Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@nkp/config

Package Overview
Dependencies
Maintainers
1
Versions
21
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@nkp/config

Tools to bootstrap a configuration objects in JavaScript

latest
Source
npmnpm
Version
1.1.1
Version published
Maintainers
1
Created
Source

@nkp/config

npm version deploy status known vulnerabilities

Utility for parsing environment variables and bootstrapping configuration objects.

Table of contents

Exports

@nkp/config exports both CommonJS and ES modules.

Installation

npm

npm install @nkp/config

Yarn

yarn add @nkp/config

pnpm

pnpm add @nkp/config

Usage

Parsing objects

import { parse, boolean, string, integer, key, oneOf } from '@nkp/config';

/**
 * the parse function correctly sets the type of `config`
 * {
 *  DEBUG: false;
 *  MAIL: string | undefined;
 *  HOST: string;
 *  PORT: number;
 *  env: 'development' | 'testing' | 'production';
 * }
 */
const config = parse({
  // coerces DEBUG is a boolean defaulting to false if not provided
  DEBUG: boolean().default(false),

  // coerces MAIL_HOST to string, or leaves undefined if it doesn't exist
  MAIL_HOST: string().optional(),

  // coerces process.env.HOST to string
  HOST: string() ,

  // coerces process.env.PORT to string
  // if not provided, defaults to 3000
  PORT: integer().default(3000),

  // ensures procese.env.NODE_ENV is one of the given values
  env: key('NODE_ENV')
    .oneOf(['development', 'testing', 'production',] as const),
}, process.env);

Parsing values

Instead of parsing an object, a single key can be parsed.

import { key, string } from '@nkp/config';

// by key - required
const email1: string = key('EMAIL')
  .string()
  .parse(process.env);

// by key - optional
const email2: string | undefined = key('EMAIL')
  .string()
  .optional()
  .parse(process.env);

// by value - with default
const email3: string = string()
  .default('example@example.com')
  .parse(process.env['EMAIL']);

Default values

Default values can be provided.

import { key, integer } from '@nkp/config';
const port = key('PORT').integer().default(3000).parse(process.env);

Throws on missing values

If no default value is provided and the key is not found, an error will be thrown.

import { key, string } from '@nkp/config';
const vars = {};
const value = key('MISSING_VALUE').string().parse(vars);
// throws TypeError "MISSING_VALUE is not defined"

Publishing

To a release a new version:

  • Update the version number in package.json
  • Push the new version to the master branch on GitHub
  • Create a new release on GitHub for the latest version

This will trigger a GitHub action that tests and publishes the npm package.

Keywords

config
environment
TypeScript
JavaScript

FAQs

Package last updated on 04 Mar 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org

Research

/

Security News

Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org

Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.

By Olivia Brown  -  Oct 11, 2025
Socket Integrates With Bun 1.3’s Security Scanner API

Security News

Socket Integrates With Bun 1.3’s Security Scanner API

Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.

By Ahmad Nassri, Bradley Meck Farias  -  Oct 10, 2025