Bumping the minimum required PHP version is not a breaking change, however it is notable. Since version 5.6.0, we now require PHP 7.2.5 or higher. Installation metrics show that for some time, PHP 7.1 has represented only around 0.1% of installs of V5.
Release notes for 5.6.0 are available here.
Version 5 bumps to PHP 7.1+, and adds some additional parameter typing. There have been some internal changes and refactorings too, but nothing that changes the overall feel and usage of the package. The Dotenv class itself is largely unchanged from V4.
Release notes for 5.0.0 are available here.
- The
Dotenv\Dotenv::createImmutableandDotenv\Dotenv::createMutablemethods no longer call will result ingetenvandputenvbeing called. One should instead useDotenv\Dotenv::createUnsafeImmutableandDotenv\Dotenv::createUnsafeMutablemethods, if one really needs these functions. - The
Dotenv\Dotenvconstructor has been modified to expect exactly 4 parameters: a store, a parser, a loader, and a repository. This likely won't affect many people, since it is more common to construct this class via the public static create methods. Those methods have not changed. - Scalar typehints have been added to the public interface.
- The parser now returns a result type instead of raising an exception. This change is strictly internal, and most users won't notice a difference. The responsibility for raising an exception has simply been shifted up to the caller.
- Adapters have been refactored again, with changes to the repositories. In particular, the repository builder has been tweaked. It now expects to be explicitly told if you want to use the default adapters or not, and expects individual readers and writers to be added, one by one. Similar changes have been applied to the store factory. Moreover, the
ApacheAdapterhas been changed so that it behaves much like the other adapters. The old behaviour can be simulated by composing it with the newReplacingWriter(see below). We will no longer include this adapter in our default setup, so that people can enable exactly what they need. Finally, by default, we will no longer be using thePutenvAdapter. It can be added, as required. - Variable whitelisting has been replaced with allow listing, and the responsibility has moved from the loader to a new adapter
GuardedWriter. - The parser has been moved to its own namespace and parses entire files now. This change is expected to have little impact when upgrading. The
Linesclass has also moved to the parser namespace. - The loader now only returns the variables that were actually loaded into the repository, and not all the variables from the file. Moreover, it now expects as input the result of running the new parser (an array of entries), rather than raw file content.
The changes listed in (4) mean that instead of:
$repository = Dotenv\Repository\RepositoryBuilder::create()
->withReaders([
new Dotenv\Repository\Adapter\EnvConstAdapter(),
])
->withWriters([
new Dotenv\Repository\Adapter\EnvConstAdapter(),
new Dotenv\Repository\Adapter\PutenvAdapter(),
])
->make();one would now write:
$repository = Dotenv\Repository\RepositoryBuilder::createWithNoAdapters()
->addAdapter(Dotenv\Repository\Adapter\EnvConstAdapter::class)
->addWriter(Dotenv\Repository\Adapter\PutenvAdapter::class)
->make();Instead of passing class names, one can also pass actual adapter instances. Note that it is not possible to directly construct any of the adapters. One has to go via their static create method which returns an optional. This is to strictly encapsulate the fact that not all adapters are capable of running on all systems, and so those that cannot be run, cannot be created. For example, the apache adapter can only be run within an apache web server context. Passing the class names as in the above example will handle this for you, by adding the adapter only if it can be created (the optional has a value set).
To add an apache environment variable writer that only writes to existing apache environment variables, as was the default in v4, one should do the following:
$builder = Dotenv\Repository\RepositoryBuilder::createWithDefaultAdapters();
Dotenv\Repository\Adapter\ApacheAdapter::create()->map(function ($adapter) {
return new Dotenv\Repository\Adapter\ReplacingWriter($adapter, $adapter);
})->map([$builder, 'addWriter'])->getOrElse($builder);
$repository = $builder->make();The use of optionals handles the case where the apache environment functions are not available (such as in a CLI environment).
