Security News
OpenJS: “XZ Utils Cyberattack Likely Not an Isolated Incident”
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
esbuild-envfile-plugin
Advanced tools
Weekly downloads
Readme
This package is a plugin for esbuild. When used, it will look for a .env file in the current project file's directory, or any parent, until it finds one. It will combine the found .env variables with the system-wide process.env variables, which can all be used from the project file. It uses the 'dotenv' package to parse the .env file (the package isn't loaded into your project, only into the esbuild script).
npm install esbuild esbuild-envfile-plugin dotenv --save-dev
const envFilePlugin = require('esbuild-envfile-plugin');
require('esbuild').build({
plugins: [envFilePlugin]
});
import { SOME_ENV_VARIABLE } from 'env';
// or:
import * as env from 'env';
//env.SOME_ENV_VARIABLE;
// Config: relative to where npm command is run:
const APP_BASE = 'src';
const ENTRY_FILE = 'index.ts';
const OUTPUT_DIR = 'build';
const OUTPUT_FILE = 'app.js';
const IS_DEV = true;
const TARGET = 'es2018';
function build(entryFile, outFile) {
require('esbuild').build({
entryPoints: [entryFile],
outfile: outFile,
platform: 'node',
bundle: true,
define: { "process.env.NODE_ENV": IS_DEV ? "\"development\"" : "\"product\"" },
target: TARGET,
logLevel: 'silent'
plugins: [envFilePlugin] // <**************** USAGE ****************
})
.then(r => { console.log("Build succeeded.") })
.catch((e) => {
console.log("Error building:", e.message);
process.exit(1)
})
}
build(`${APP_BASE}/${ENTRY_FILE}`, `${OUTPUT_DIR}/${OUTPUT_FILE}`);
FAQs
esbuild plugin to load a .env file from the current directory or any parent. It will combine the environment variables with existing/system-wide process.env variables.
The npm package esbuild-envfile-plugin receives a total of 3,173 weekly downloads. As such, esbuild-envfile-plugin popularity was classified as popular.
We found that esbuild-envfile-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
Company News
Come meet the Socket team at BSidesSF and RSA! We're sponsoring several fun networking events and we would love to see you there.
Security News
OSI is starting a conversation aimed at removing the excuse of the SaaS loophole for companies navigating licensing and the complexities of doing business with open source.