Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
dotenv-defaults
Advanced tools
What is dotenv-defaults?
The dotenv-defaults package is an extension of the dotenv package that allows you to load environment variables from a .env file, with the added functionality of specifying default values in a .env.defaults file. This is particularly useful for setting up default configurations while allowing overrides through a .env file.
What are dotenv-defaults's main functionalities?
Load environment variables with defaults
This feature allows you to load environment variables from a .env file and fall back to default values specified in a .env.defaults file if the variables are not defined in the .env file.
const dotenv = require('dotenv-defaults');
dotenv.config();
console.log(process.env.MY_VARIABLE);Specify custom paths for .env and .env.defaults files
This feature allows you to specify custom paths for your .env and .env.defaults files, giving you flexibility in organizing your configuration files.
const dotenv = require('dotenv-defaults');
dotenv.config({
path: './config/.env',
defaults: './config/.env.defaults'
});
console.log(process.env.MY_VARIABLE);Override default values with environment variables
This feature allows you to override default values specified in the .env.defaults file with environment variables set in the .env file or directly in the environment.
const dotenv = require('dotenv-defaults');
process.env.MY_VARIABLE = 'override_value';
dotenv.config();
console.log(process.env.MY_VARIABLE);Other packages similar to dotenv-defaults
dotenv
The dotenv package is a zero-dependency module that loads environment variables from a .env file into process.env. It does not support default values out of the box, but it is widely used and can be extended with custom logic to achieve similar functionality.
env-defaults
The env-defaults package allows you to set default values for environment variables directly in your code. It does not use .env or .env.defaults files, but it provides a programmatic way to set defaults, which can be useful in certain scenarios.
config
The config package provides a more comprehensive configuration management solution, supporting multiple configuration files, environment-specific configurations, and more. It is more complex than dotenv-defaults but offers greater flexibility and features.
dotenv-defaults
A dotenv system that supports defaults
Status
Installation
Use the following to install this module.
npm i dotenv-defaults --save
Usage
This module supports all the features from the original dotenv module, so usage should be simple enough:
# .env.defaults, safe to commit
HOST=website.com
EMAIL=test@email.com
# .env, DO NOT COMMIT
HOST=omnionline.us
The result
require('dotenv-defaults').config()
// Or you can also load it directly like this
require('dotenv-defaults/config')
console.log(process.env.HOST)
// Outputs: omnionline.us
console.log(process.env.EMAIL)
// Outputs: test@email.com
TypeScript
Since this module does not provide TypeScript Type Definitions if you try to import it like import dotenv from "dotenv-defaults" TypeScript will return an error.
Instead you should load it like this:
import "dotenv-defaults/config"
CLI
You can also call this module directly when using the node executable.
So, for example if you are running a custom script with node and you want to load your environment variables you can do the following node -r dotenv-defaults/config your-script.js. (When using this method, please make sure that you have installed dotenv-defaults with npm or yarn in the same directory)
Differences
The only thing to note is that the original module supported an options argument in the config function.
This module supports that as well, but there is an added defaults property that can allow you to define where that file is located. An example is shown below:
// all of these are the default values...
require(`dotenv-defaults`).config({
path: './.env',
encoding: 'utf8',
defaults: './.env.defaults' // This is new
})
License
MIT
FAQs
dotenv... but with defaults!
The npm package dotenv-defaults receives a total of 759,611 weekly downloads. As such, dotenv-defaults popularity was classified as popular.
We found that dotenv-defaults demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 17 Jan 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024