@t3-oss/env-core
Advanced tools
 [](https://jsr.io/@t3-oss/env-core) [](https://jsr.io/@t3-oss/env-core) [
This is the framework agnostic core package of t3-env.
For full documentation, see https://env.t3.gg
# npm
npm i @t3-oss/env-core
# pnpm
pnpm add @t3-oss/env-core
# bun
bun add @t3-oss/env-core
# deno
deno add jsr:@t3-oss/env-core
[!NOTE]
You may use any Standard Schema compliant validator of your choice. This example uses Zod. See the documentation for more details.
// src/env.ts
import { createEnv } from "@t3-oss/env-core";
import * as z from "zod";
export const env = createEnv({
/*
* Serverside Environment variables, not available on the client.
* Will throw if you access these variables on the client.
*/
server: {
DATABASE_URL: z.url(),
OPEN_AI_API_KEY: z.string().min(1),
},
/*
* Environment variables available on the client (and server).
*
* 💡 You'll get type errors if these are not prefixed with PUBLIC_.
*/
clientPrefix: 'PUBLIC_',
client: {
PUBLIC_CLERK_PUBLISHABLE_KEY: z.string().min(1),
},
/*
* Specify what values should be validated by your schemas above.
*/
runtimeEnv: process.env,
});
FAQs
 [](https://jsr.io/@t3-oss/env-core) [](https://jsr.io/@t3-oss/env-core) [
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Five malicious NuGet packages impersonate Chinese .NET libraries to deploy a stealer targeting browser credentials, crypto wallets, SSH keys, and local files.
Security News
pnpm 11 turns on a 1-day Minimum Release Age and blocks exotic subdeps by default, adding safeguards against fast-moving supply chain attacks.
Security News
The remediated findings include organization permission bugs, stale project access after transfers, OIDC replay edge cases, audit logging gaps, and an IDOR in API token deletion.