npm

Join us for the "JavaScript Supply Chain Security" tech talk, presented by VP of Security, Adam Baldwin. 6/20 at 10am PT.Sign up here »

dotenv-save

1.2.0 • Public • Published

dotenv

dotenv

Dotenv loads environment variables from .env into ENV (process.env).

BuildStatus NPM version js-standard-style

"Storing configuration in the environment is one of the tenets of a twelve-factor app. Anything that is likely to change between deployment environments–such as resource handles for databases or credentials for external services–should be extracted from the code into environment variables.

But it is not always practical to set environment variables on development machines or continuous integration servers where multiple projects are run. Dotenv loads variables from a .env file into ENV when the environment is bootstrapped."

Brandon Keepers' Dotenv in Ruby

Install

npm install dotenv --save

Usage

As early as possible in your application, require and load dotenv.

require('dotenv').load();

Create a .env file in the root directory of your project. Add environment-specific variables on new lines in the form of NAME=VALUE. For example:

DB_HOST=localhost
DB_USER=root
DB_PASS=s1mpl3

That's it.

process.env now has the keys and values you defined in your .env file.

db.connect({
  host: process.env.DB_HOST,
  username: process.env.DB_USER,
  password: process.env.DB_PASS
});

Config

config will read your .env file, parse the contents, and assign it to process.env - just like load does. You can additionally, pass options to config.

Note: config and load are synonyms. You can pass options to either.

Options

Path

Default: .env

You can specify a custom path if your file containing environment variables is named or located differently.

require('dotenv').config({path: '/custom/path/to/your/env/vars'});

Encoding

Default: utf8

You may specify the encoding of your file containing environment variables using this option.

require('dotenv').config({encoding: 'base64'});

Parse

The engine which parses the contents of your file containing environment variables is available to use. It accepts a String or Buffer and will return an Object with the parsed keys and values.

var dotenv  = require('dotenv');
var buf    = new Buffer('BASIC=basic');
var config  = dotenv.parse(buf); // will return an object
console.log(typeof config, config) // object { BASIC : 'basic' }

Rules

The parsing engine currently supports the following rules:

  • BASIC=basic becomes {BASIC: 'basic'}
  • empty lines are skipped
  • lines beginning with # are treated as comments
  • empty values become empty strings (EMPTY= becomes {EMPTY: ''})
  • single and double quoted values are escaped (SINGLE_QUOTE='quoted' becomes {SINGLE_QUOTE: "quoted"})
  • new lines are expanded if in double quotes (MULTILINE='new\nline' becomes
{MULTILINE: 'new
line'}
  • inner quotes are maintained (think JSON) (JSON={"foo": "bar"} becomes {JSON:"{\"foo\": \"bar\"}")

Expanding Variables

Basic variable expansion is supported.

BASIC=basic
TEST=$BASIC

Parsing that would result in {BASIC: 'basic', TEST: 'basic'}. You can escape variables by quoting or beginning with \ (e.g. TEST=\$BASIC). If the variable is not found in the file, process.env is checked. Missing variables result in an empty string.

BASIC=basic
TEST=$TEST
DNE=$DNE
TEST=example node -e 'require("dotenv").config();'
  • process.env.BASIC would equal basic
  • process.env.TEST would equal example
  • process.env.DNE would equal ""

FAQ

Should I commit my .env file?

No. We strongly recommend against committing your .env file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.

Contributing

See Contributing Guide

Who's using dotenv

Here's just a few of many repositories using dotenv:

install

npm i dotenv-save

Downloadsweekly downloads

44

version

1.2.0

license

BSD

homepage

github.com

repository

Gitgithub

last publish

collaborators

  • avatar
Report a vulnerability