Parser change to allow trailing comments breaks passwords with '#' in them.

[KeitenC]

I upgraded to 2.3.1 and all of a sudden I was unable to connect to my database. After some digging I realized that it was malforming my password when reading it from the .env file. It cut off the rest of the password after the '#'. I think the regex needs to be updated to ensure that it actually is looking at an intended comment.

[cdimascio]

Without providing your db pw, can you provide a canonical example that can be used to reproduce the issue. It will be super helpful, thanks

[KeitenC]

Sorry for the delay. An example I was able to test with is:

In the .env file I have a line for: DATABASE_password="iH4>hb_d0#_GN8d]6" (This is not a real password just a string format that matches password requirements and reproduces the issue)

When debugging through after it grabs the values I see that it has been changed in the envVars fields to: DATABASE_password -> "iH4>hb_d0

It seems to drop everything after the '#' symbol because it thinks its a comment or something. I hope that helps. If there is anymore that is needed just let me know.

[cdimascio]

thanks. this example makes it super clear. ultimately, the parser and/or regex needs to be enhanced to honor quoted strings

[alexg9520]

I ran into the same issue. I played around with the regular expression that is currently set in DotenvParser.java and I think this would allow '#' in quoted values. ^\s*([\w.\-]+)\s*(=)\s*(['].*[']|["].*["]|[^#]*?)\s*(#.*)?$ The only issue I currently see is that if you put a " at the end of comment that is after the quoted value, it would grab that too. It probably needs to be tested more and might not be the best regular expression to accomplish it, but maybe it will help

[cdimascio]

thanks @alexg9520. you're regex is very close. super helpful. thank you! i've made a few adjustments to resolve a couple edge cases including the one you noted. will get v2.3.2 out soon. it will include the fix

[Thilo-Acrolinx]

Unfortunately this bug is still present in version 2.3.2 and also in version 3.0.0. The latest working version is 2.3.0. Example: PASSWORD=foo#bar dotenv.get("PASSWORD") just returns "foo". This issue should therefore be re-opened.