npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

dotenv-safe

v9.1.0

Published

Load environment variables from .env and ensure they are defined

Downloads

557,566

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

motdotlamotdotlarolodatorolodato

Keywords

dotenv

Readme

dotenv-safe Build Status

Identical to dotenv, but ensures that all needed environment variables are defined after reading from .env. The names of the needed variables are read from .env.example, which should be commited along with your project.

dotenv-safe only checks if all the needed variable names exist in process.env after initialising. It does not assume anything about the presence, format or validity of the values.

Installation

npm install dotenv-safe
pnpm install dotenv-safe
yarn add dotenv-safe

Example

# .env.example, committed to repo
SECRET=
TOKEN=
KEY=
# .env, private
SECRET=topsecret
TOKEN=
// index.js
require('dotenv-safe').config();

Or, if you are using ES modules:

// index.mjs
import { config } from 'dotenv-safe';
config();

Since the provided .env file does not contain all the variables defined in .env.example, an exception is thrown:

MissingEnvVarsError: The following variables were defined in .env.example but are not present in the environment:
  TOKEN, KEY
Make sure to add them to .env or directly to the environment.

If you expect any of these variables to be empty, you can use the allowEmptyValues option:
require('dotenv-safe').config({
  allowEmptyValues: true
});

Not all the variables have to be defined in .env; they can be supplied externally. For example, the following would work:

$ TOKEN=abc KEY=xyz node index.js

Usage

Requiring and loading is identical:

require('dotenv-safe').config();

This will load environment variables from .env as usual, but will also read any variables defined in .env.example. If any variables are already defined in the environment before reading from .env, they will not be overwritten. If any variables are missing from the environment, a MissingEnvVarsError will be thrown, which lists the missing variables. Otherwise, returns an object with the following format:

{
  parsed: { SECRET: 'topsecret', TOKEN: '' },          // parsed representation of .env
  required: { SECRET: 'topsecret', TOKEN: 'external' } /* key-value pairs required by .env.example
                                                          and defined by environment */
}

If all the required variables were successfully read but an error was thrown when trying to read the .env file, the error will be included in the result object under the error key.

dotenv-safe compares the actual environment after loading .env (if any) with the example file, so it will work correctly if environment variables are missing in .env but provided through other means such as a shell script.

Preloading

You can use the --require (-r) command line option to preload dotenv-safe. By doing this, you do not need to require and load dotenv in your application code. This is the preferred approach when using import instead of require.

$ node -r dotenv-safe/config your_script.js

See the dotenv README for more information.

Continuous integration (CI)

It can be useful to depend on a different set of example variables when running in a CI environment. This can be done by checking if the CI environment variable is defined, which is supported by virtually all CI solutions. For example:

require('dotenv-safe').config({
  example: process.env.CI ? '.env.ci.example' : '.env.example'
});

Options

Same options and methods supported by dotenv, in addition to the options below:

require('dotenv-safe').config({
    allowEmptyValues: true,
    example: './.my-env-example-filename'
});

Starting from version 9.0.0, dotenv is a peer dependency of dotenv-safe. This means that the actual version of dotenv used defaults to the latest available at install time, or whatever is specified by your application.

allowEmptyValues

If a variable is defined in the example file and has an empty value in the environment, enabling this option will not throw an error after loading. Defaults to false.

example

Path to example environment file. Defaults to .env.example.

Motivation

I regularly use apps that depend on .env files but don't validate if all the necessary variables have been defined correctly. Instead of having to document and validate this manually, I prefer to commit a self-documenting .env.example file that may have placeholder or example values filled in. This can be used as a template or starting point for an actual .env file.