feat(export): support dotenv quote styles

[puneetdixit200]

Context

Adds a --quote option to infisical export for dotenv and dotenv-export output so users can choose single, double, or none quote styles while preserving the current single-quote default. This addresses multiline/private-key workflows from Infisical/infisical#1103 without changing JSON, CSV, or YAML output.

Screenshots

Not applicable.

Steps to verify the change

GOTOOLCHAIN=go1.25.10 go test -vet=off ./packages/cmd
GOTOOLCHAIN=go1.25.10 go build -o /tmp/infisical-cli-1103-go125 .
/tmp/infisical-cli-1103-go125 export --help | rg -- "--quote|quote|--format=dotenv --quote=double"
git diff --check

Type

• Fix
• Feature
• Improvement
• Breaking
• Docs
• Chore

Checklist

• Title follows the conventional commit format.
• Tested locally
• Updated docs (if needed)
• Updated CLAUDE.md files (if needed)
• Read the contributing guide

[greptile-apps]

Greptile Summary

This PR adds a --quote flag to infisical export that lets users choose between single, double, or none quote styles for dotenv and dotenv-export output, preserving the existing single-quote default.

• formatAsDotEnv and formatAsDotEnvExport are refactored to delegate value quoting to a new formatDotEnvValue helper; the double style correctly escapes embedded " characters, but the single style does not escape embedded ' characters, producing broken dotenv lines for affected values.
• The --quote flag is parsed for all formats but silently has no effect when --format is json, csv, or yaml.

Confidence Score: 3/5

The change is safe for the common case but will silently produce malformed dotenv output when a secret value contains a literal single-quote character and the default (or explicit single) quote style is used.

The single quote style wraps values verbatim in '...' without escaping embedded single quotes — the same asymmetry that the double style avoids by escaping ". Any secret value containing ' (e.g. a human-readable password or JSON blob like {"key":"it's here"}) will produce a line that most dotenv parsers will reject or misparse. The bug is on the default code path, affects real-world secret values, and has no test coverage for this input class.

packages/cmd/export.go — specifically formatDotEnvValue and the single quote branch.

Important Files Changed

Filename	Overview
packages/cmd/export.go	Adds --quote flag (single/double/none) for dotenv/dotenv-export formats. Single-quote style doesn't escape embedded ' characters, producing malformed output for affected values; double-quote escaping is correct.
packages/cmd/export_test.go	Adds tests for all three quote styles and an invalid-style rejection case; no test exercises a value containing a literal single-quote character, which is the gap that would catch the escaping bug.

_{Reviews (1): Last reviewed commit: "feat(export): support dotenv quote style..." | Re-trigger Greptile}

[greptile-apps]

The single quote style wraps values in '...' but never escapes embedded single-quote characters. A secret value like it's a private key produces KEY='it's a private key' — a broken dotenv line. The double style correctly escapes " with \", so the same care is needed here. In POSIX-style dotenv parsers, single quotes don't support escape sequences, so the only safe workaround is to use '\'' (end quote, literal ', reopen quote), or to detect and error when the value contains ' under this style.

Suggested change

	case DotEnvQuoteStyleSingle:
	return fmt.Sprintf("'%s'", value), nil
	case DotEnvQuoteStyleSingle:
	if strings.ContainsRune(value, '\'') {
	return "", fmt.Errorf("single quote style cannot be used for values that contain a single quote character; use --quote=double instead")
	}
	return fmt.Sprintf("'%s'", value), nil

[greptile-apps]

The --quote flag is read and validated regardless of the chosen --format, but it is silently ignored when the format is json, csv, or yaml. A user who runs infisical export --format=json --quote=double will get no warning that the flag had no effect. Consider emitting a message to stderr (or returning an error) when --quote is set to a non-default value alongside a format that doesn't use it.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!