SoftDryzz
diff --git a/‎README.md‎
Lines changed: 12 additions & 2 deletions b/‎README.md‎
Lines changed: 12 additions & 2 deletions
diff --git a/‎ROADMAP.md‎
Lines changed: 25 additions & 25 deletions b/‎ROADMAP.md‎
Lines changed: 25 additions & 25 deletions
diff --git a/‎User-Guide.md‎
Lines changed: 114 additions & 3 deletions b/‎User-Guide.md‎
Lines changed: 114 additions & 3 deletions
diff --git a/‎docs/es/README.md‎
Lines changed: 12 additions & 2 deletions b/‎docs/es/README.md‎
Lines changed: 12 additions & 2 deletions
@@ -189,6 +189,9 @@ pm run order-service
 - 🔄 **CI/CD detection** - Detect GitHub Actions, GitLab CI, Jenkins, Travis CI, CircleCI with `pm ci` and in `pm info`
 - 🧹 **Linting & Formatting** - Run linters with `pm lint` and formatters with `pm fmt`, auto-detects ESLint, Clippy, Prettier, gofmt, Ruff, and more
 - 📦 **Multi-project Workspaces** - Detect monorepo modules with `pm modules`, multi-language detection, `pm build --all` and `pm test --all`
+- 📂 **Env File Detection** - Discover `.env` files with `pm env files`, view masked contents with `pm env show`, switch environments with `pm env switch`
+- 🔑 **Secret Scanning** - Detect hardcoded secrets (AWS keys, GitHub tokens, Slack tokens) in `.env` files, integrated in `pm doctor` and `pm secure`
+- 🗄️ **Database Migrations** - Detect migration tools (Prisma, Alembic, Diesel, Flyway, Liquibase, SQLx) with `pm migrate`, run and check status
 - 🌐 **Multi-platform** - Works on Windows, Linux, and Mac
 
 ---
@@ -240,6 +243,9 @@ chmod +x scripts/install.sh && ./scripts/install.sh
 | `pm env list <name> [--show]` | List variables (sensitive values masked) |
 | `pm env remove <name> KEY` | Remove a variable |
 | `pm env clear <name>` | Remove all variables |
+| `pm env files <name>` | List `.env` files in project directory |
+| `pm env show <name> <file> [--show]` | Show `.env` file contents (masked by default) |
+| `pm env switch <name> <env-name>` | Copy `.env.<env-name>` to `.env` |
 | `pm hooks <name>` | List hooks for a project |
 | `pm hooks <name> add <slot> "<script>"` | Add a pre-/post-command hook |
 | `pm hooks <name> remove <slot> "<script>"` | Remove a hook |
@@ -259,6 +265,9 @@ chmod +x scripts/install.sh && ./scripts/install.sh
 | `pm lint [name]` | Run linters on project(s) |
 | `pm fmt [name]` | Run formatters on project(s) |
 | `pm modules [name]` | Show workspace modules |
+| `pm migrate` | List detected migration tools per project |
+| `pm migrate <name>` | Run database migration (with confirmation) |
+| `pm migrate <name> status` | Check migration status |
 | `pm build --all` | Build all registered projects |
 | `pm test --all` | Test all registered projects |
 | `pm export` | Export all projects to a portable JSON file |
@@ -480,9 +489,10 @@ Projects are saved in:
 - **CI/CD** — `pm ci` detects pipelines (GitHub Actions, GitLab CI, Jenkins, Travis, CircleCI) and shows dashboard URLs
 - **Lint & Format** — `pm lint` / `pm fmt` auto-detect and run linters/formatters (ESLint, Prettier, Clippy, gofmt, Ruff, Black, Checkstyle, Spotless, and more)
 - **Workspaces** — `pm modules` detects monorepo structures (Cargo, npm/pnpm/yarn, Gradle, Go), multi-language detection, `pm build --all` / `pm test --all`
-- **Reliability** — Atomic writes, backup/recovery, directory validation, download integrity, 697 tests
+- **Environments** — `pm env files/show/switch` for .env file discovery, secret scanning (AWS, GitHub, Slack tokens), `pm migrate` for database migration tools (Prisma, Alembic, Diesel, Flyway, Liquibase, SQLx)
+- **Reliability** — Atomic writes, backup/recovery, directory validation, download integrity, 748 tests
 
