheckPasswordSource
    CheckPasswordSource --> DirectPassword: -P/--password
    CheckPasswordSource --> EnvVarPassword: -E/--environ
    CheckPasswordSource --> FilePassword: -F/--file
    CheckPasswordSource --> CheckStdin: No password source

    CheckStdin --> PromptPassword: stdin is terminal
    CheckStdin --> Error: stdin is not terminal

    DirectPassword --> ProcessOperation
    EnvVarPassword --> ProcessOperation
    FilePassword --> ProcessOperation
    PromptPassword --> ProcessOperation

    ProcessOperation --> [*]
    Error --> [*]

Loading

File-Level Changes

Change	Details	Files
Added a fallback mechanism to prompt for the password when standard input is a terminal.	Implemented a password prompt using getpass when stdin is a terminal and no password is provided via arguments or environment variables.	scripts/envcrypt.py
Updated the input file handling to support encrypted .env files.	Changed file path prefix from / to @ for reading passwords from files. Added support for .env.enc files as the primary source for encrypted environment variables. Updated documentation to reflect the changes in encrypted file handling and usage. Updated the changelog to document the new features and breaking changes.	envex/env_wrapper.py README.md CHANGELOG.md
Improved documentation and examples.	Added documentation for encrypted environment file usage and compatibility. Updated the changelog with information about the new features and bug fixes. Added a section on the benefits of using encrypted environment files. Clarified the differences between env.get() and env().	README.md CHANGELOG.md
Updated the handling of keyword arguments passed to Env().	Keyword arguments passed to Env() are no longer added to the environment if readenv=False. Dictionaries passed as positional arguments to Env() are now correctly converted to string-to-string mappings.	CHANGELOG.md
Added support for BytesIO and StringIO objects.	Env() can now accept BytesIO and StringIO objects as positional arguments. Variables from these objects overwrite existing variables by default, unless overwrite=False is explicitly set. Updated the changelog to reflect this change.	CHANGELOG.md envex/env_wrapper.py
Updated internal handling of environment files.	Environment files are now handled internally as bytes and converted using an encoding parameter (defaulting to "utf-8"). Updated the changelog to include a warning about this change.	CHANGELOG.md

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey @deeprave - I've reviewed your changes and they look great!

Here's what I looked at during the review

• 🟡 General issues: 3 issues found
• 🟡 Security: 1 issue found
• 🟢 Testing: all looks good
• 🟢 Complexity: all looks good
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}