Version 4.1 is a minor release, and as such, there are no breaking changes. There is, however a deprecation to be noted.
The Dotenv\Dotenv constructor now expects either an array of file paths as the third parameter, or an instance of Dotenv\Store\StoreInterface. Passing an array is deprecated, and will be removed in V5.
Version 4 sees some refactoring, and support for escaping dollars in values (#380). It is no longer possible to change immutability on the fly, and the Loader no longer is responsible for tracking immutability. It is now the responsibility of "repositories" to track this. One must explicitly decide if they want (im)mutability when constructing an instance of Dotenv\Dotenv.
Release notes for 4.0.0 are available here.
V4 has again changed the way you initialize the Dotenv class. If you want immutable loading of environment variables, then replace Dotenv::create with Dotenv::createImmutable, and if you want mutable loading, replace Dotenv::create with Dotenv::createMutable and ->overload() with ->load(). The overload method has been removed in favour of specifying mutability at object construction.
The behaviour when parsing single quoted strings has now changed, to mimic the behaviour of bash. It is no longer possible to escape characters in single quoted strings, and everything is treated literally. As soon as the first single quote character is read, after the initial one, then the variable is treated as ending immediately at that point. When parsing unquoted or double quoted strings, it is now possible to escape dollar signs, to forcefully avoid variable interpolation. Escaping dollars is not mandated, in the sense that if a dollar is present, and not following by variable interpolation syntax, this is allowed, and the dollar will be treated as a literal dollar. Finally, interpolation of variables is now performed right to left, instead of left to right, so it is possible to nest interpolations to allow using the value of a variable as the name of another for further interpolation.
The getEnvironmentVariableNames method is no longer available. This is because calls to load() (since v3.0.0) return an associative array of what was loaded, so $dotenv->getEnvironmentVariableNames() can be replaced with array_keys($dotenv->load()).
There have been various internal refactorings. Apart from what has already been mentioned, the only other changes likely to affect developers is:
- The
Dotenv\Environmentnamespace has been moved toDotenv\Repository, theDotenv\Environment\Adapter\AdapterInterfaceinterface has been replaced byDotenv\Repository\Adapter\ReaderInterfaceandDotenv\Repository\Adapter\WriterInterface. - The
Dotenv\Environment\DotenvFactoryhas been (roughly) replaced byDotenv\Repository\RepositoryBuilder, andDotenv\Environment\FactoryInterfacehas been deleted. Dotenv\Environment\AbstractVariableshas been replaced byDotenv\Repository\AbstractRepository,Dotenv\Environment\DotenvVariableshas been replaced byDotenv\Repository\AdapterRepository, andDotenv\Environment\VariablesInterfacehas been replaced byDotenv\Repository\RepositoryInterface.- The
Dotenv\Loaderclass has been moved toDotenv\Loader\Loader, and now has a different public interface. It no longer expects any parameters at construction, and implements only the new interfaceDotenv\Loader\LoaderInterface. Its responsibility has changed to purely taking raw env file content, and handing it off to the parser, dealing with variable interpolation, and sending off instructions to the repository to set variables. No longer can it be used as a way to read the environment by callers, and nor does it track immutability. - The
Dotenv\ParserandDotenv\Linesclasses have moved toDotenv\Loader\ParserandDotenv\Loader\Lines, respectively.Dotenv\Loader\Parser::parsenow return has eithernullorDotenv\Loader\Valueobjects as values, instead ofstrings. This is to support the new variable interpolation and dollar escaping features. - The
Dotenv\Validatorconstructor has changed from__construct(array $variables, Loader $loader, $required = true)to__construct(RepositoryInterface $repository, array $variables, $required = true).