-> Latest release: **v1.7.0** (Multi-project Workspaces) — Full version history in [ROADMAP.md](ROADMAP.md)
+> Latest release: **v1.7.1** (Environments, Secrets & Databases) — Full version history in [ROADMAP.md](ROADMAP.md)
 
 ### 💡 Future Ideas
 - [ ] Project groups (`pm group create backend api-users product-service`, `pm run-group backend`)
 
@@ -320,35 +320,35 @@ Export all or selected projects to a portable JSON file and import them back on
 
 ---
 
-## v1.7.1 — Project Templates
+## v1.7.1 — Environments, Secrets & Databases ✅
 
-### `pm init` command
-- `pm init <type>` — scaffold a new project from templates
-- Built-in templates: Java (Maven/Gradle), Node.js, Rust, Go, Python, .NET
-- Support custom templates from GitHub repos
-
----
-
-## v1.8.0 — Environments, Secrets & Databases
-
-### Environment management
-- Detect `.env`, `.env.local`, `.env.production` files
-- `pm env` — show current environment variables (masked secrets)
-- `pm env switch <name>` — switch between environment files
-- Warn if `.env` is not in `.gitignore`
+### Environment file detection
+| Feature | Status |
+|---------|--------|
+| `pm env files <name>` — list `.env` files in project directory | ✅ Done |
+| `pm env show <name> <file>` — show env file contents (masked) | ✅ Done |
+| `pm env show <name> <file> --show` — reveal all values | ✅ Done |
+| `pm env switch <name> <env-name>` — copy `.env.<name>` to `.env` | ✅ Done |
+| Show env files in `pm info` output | ✅ Done |
 
-### Secrets detection
-- Scan for common secret patterns (API keys, tokens, passwords)
-- Warn on `pm doctor` if secrets are committed
-- Optional [Vaultic](https://crates.io/crates/vaultic) detection (not a dependency — PM works fully without it):
-  - **Not installed** → recommend install options: `cargo install vaultic` (requires [Rust toolchain](https://rustup.rs)) or download binary from [GitHub Releases](https://github.com/SoftDryzz/Vaultic/releases). Always link to [Vaultic repo](https://github.com/SoftDryzz/Vaultic) for docs
-  - **Installed but not initialized** → suggest `vaultic init` with link to docs so the user understands what it does before running it
-  - **Installed and configured** → show enhanced secret management hints (e.g., `vaultic encrypt .env`)
+### Secret scanning
+| Feature | Status |
+|---------|--------|
+| Detect AWS access keys, GitHub tokens, Slack tokens in `.env` files | ✅ Done |
+| Generic secret detection (40+ char random values for sensitive keys) | ✅ Done |
+| Health check in `pm doctor` (6th check: no exposed secrets) | ✅ Done |
+| Security check in `pm secure` (secret-patterns + vaultic detection) | ✅ Done |
+| [Vaultic](https://github.com/SoftDryzz/Vaultic) integration: detect installation and `.vaultic/` dir | ✅ Done |
 
 ### Database migration awareness
-- Detect migration tools: SQLx, Flyway, Liquibase, Prisma, Diesel, Alembic
-- `pm migrate` — run pending migrations
-- `pm migrate status` — show migration state
+| Feature | Status |
+|---------|--------|
+| Detect 6 migration tools: Prisma, Alembic, Diesel, Flyway, Liquibase, SQLx | ✅ Done |
+| `pm migrate` — list detected tools per project | ✅ Done |
+| `pm migrate <name>` — run migration with y/n confirmation | ✅ Done |
+| `pm migrate <name> status` — show migration state (read-only) | ✅ Done |
+| Show migration tools in `pm info` output | ✅ Done |
+| Shell completions for migrate command | ✅ Done |
 
