Socket
Socket
Sign inDemoInstall

loose-envify

Package Overview
Dependencies
1
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

    loose-envify

Fast (and loose) selective `process.env` replacer using js-tokens instead of an AST


Version published
Weekly downloads
20M
decreased by-18.69%
Maintainers
1
Install size
22.3 kB
Created
Weekly downloads
 

Package description

What is loose-envify?

The loose-envify npm package is a fast (loose) selective process.env replacer using js-tokens instead of an AST. It is commonly used to replace process.env.NODE_ENV with a static value allowing for dead code elimination in browser bundles.

What are loose-envify's main functionalities?

Environment Variable Replacement

Replaces instances of process.env.NODE_ENV with a user-defined string, allowing conditional code to be statically evaluated and potentially removed by minifiers.

"if (process.env.NODE_ENV !== 'production') { console.log('Debug info') }"

Other packages similar to loose-envify

Readme

Source

loose-envify

Build Status

Fast (and loose) selective process.env replacer using js-tokens instead of an AST. Works just like envify but much faster.

Gotchas

  • Doesn't handle broken syntax.
  • Doesn't look inside embedded expressions in template strings.
    • this won't work:
    console.log(`the current env is ${process.env.NODE_ENV}`);
    
  • Doesn't replace oddly-spaced or oddly-commented expressions.
    • this won't work:
    console.log(process./*won't*/env./*work*/NODE_ENV);
    

Usage/Options

loose-envify has the exact same interface as envify, including the CLI.

Benchmark

envify:

  $ for i in {1..5}; do node bench/bench.js 'envify'; done
  708ms
  727ms
  791ms
  719ms
  720ms

loose-envify:

  $ for i in {1..5}; do node bench/bench.js '../'; done
  51ms
  52ms
  52ms
  52ms
  52ms

Keywords

FAQs

Last updated on 10 Jul 2018

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc