Verification, sanitization, and type coercion for environment variables in ...



NPM version TypeScript License Coverage Status npm downloads Known Vulnerabilities

Verification, sanitization, and type coercion for environment variables in Node.js and web applications. Supports TypeScript!

🏋 Lightweight. Zero dependencies and just ~4.7kB when minified!
🧹 Clean and simple code, as shown here.
🚫 Fails fast if your environment is misconfigured.
👩‍💻 Friendly error messages and example values for better debugging experience.
🎉 TypeScript support provides compile time safety and better developer experience.
📦 Support for frontend projects, e.g in React, React Native, Angular, etc.


- API: The full API set forenv-var
- Examples: Example usage ofenv-var



  1. ``` sh
  2. npm install env-var
  3. ```


  1. ``` sh
  2. yarn add env-var
  3. ```

Getting started

You can use env-var in both JavaScript and TypeScript!

Javascript example

  1. ``` js
  2. const env = require('env-var');

  3. // Or using module import syntax:
  4. // import env from 'env-var'

  5. const PASSWORD = env.get('DB_PASSWORD')
  6.   // Throws an error if the DB_PASSWORD variable is not set (optional)
  7.   .required()
  8.   // Decode DB_PASSWORD from base64 to a utf8 string (optional)
  9.   .convertFromBase64()
  10.   // Call asString (or other APIs) to get the variable value (required)
  11.   .asString();

  12. // Read in a port (checks that PORT is in the range 0 to 65535)
  13. // Alternatively, use a default value of 5432 if PORT is not defined
  14. const PORT = env.get('PORT').default('5432').asPortNumber()
  15. ```

TypeScript example

  1. ```ts
  2. import * as env from 'env-var';

  3. // Read a PORT environment variable and ensure it's a positive integer.
  4. // An EnvVarError will be thrown if the variable is not set, or if it
  5. // is not a positive integer.
  6. const PORT: number = env.get('PORT').required().asIntPositive();
  7. ```

For more examples, refer to the /example directory and EXAMPLE.md. A summary of the examples available in/example is written in the 'Other examples' section of EXAMPLE.md.


The examples above only cover a very small set of env-var API calls. There are many others such as asFloatPositive(), asJson() and asRegExp(). For a full list of env-var API calls, check out API.md.

You can also create your own custom accessor; refer to the 'extraAccessors' section of API.md.


Logging is disabled by default in env-var to prevent accidental logging of secrets.

To enable logging, you need to create an env-var instance using the from() function that the API provides and pass in a logger.

- A built-in logger is available, but a custom logger is also supported.
- Always exercise caution when logging environment variables!

Using the Built-in Logger

The built-in logger will print logs only when NODE_ENV is not set to either prod or production.

  1. ``` js
  2. const { from, logger } =  require('env-var')
  3. const env = from(process.env, {}, logger)

  4. const API_KEY = env.get('API_KEY').required().asString()
  5. ```

This is an example output from the built-in logger generated by running example/logging.js:

logging example output

Using a Custom Logger

If you need to filter env-var logs based on log levels (e.g. trace logging only) or have your own preferred logger, you can use a custom logging solution such as pino easily.

See the 'Custom logging' section of EXAMPLE.md for more information.

Optional integration with dotenv

You can optionally use dotenv with env-var.

There is no coupling between dotenv and env-var, but you can easily use them both together. This loose coupling reduces package bloat and allows you to start or stop using one without being forced to do the same for the other.

See the 'dotenv' section of EXAMPLE.md for more information.


Contributions are welcomed and discussed in CONTRIBUTING.md. If you would like to discuss an idea, open an issue or a PR with an initial implementation.