 ---
 
 
@@ -22,6 +22,7 @@
   - [CI/CD Detection](#-cicd-detection)
   - [Linting & Formatting](#-linting--formatting)
   - [Multi-project Workspaces](#-multi-project-workspaces)
+  - [Database Migrations](#-database-migrations)
   - [Help and Version](#-help-and-version)
 - [Environment Variables](#-environment-variables)
   - [What Are They?](#what-are-they)
@@ -591,6 +592,53 @@ pm env clear <name>
 
 ---
 
+#### List .env files
+```bash
+pm env files <name>
+```
+
+Discovers all `.env*` files (`.env`, `.env.local`, `.env.production`, etc.) in the project directory and shows their entry count and file size.
+
+**Example output:**
+```
+Env Files — my-api
+
+  File               Entries   Size
+  ────────────────────────────────────
+  .env               5         128 B
+  .env.local         3         84 B
+  .env.production    8         256 B
+
+  3 env files found
+```
+
+---
+
+#### Show .env file contents
+```bash
+pm env show <name> <file>           # Sensitive values masked
+pm env show <name> <file> --show    # All values revealed
+```
+
+Displays the contents of a specific `.env` file. Sensitive values (PASSWORD, TOKEN, KEY, SECRET, AUTH) are masked by default — shows the first 3 characters followed by `****`.
+
+---
+
+#### Switch environment
+```bash
+pm env switch <name> <env-name>
+```
+
+Copies `.env.<env-name>` to `.env` in the project directory. Asks for confirmation if `.env` already exists.
+
+**Example:**
+```bash
+pm env switch my-api production
+# Copies .env.production → .env (with y/n confirmation)
+```
+
+---
+
 ### 🔹 Rename & Path Update
 
 #### Rename a project
@@ -679,9 +727,10 @@ Verifies installed runtimes (Java, Node.js, .NET, Python, Gradle, Maven, Rust/Ca
 | Tests | Project has a `test` command configured | Configure tests with `pm commands add` |
 | CI/CD | GitHub Actions, GitLab CI, or Jenkinsfile detected | Set up CI/CD for automated testing |
 | Lockfile | Dependency lockfile exists for project type | Commit your lockfile for reproducible builds |
+| Secrets | No hardcoded secrets found in `.env` files | Use environment injection or a vault instead |
 
 Each project receives a **letter grade** based on how many checks pass:
-- **A** = 5/5 — **B** = 4/5 — **C** = 3/5 — **D** = 2/5 — **F** = 0–1/5
+- **A** = 6/6 — **B** = 5/6 — **C** = 4/6 — **D** = 3/6 — **F** = 0–2/6
 
 #### Show only health grades (compact)
 ```bash
@@ -704,7 +753,7 @@ Shows just the letter grade per project without details:
 pm secure
 ```
 
-Runs 5 filesystem-only security checks on each registered project:
+Runs 7 filesystem-only security checks on each registered project:
 
 | Check | Pass condition | Recommendation if failed |
 |-------|---------------|--------------------------|
@@ -713,8 +762,10 @@ Runs 5 filesystem-only security checks on each registered project:
 | HTTPS only | No `http://` URLs in config files (excluding localhost) | Replace http:// with https:// in config files |
 | Sensitive files | `.gitignore` contains `*.pem` and `*.key` patterns | Add *.pem and *.key to .gitignore to protect keys |
 | Lockfile | Dependency lockfile exists for project type | Commit your lockfile to prevent supply-chain attacks |
+| Secret patterns | No known secret patterns (AWS keys, GitHub tokens, Slack tokens) in `.env` files | Remove hardcoded secrets and use environment injection |
+| Vaultic | [Vaultic](https://github.com/SoftDryzz/Vaultic) installed and initialized (when `.env` files exist) | Install Vaultic to encrypt your `.env` files |
 