The example at the bottom of the below upgrading guide, in V4 now looks like:
<?php
use Dotenv\Dotenv;
use Dotenv\Repository\Adapter\EnvConstAdapter;
use Dotenv\Repository\Adapter\ServerConstAdapter;
use Dotenv\Repository\RepositoryBuilder;
$adapters = [
new EnvConstAdapter(),
new ServerConstAdapter(),
];
$repository = RepositoryBuilder::create()
->withReaders($adapters)
->withWriters($adapters)
->immutable()
->make();
Dotenv::create($repository, $path, null)->load();Since v3.2.0, it was easily possible to read a file and process variable interpolations, without actually "loading" the variables. This is still possible in v4.0.0. Example code that does this is as follows:
<?php
use Dotenv\Repository\Adapter\ArrayAdapter;
use Dotenv\Repository\RepositoryBuilder;
use Dotenv\Loader\Loader;
$adapters = [new ArrayAdapter()];
$repository = RepositoryBuilder::create()
->withReaders($adapters)
->withWriters($adapters)
->make();
$variables = (new Loader())->load($repository, $content);Notice, that compared to v3, the loader no longer expects file paths in the constructor. Reading of the files is now managed by the Dotenv\Dotenv class. The loader is genuinely just loading the content into the repository.
Finally, we note that the minimum supported version of PHP has increased to 5.5.9, up from 5.4.0 in V3 and 5.3.9 in V2.
New in Version 3 is first-class support for multiline variables (#301) and much more flexibility in terms of which parts of the environment we try to read and modify (#300). Consequently, you will need to replace any occurrences of new Dotenv(...) with Dotenv::create(...), since our new native constructor takes a Loader instance now, so that it can be truly customized if required. Finally, one should note that the loader will no longer be trimming values (#302), moreover Loader::load() and its callers now return an associative array of the variables loaded with their values, rather than an array of raw lines from the environment file (#306).
Release notes for 3.0.0 are available here.
V3 has changed the way you initialize the Dotenv class. Consequently, you will need to replace any occurrences of new Dotenv(...) with Dotenv::create(...), since our new native constructor takes a Loader instance now.
Loader::load() and its callers now return an associative array of the variables loaded with their values.
Value parsing has been modified in the following ways:
- For unquoted strings, as soon as there's a hash, it's treated as a comment start.
- We're being stricter about invalid escape sequences within quoted strings.
- We're no longer trimming the parsed values of quoted strings.
- Multiline quoted values are now permitted, and will be parsed by V3.
| input value | V2.5.2 | V2.6.1 | V3.3.1 |
|---|---|---|---|
foo#bar |
foo#bar |
foo#bar |
foo |
foo # bar |
foo |
foo |
foo |
"iiiiviiiixiiiiviiii\n" |
silent failure | iiiviiiixiiiiviiii\n |
fails with invalid escape sequence exception |
"iiiiviiiixiiiiviiii\\n" |
iiiiviiiixiiiiviiii\n |
iiiiviiiixiiiiviiii\n |
iiiiviiiixiiiiviiii\n |
"foo\"bar" |
foo"bar |
foo"bar |
foo"bar |
" foo " |
foo with whitespace trimmed |
foo with whitespace trimmed |
foo with 2 spaces in front and one after |
In double quoted strings, double quotes and backslashes need escaping with a backslash, and in single quoted strings, single quote and backslashes need escaping with a backslash. In v2.5.2, forgetting an escape can lead to odd results due to the regex running out of stack, but this was fixed in 2.6 and 3.3, with 2.6 allowing you to continue after an unescaped backslash, but 3.3 not.
It's possible to use phpdotenv V3 in a threaded environment, instructing it to not call any functions that are not tread-safe:
<?php
use Dotenv\Dotenv;
use Dotenv\Environment\Adapter\EnvConstAdapter;
use Dotenv\Environment\Adapter\ServerConstAdapter;
use Dotenv\Environment\DotenvFactory;
$factory = new DotenvFactory([new EnvConstAdapter(), new ServerConstAdapter()]);
Dotenv::create($path, null, $factory)->load();Finally, we note that the minimum supported version of PHP has increased from 5.3.9 to 5.4.0.