![New axobject-query Maintainer Faces Backlash Over Controversial Decision to Support Legacy Node.js Versions](https://cdn.sanity.io/images/cgdhsj6q/production/86e6ebdea652d20da070ebbda20134b839972db7-1024x1024.webp?w=800&fit=max&auto=format)
Security News
New axobject-query Maintainer Faces Backlash Over Controversial Decision to Support Legacy Node.js Versions
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.
env-verifier
Advanced tools
Readme
Quickly verify that incoming variables from process.env aren't missing.
You probably have code that looks like this in your repo:
module.exports = {
database: {
name: process.env.DB_NAME
host: process.env.DB_HOST
password: process.env.DB_PASSWORD
},
baseUrl: process.env.BASE_URL
}
to get up and running quickly with a verified config file, you can replace the above with something like this:
const { strictVerify } = require('env-verifier')
//throws on one or more env misses
module.exports = strictVerify({
database: {
name: 'DB_NAME',
host: 'DB_HOST',
password: 'DB_PASSWORD'
},
baseUrl: 'BASE_URL'
})
This package exposes two verification functions - verify
and strictVerify
. Use verify
(as seen below) when you want to handle reporting missing values, and strictVerify
(as seen above) when you want, when any env
misses are encountered, us to throw a descriptive error containing all env
misses.
Use example for verify
:
const { verify } = require('env-verifier')
const { config, errors } = verify({
database: {
name: 'DB_NAME'
host: 'DB_HOST'
password: 'DB_PASSWORD'
},
baseUrl: 'BASE_URL'
})
// do custom error logging, possibly throw your own errors
errors.forEach(console.error)
module.exports = config
You can pass in your own env
object as a parameter as long as its an object that is non-nested and has key value pairs with undefined
or string
as their value type.
interface TransformFn {
(envValue: string): any
}
//see below
// [envKeyName, TransformFn]
type TransformTuple = [string, TransformFn]
interface ConfigWithEnvKeys {
[key: string]: string | InsertValue | TransformTuple | ConfigWithEnvKeys
}
interface MappedConfig {
[key: string]: any | string | undefined | Config
}
interface VerifiedConfig {
[key: string]: any | string | VerifiedConfig
}
interface Env {
[key: string]: string | undefined
}
function insert(value: any): InsertValue
function verify(config: ConfigWithEnvKeys, env: Env = process.env): { config: MappedConfig, errors: string[] }
function strictVerify(config: ConfigWithEnvKeys, env: Env = process.env): VerifiedConfig
You may have values that aren't present on your env
object, but that you would like to live in your config object, this can be achieved by using the insert()
function.
const { verify, insert } = require('env-verifier')
module.exports = verify({
appName: insert('my_app')
... // other env key names
}).config
//exports:
{
appName: 'my_app'
... // other env values
}
Error reports are generated when an env
variable is missing. An env
variable is considered missing under the following circumstances:
undefined
is returned from the env
object.''
, is returned from the env
object.verify
will always return the errors array, but it will be an empty array if there are no env
misses.
strictVerify
will not throw an error on the first encountered missing env
value. Instead it will continue in order to report all missing env
variables.
Since process.env only returns strings, sometimes its necessary to transform those strings into something else (IE: transform the string "true"
to a boolean true
)
This can be done by passing in an array (TransformTuple) containing the env
variable name, and the function that you would like to use to transform the env
variable value like so:
const config = {
useNewFeature: ['USE_NEW_FEATURE', trueOrFalse => trueOrFalse === 'true'],
... //other env variables
}
verify(config)
Transformation functions will not be run if its corresponding env value is missing.
This package works best with projects that have centralized config files, IE: You map your .env
variables to a config
object in a file, and import
/require
that config object wherever you need .env
values.
Other than that, just install the package and get going!
One of these:
npm install env-verifier
And one of these:
const { verify, strictVerify } = require('env-verifier')
And you're all set.
After you've ran npm install
, just run npm test
.
We use jest as our testing framework.
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
We use SemVer for versioning. For the versions available, see the tags on this repository.
See also the list of contributors who participated in this project.
This project is licensed under the MIT License - see the LICENSE file for details.
FAQs
"Make sure you have all your env variables!"
The npm package env-verifier receives a total of 8 weekly downloads. As such, env-verifier popularity was classified as not popular.
We found that env-verifier demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.
Security News
Results from the 2023 State of JavaScript Survey highlight key trends, including Vite's dominance, rising TypeScript adoption, and the enduring popularity of React. Discover more insights on developer preferences and technology usage.
Security News
The US Justice Department has penalized two consulting firms $11.3 million for failing to meet cybersecurity requirements on federally funded projects, emphasizing strict enforcement to protect sensitive government data.