🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

vite-plugin-runtime

Package Overview
Dependencies
Maintainers
0
Versions
14
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

vite-plugin-runtime

Vite plugin that enables configuring runtime environment variables when building

1.4.0
latest
Source
npm
Version published
Weekly downloads
2.6K
-0.53%
Maintainers
0
Weekly downloads
 
Created
Source

vite-plugin-runtime

Coverage Quality Gate Status License

Inject runtime environment variables and html based on the vite mode.

Installation

npm install --save-dev vite-plugin-runtime

or

yarn add vite-plugin-runtime --dev

runtimeEnv

Summary

This plugin allows build toolchains to inject variables at compile time instead of relying on multiple .env.* environment dotenv files. This is especially useful for values that need to be managed externally from source code.

This plugin replaces usage of import.meta.env.VITE_* with import.meta.env.*.

vitevite-plugin-runtime
import.meta.env.VITE_APP_KEYimport.meta.env.APP_KEY

.env file

vitevite-plugin-runtime
VITE_APP_KEY=some valueAPP_KEY=some value

During the build this plugin will convert all occurences of import.meta.env.* to window.env.*

CodeRuntime
import.meta.env.APP_KEYwindow.env.APP_KEY

Usage

vite.config

The plugin options can be injected in the constructor or as a separate object on the vite config object.

import { runtimeEnv } from 'vite-plugin-runtime';

export default defineConfig({
  plugins: [
    runtimeEnv(),
  ],
  runtimeEnv: {}, // optional configuration object

Configuration

name

This is the name of the object attached to the window instance. Default is env.

name?: (() => string) | string

runtimeEnv({
  name: 'customName',
}),

outputs window.customName.*

generateTypes

Specificies whether to generate typescript types for import.meta.env. Default is false.

generateTypes?: boolean

runtimeEnv({
  generateTypes: true,
}),

generatedTypesPath

The path to generate typescript types. Only takes affect if generateTypes is true. Default is process.cwd()

generatedTypesPath?: (() => string) | string

runtimeEnv({
  generatedTypesPath: () => './src',
}),

generatedTypesPath combined with generateTypes will create a type definition file env.d.ts:

/** generated by vite-plugin-runtime */
interface ImportMetaEnv {
  readonly APP_KEY: string;
}
interface ImportMeta {
  readonly env: ImportMetaEnv;
}

injectHtml

Specifies whether to inject an env loading script into index.html. Defaults to true.

injectHtml?: boolean

runtimeEnv({
  injectHtml: false,
}),

When true the plugin will inject

<script type="module">
  import rtenv from '/env.js';
  window.env = { ...window.env, ...rtenv };
</script>

into the index.html <head></head> section.

The generated script will resemble:

export default {
  APP_KEY: 'some value',
};

envsubstTemplate

Specifies whether to create an envsubst template file at build time. Defaults to false.

envsubstTemplate?: boolean

runtimeEnv({
  envsubstTemplate: true,
}),

When true the plugin will create the following template file:

export default {
  APP_KEY: $APP_KEY,
};

runtimeHtml

Summary

This plugin allows an easy way to inject html into index.html at compile time based on the vite mode. This is useful for scripts like google tag manager that should only be loaded for certain environments like production.

Usage

vite.config

The plugin options can be injected in the constructor or as a separate object on the vite config object.

import { runtimeHtml } from 'vite-plugin-runtime';

export default defineConfig({
  plugins: [
    runtimeHtml(),
  ],
  runtimeHtml: {}, // optional configuration object

Configuration

see HtmlTagDescriptor

mode: HtmlTagDescriptor[]

runtimeHtml({
  production: [
      {
        tag: 'script',
        attrs: {
          type: 'text/javascript',
          src: '/some_file.js',
        },
        injectTo: 'head',
      },
    ],
  staging: [
    {
      tag: 'title',
      children: 'Staging',
    }
  ]
}),

Keywords

flexbase
flex
vite
vite-plugin

FAQs

Package last updated on 16 Dec 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

libxml2 Maintainer Ends Embargoed Vulnerability Reports, Citing Unsustainable Burden

Security News

libxml2 Maintainer Ends Embargoed Vulnerability Reports, Citing Unsustainable Burden

Libxml2’s solo maintainer drops embargoed security fixes, highlighting the burden on unpaid volunteers who keep critical open source software secure.

By Sarah Gooding  -  Jun 17, 2025
The Growing Risk of Malicious Browser Extensions

Research

Security News

The Growing Risk of Malicious Browser Extensions

Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.

By Kush Pandya  -  Jun 13, 2025