-Result coloring: **5/5** = green, **3–4/5** = yellow, **0–2/5** = red
+Result coloring: **7/7** = green, **5–6/7** = yellow, **0–4/7** = red
 
 #### Auto-fix .gitignore issues
 ```bash
@@ -1007,6 +1058,57 @@ Tests every registered project. Continues on failure and shows a summary.
 
 ---
 
+### 🔹 Database Migrations
+
+Detect and manage database migration tools across your projects.
+
+#### List detected migration tools
+```bash
+pm migrate
+```
+
+Scans all registered projects and shows which migration tools are detected:
+
+| Tool | Detection | Migrate Command | Status Command |
+|------|-----------|----------------|----------------|
+| Prisma | `prisma/schema.prisma` | `npx prisma migrate deploy` | `npx prisma migrate status` |
+| Alembic | `alembic.ini` or `alembic/` dir | `alembic upgrade head` | `alembic current` |
+| Diesel | `diesel.toml` | `diesel migration run` | `diesel migration list` |
+| Flyway | `flyway.conf` or `flyway.toml` | `flyway migrate` | `flyway info` |
+| Liquibase | `liquibase.properties` | `liquibase update` | `liquibase status` |
+| SQLx | `.sqlx/` dir | `sqlx migrate run` | `sqlx migrate info` |
+
+#### Run a migration
+```bash
+pm migrate <name>
+```
+
+Detects the migration tool for the project, asks for confirmation (y/n), then executes the migration command. If multiple tools are detected, uses the first one found.
+
+#### Check migration status
+```bash
+pm migrate <name> status
+```
+
+Runs the status command for the detected migration tool. This is read-only and does not require confirmation.
+
+**Example output:**
+```
+Migration — my-api
+
+  Tool: Prisma
+  Command: npx prisma migrate status
+
+  [Prisma output here...]
+```
+
+Migration tools are also shown in `pm info`:
+```
+  Migration: Prisma, Flyway
+```
+
+---
+
 ### 🔹 Help and Version
 
 #### View help
@@ -1927,6 +2029,10 @@ pm env list <name>                             # List (masked)
 pm env list <name> --show                      # List (revealed)
 pm env remove <name> KEY                       # Remove a variable
 pm env clear <name>                            # Remove all variables
+pm env files <name>                            # List .env files in project
+pm env show <name> .env                        # Show .env contents (masked)
+pm env show <name> .env.local --show           # Show .env contents (revealed)
+pm env switch <name> production                # Copy .env.production → .env
 
 # === HOOKS ===
 pm hooks <name>                                # List hooks
@@ -1983,6 +2089,11 @@ pm modules <name>                              # Show workspace modules for a pr
 pm build --all                                 # Build all registered projects
 pm test --all                                  # Test all registered projects
 
+# === DATABASE MIGRATIONS ===
+pm migrate                                     # List migration tools per project
+pm migrate <name>                              # Run migration (with confirmation)
+pm migrate <name> status                       # Check migration status
+
 # === UPDATES ===
 pm update                                      # Update to latest version
 
 
@@ -189,6 +189,9 @@ pm run servicio-pedidos
 - 🔄 **Detección CI/CD** - Detecta GitHub Actions, GitLab CI, Jenkins, Travis CI, CircleCI con `pm ci` y en `pm info`
 - 🧹 **Linting y Formateo** - Ejecuta linters con `pm lint` y formateadores con `pm fmt`, auto-detecta ESLint, Clippy, Prettier, gofmt, Ruff y más
