npmpackage.info

dotenv-expand

Variable expansion for dotenv. Expand variables already on your machine for use in your .env file.

12.0.1

961

BSD-2-Clause

JavaScript

533.00 B

2,424,531,260 3.9

Installations

npm install dotenv-expand

Pull Requests

Open

0

Total

80

Closed

30

Merged

50

Issues

Open

0

Total

55

Closed

55

Releases

Unable to fetch releases

Developer

motdotla

Developer Guide

BETA

Module System

CommonJS, ESM

Min. Node Version

>=12

Typescript Support

Yes

Node Version

22.4.1

NPM Version

10.8.1 Statistics

961 Stars

263 Commits

96 Forks

7 Watching

1 Branches

23 Contributors

Updated on 27 Nov 2024

Bundle Size

888.00 B

Minified

533.00 B

Minified + Gzipped

Bundlephobia

Languages

JavaScript (99.5%)

TypeScript (0.5%)

Total Downloads

Cumulative downloads

Total Downloads

2,424,531,260

Last day

-5.1%

3,226,557

Compared to previous day

Last week

2.9%

17,012,791

Compared to previous week

Last month

10%

70,966,121

Compared to previous month

Last year

24.9%

771,265,014

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

dotenv

Dev Dependencies

@types/node standard standard-version tap typescript

Versions

🎉 announcing dotenvx. expansion AND command substitution, multi-environment, encrypted envs, and more.

^{Dotenv libraries are supported by the community.}

^{Special thanks to:}

Warp is a blazingly fast, Rust-based terminal reimagined to work like a modern app.

^{Get more done in the CLI with real text editing, block-based output, and AI command search.}

Your App, Enterprise Ready.

^{Add Single Sign-On, Multi-Factor Auth, and more, in minutes instead of months.}

dotenv-expand

Dotenv-expand adds variable expansion on top of dotenv. If you find yourself needing to expand environment variables already existing on your machine, then dotenv-expand is your tool.

Install

1# Install locally (recommended)
2npm install dotenv-expand --save

Or installing with yarn? yarn add dotenv-expand

Usage

Create a .env file in the root of your project:

1PASSWORD="s1mpl3"
2DB_PASS=$PASSWORD

As early as possible in your application, import and configure dotenv and then expand dotenv:

1const dotenv = require('dotenv')
2const dotenvExpand = require('dotenv-expand')
3
4dotenvExpand.expand(dotenv.config())
5
6console.log(process.env) // remove this after you've confirmed it is expanding

That's it. process.env now has the expanded keys and values you defined in your .env file.

dotenvExpand.expand(dotenv.config())

...

connectdb(process.env.DB_PASS)

Preload

Note: Consider using dotenvx instead of preloading. I am now doing (and recommending) so.

It serves the same purpose (you do not need to require and load dotenv), has built-in expansion support, adds better debugging, and works with ANY language, framework, or platform. – motdotla

You can use the --require (-r) command line option to preload dotenv & dotenv-expand. By doing this, you do not need to require and load dotenv or dotenv-expand in your application code. This is the preferred approach when using import instead of require.

1$ node -r dotenv-expand/config your_script.js

The configuration options below are supported as command line arguments in the format dotenv_config_<option>=value

1$ node -r dotenv-expand/config your_script.js dotenv_config_path=/custom/path/to/your/env/vars

Additionally, you can use environment variables to set configuration options. Command line arguments will precede these.

1$ DOTENV_CONFIG_<OPTION>=value node -r dotenv-expand/config your_script.js

1$ DOTENV_CONFIG_ENCODING=latin1 node -r dotenv-expand/config your_script.js dotenv_config_path=/custom/path/to/.env

Examples

See tests/.env.test for simple and complex examples of variable expansion in your .env file.

Documentation

dotenv-expand exposes one function:

expand

Expand

expand will expand your environment variables.

1const env = {
2  parsed: {
3    BASIC: 'basic',
4    BASIC_EXPAND: '${BASIC}',
5    BASIC_EXPAND_SIMPLE: '$BASIC'
6  }
7}
8
9console.log(dotenvExpand.expand(env))

Options

processEnv

Default: process.env

Specify an object to write your secrets to. Defaults to process.env environment variables.

1const myEnv = {}
2const env = {
3  processEnv: myEnv,
4  parsed: {
5    HELLO: 'World'
6  }
7}
8dotenvExpand.expand(env)
9
10console.log(myEnv.HELLO) // World
11console.log(process.env.HELLO) // undefined

FAQ

What rules does the expansion engine follow?

See a full list of rules here.

How can I avoid expanding pre-existing envs (already in my `process.env`, for example `pas$word`)?

As of v12.0.0 dotenv-expand no longer expands process.env.

If you need this ability, use dotenvx by shipping an encrypted .env file with your code - allowing safe expansion at runtime.

How can I override an existing environment variable?

Use dotenvx as dotenv-expand does not support this.

dotenv-expand is a separate module (without knowledge of the loading of process.env and the .env file) and so cannot reliably know what to override.

Contributing Guide

See CONTRIBUTING.md

CHANGELOG

See CHANGELOG.md

Who's using dotenv-expand?

These npm modules depend on it.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Maintained

Determines if the project is "actively maintained".

10

License

Determines if the project has defined a license.

5

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

Score

3.9

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to dotenv-expand

dotenv-with-expand

1.0.1

Drop in replacement for `dotenv` with `dotenv-expand` preloaded

dotenv

16.4.5

Loads environment variables from .env file

@vercel/blob

0.26.0

The Vercel Blob JavaScript API client

brace-expansion

4.0.0

Brace expansion as known from sh/bash

dotenv-expand

Installations

Pull Requests

0

80

30

50

Issues

0

55

55

Releases

Unable to fetch releases

Developer

Developer Guide

CommonJS, ESM

>=12

Yes

22.4.1

10.8.1

Statistics

Bundle Size

888.00 B

533.00 B

Languages

Total Downloads

2,424,531,260

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

dotenv-expand

Install

Usage

Preload

Examples

Documentation

Expand

Options

processEnv

FAQ

What rules does the expansion engine follow?

How can I avoid expanding pre-existing envs (already in my process.env, for example pas$word)?

How can I override an existing environment variable?

Contributing Guide

CHANGELOG

Who's using dotenv-expand?

10

10

10

10

5

0

0

0

0

0

0

0

0

3.9

/10

Other packages similar to dotenv-expand

How can I avoid expanding pre-existing envs (already in my `process.env`, for example `pas$word`)?