UNPKG

@hoangsonw/env-guard

Version:

Protect your .env files from missing or insecure configurations by validating environment variables against a schema and enforcing .env.example.

github.com/hoangsonww/EnvGuard-Env-Validator

hoangsonww/EnvGuard-Env-Validator

240 lines (164 loc) 6.73 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
# 🛡️ EnvGuard – Validate & Secure Your Environment Variables [![NPM version](https://img.shields.io/npm/v/env-guard.svg?style=flat&logo=npm)](https://www.npmjs.com/package/env-guard) [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg?style=flat&logo=opensource)](LICENSE) [![Node.js](https://img.shields.io/badge/Node-%3E%3D14-brightgreen.svg?style=flat&logo=node.js)](https://nodejs.org/) [![TypeScript](https://img.shields.io/badge/TypeScript-5.0%2B-blue.svg?style=flat&logo=typescript)](https://www.typescriptlang.org/) [![Jest](https://img.shields.io/badge/Jest-27.0%2B-cyan.svg?style=flat&logo=jest)](https://jestjs.io/) **EnvGuard** is an NPM package that validates your environment variables against a defined schema and enforces consistency with your `.env.example` file. Protect your application from misconfigurations and insecure defaults when working in teams or deploying to production. Currently available on NPM: [https://www.npmjs.com/package/@hoangsonw/env-guard](https://www.npmjs.com/package/@hoangsonw/env-guard) --- ## Table of Contents - [Features](#features) - [Installation](#installation) - [Usage](#usage) - [Basic Usage](#basic-usage) - [Advanced Usage](#advanced-usage) - [API Reference](#api-reference) - [Testing](#testing) - [Building & Publishing](#building--publishing) - [Contributing](#contributing) - [License](#license) --- ## Features - **Schema Validation:** Define required environment variables and insecure default values. - **.env Enforcement:** Compare your actual `.env` file against a provided `.env.example` file. - **Configurable Behavior:** Choose whether to warn or throw errors, and control key matching. - **TypeScript Support:** Fully written in TypeScript with complete type definitions. - **Cross-Platform:** Works in Node.js and integrates seamlessly into your deployment workflows. --- ## Installation ### Prerequisites - Node.js v14 or higher - npm v6 or higher ### Installing via NPM ```bash npm install @hoangsonw/env-guard ``` ### Installing via Yarn ```bash yarn add @hoangsonw/env-guard ``` --- ## Usage EnvGuard validates your environment variables based on a schema. It loads variables from your `.env` file and compares them against a reference `.env.example`. ### Basic Usage Create a schema for your environment variables and validate: ```ts import { validateEnv } from "@hoangsonw/env-guard"; const schema = { DB_HOST: { required: true, insecureValues: ["localhost", "127.0.0.1"] }, DB_PASSWORD: { required: true, insecureValues: ["12345", "password"] }, DB_USER: { required: false }, }; validateEnv({ schema, envFilePath: "./.env", // Defaults to "./.env" exampleFilePath: "./.env.example", // Defaults to "./.env.example" allowMissingExampleKeys: false, // Warn if keys mismatch throwOnError: false, // Only warn; set to true to throw errors }); ``` ### Advanced Usage You can customize EnvGuard’s behavior by changing options: - **`allowMissingExampleKeys`**: When `false`, it warns if there are extra keys in your `.env` or missing keys compared to `.env.example`. - **`throwOnError`**: When `true`, the function will throw errors instead of just logging warnings. Example: ```ts import { validateEnv } from "@hoangsonw/env-guard"; const schema = { API_KEY: { required: true }, DB_HOST: { required: true, insecureValues: ["localhost"] }, DB_PASSWORD: { required: true, insecureValues: ["password", "12345"] }, }; try { validateEnv({ schema, envFilePath: "./config/.env", exampleFilePath: "./config/.env.example", allowMissingExampleKeys: false, throwOnError: true, }); console.log("Environment variables validation passed!"); } catch (error) { console.error("Environment validation failed:", error); process.exit(1); } ``` > Note: The script might also parse environment variables from outside the `.env` file if they are already set in the environment of your machine or Node.js process. This can lead to some warnings in the console, if they are not defined in the `.env.example` file. You can safely ignore them. --- ## API Reference ### `validateEnv(options: EnvGuardOptions): void` **Parameters:** - **`schema: EnvSchema`** An object defining each environment variable’s requirements. _Example:_ ```ts { DB_HOST: { required: true, insecureValues: ["localhost"] }, API_KEY: { required: true } } ``` - **`envFilePath?: string`** Path to your `.env` file. Defaults to `"./.env"`. - **`exampleFilePath?: string`** Path to your `.env.example` file. Defaults to `"./.env.example"`. - **`allowMissingExampleKeys?: boolean`** If set to `false`, EnvGuard will warn about extra keys or missing keys between `.env` and `.env.example`. - **`throwOnError?: boolean`** If `true`, the function will throw an error when validations fail; otherwise, it will only log warnings. **Returns:** Nothing; it performs validation and logs warnings/errors as configured. --- ## Testing EnvGuard includes a Jest test suite. To run tests: 1. **Install dependencies:** ```bash npm install ``` 2. **Run tests:** ```bash npm test ``` Test files in the `__tests__` directory demonstrate how EnvGuard validates environment variables and compares `.env` to `.env.example`. --- ## Demo Scripts Run the demo scripts in the `__tests__` directory to see EnvGuard in action: 1. **Run the demo script (with no `basedir` option):** ```bash npm run demoNoBasedir ``` 2. **Run the demo script (with `basedir` option):** ```bash npm run demoWithBasedir ``` The demo scripts will show how EnvGuard validates environment variables and compares `.env` to `.env.example`. Check the console output for validation results. --- ## Building & Publishing ### Building Compile the TypeScript source: ```bash npm run build ``` ### Publishing 1. **Login to npm:** ```bash npm login ``` 2. **Publish the package:** ```bash npm publish --access public ``` --- ## Contributing Contributions are welcome! Follow these steps: 1. **Fork the Repository** 2. **Create a Feature Branch:** ```bash git checkout -b feature/my-new-feature ``` 3. **Commit Your Changes** 4. **Submit a Pull Request** For major changes, please open an issue first to discuss your ideas. --- ## License This project is licensed under the [MIT License](LICENSE). --- ## Final Remarks EnvGuard ensures your environment variables are correctly configured and secure, reducing misconfigurations in team settings and production deployments. With schema validation and `.env.example` enforcement, it helps maintain consistency and security in your projects. Happy guarding! 🛡️