 - 📦 **Espacios de Trabajo Multi-proyecto** - Detecta módulos monorepo con `pm modules`, detección multi-lenguaje, `pm build --all` y `pm test --all`
+- 📂 **Detección de archivos .env** - Descubre archivos `.env` con `pm env files`, visualiza contenidos enmascarados con `pm env show`, cambia entornos con `pm env switch`
+- 🔑 **Escaneo de secretos** - Detecta secretos hardcodeados (claves AWS, tokens GitHub, tokens Slack) en archivos `.env`, integrado en `pm doctor` y `pm secure`
+- 🗄️ **Migraciones de base de datos** - Detecta herramientas de migración (Prisma, Alembic, Diesel, Flyway, Liquibase, SQLx) con `pm migrate`, ejecuta y comprueba estado
 - 🌐 **Multi-plataforma** - Funciona en Windows, Linux y Mac
 
 ---
@@ -240,6 +243,9 @@ chmod +x scripts/install.sh && ./scripts/install.sh
 | `pm env list <nombre> [--show]` | Listar variables (valores sensibles enmascarados) |
 | `pm env remove <nombre> KEY` | Eliminar una variable |
 | `pm env clear <nombre>` | Eliminar todas las variables |
+| `pm env files <nombre>` | Listar archivos `.env` en el directorio del proyecto |
+| `pm env show <nombre> <archivo> [--show]` | Mostrar contenido de archivo `.env` (enmascarado por defecto) |
+| `pm env switch <nombre> <nombre-env>` | Copiar `.env.<nombre-env>` a `.env` |
 | `pm hooks <nombre>` | Listar hooks de un proyecto |
 | `pm hooks <nombre> add <slot> "<script>"` | Añadir un hook pre-/post-comando |
 | `pm hooks <nombre> remove <slot> "<script>"` | Eliminar un hook |
@@ -259,6 +265,9 @@ chmod +x scripts/install.sh && ./scripts/install.sh
 | `pm lint [nombre]` | Ejecutar linters en proyecto(s) |
 | `pm fmt [nombre]` | Ejecutar formateadores en proyecto(s) |
 | `pm modules [nombre]` | Mostrar módulos del workspace |
+| `pm migrate` | Listar herramientas de migración detectadas por proyecto |
+| `pm migrate <nombre>` | Ejecutar migración de base de datos (con confirmación) |
+| `pm migrate <nombre> status` | Comprobar estado de migración |
 | `pm build --all` | Compilar todos los proyectos registrados |
 | `pm test --all` | Testear todos los proyectos registrados |
 | `pm export` | Exportar todos los proyectos a un archivo JSON portátil |
@@ -480,9 +489,10 @@ Los proyectos se guardan en:
 - **CI/CD** — `pm ci` detecta GitHub Actions, GitLab CI, Jenkins, Travis CI, CircleCI y muestra URLs de dashboard
 - **Lint y Formato** — `pm lint` / `pm fmt` auto-detectan y ejecutan linters/formateadores (ESLint, Prettier, Clippy, gofmt, Ruff, Black, Checkstyle, Spotless y más)
 - **Workspaces** — `pm modules` detecta monorepos (Cargo, npm, Gradle, Go), detección multi-lenguaje, `pm build --all` y `pm test --all`
-- **Fiabilidad** — Escritura atómica, backup/recuperación, validación de directorio, integridad de descarga, 697 tests
+- **Entornos** — `pm env files/show/switch` para descubrir archivos .env, escaneo de secretos (tokens AWS, GitHub, Slack), `pm migrate` para herramientas de migración (Prisma, Alembic, Diesel, Flyway, Liquibase, SQLx)
+- **Fiabilidad** — Escritura atómica, backup/recuperación, validación de directorio, integridad de descarga, 748 tests
 
-> Última release: **v1.7.0** (Espacios de Trabajo Multi-proyecto) — Historial completo en [ROADMAP.md](ROADMAP.md)
+> Última release: **v1.7.1** (Entornos, Secretos y Bases de Datos) — Historial completo en [ROADMAP.md](ROADMAP.md)
 
 ### 💡 Ideas Futuras
 - [ ] Grupos de proyectos (`pm group create backend api-users product-service`, `pm run-group backend`)