Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@welldone-software/env-config

Package Overview
Dependencies
Maintainers
2
Versions
5
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@welldone-software/env-config

Small and powerfull config library

Source
npmnpm
Version
1.0.0
Version published
Weekly downloads
2
Maintainers
2
Weekly downloads
 
Created
Source

Overview

Have your configuration in one place, organized in a js native structure, possbily hirarchial, but still easily configurable and overideable by environment variables, as recommended by the Twelve-Factor App methodology

{
  port: 1234,
  db: {
    hostName: 'example.com',
    port: 4321,
  },
  friends: ['Adam', 'Rachel'],
  isCors: true
}

This Small and powerfull config library reada keys from the config object and searches proccess.env for corresponding keys according to a naming convension.

This allows your apps to use config objects that fully support literal objects, literal arrays, numbers, strings and booleans , while stil being configured/overidden by env vars.

Conventions

  • JS config object is literal javascript object with camalCase members.
  • The environment variables are expected in UPPER_SNAKE_CASE convention.
  • Two underscores (__) mean nesting, e.g. DB_SETTINGS__CONNECTION_STRING translated to dbSettings.connectionString
  • Supports String, Boolean, Number and Array values.
  • Types are determined by defaults in config file.

Usage

Environment variables (specified in .env file)

DB__HOST_NAME=mydomain.com
DB__PORT=3060
DB__USER=ADMIN
DB__PASSWORD=ygIYDG*&h8&ADSGH
IS_CORS=false
ANOTHER_KEY=anothervalue
FRIENDS__1=Sara

config.js

const mapEnv = require('@welldone-software/env-config')

module.exports = mapEnv({
  port: 1234,
  db: {
    hostName: 'example.com',
    port: 4321,
    user: '',
    password: '',
  },
  friends: ['Adam', 'Rachel'],
  isCors: true
})

result

{
  port: 1234,
  db: {
    hostName: 'mydomain.com',
    port: 3060,
    user: 'ADMIN',
    password: 'ygIYDG*&h8&ADSGH',
  },
  friends: ['Adam', 'Sara'],
  isCors: false
}

Advantages

  • Single source of truth - one place to define all posibble config keys.
  • Simple to use but still allows for rather complex configurations: not just strings and not just flat structures.
  • Uses 'native' naming convention in each environment so configs look natural both in JS and in ENV.
  • Much more readable than the alternative: const port = proccess.env.PORT || 1000

Roadmap

  • Add typing support (typescript and Flow)

Keywords

dotenv
config

FAQs

Package last updated on 11 Jun 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org

Research

/

Security News

Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org

Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.

By Olivia Brown  -  Oct 11, 2025
Socket Integrates With Bun 1.3’s Security Scanner API

Security News

Socket Integrates With Bun 1.3’s Security Scanner API

Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.

By Ahmad Nassri, Bradley Meck Farias  -  Oct 10, 2025