dotenv
by motdotla
Dotenv is a zero-dependency Node.js module that loads environment variables from a .env file into process.env, enabling configuration management separate from code.
Loads environment variables from .env for nodejs projects.
Primary Use Case
Dotenv is primarily used by Node.js developers to manage application configuration through environment variables stored in a .env file, following the Twelve-Factor App methodology. It simplifies secrets management and configuration across different environments, making it ideal for development, testing, and deployment workflows.
- Loads environment variables from a .env file into process.env
- Zero dependencies for lightweight integration
- Supports multiline environment variable values
- Allows comments and inline comments in .env files
- Provides a parsing engine to parse environment variable strings or buffers
- Supports custom .env file paths
- Compatible with multiple npm-compatible package managers (npm, yarn, bun, pnpm)
Installation
- npm install dotenv --save
- yarn add dotenv
- bun add dotenv
- pnpm add dotenv
Usage
>_ require('dotenv').config()Loads environment variables from the .env file into process.env at runtime.
>_ import 'dotenv/config'ES6 import syntax to load environment variables with default config.
>_ import dotenv from 'dotenv'; dotenv.config({ path: '/custom/path/to/.env' })ES6 import with custom configuration to specify a custom .env file location.
>_ dotenv.parse(Buffer.from('BASIC=basic'))Parses a string or buffer containing environment variable definitions and returns an object.
- Integrate dotenv with CI/CD pipelines to automate secure configuration management and secrets injection.
- Combine dotenv with encrypted secrets management tools (e.g., HashiCorp Vault) for enhanced secret protection.
- Use dotenv in development and testing environments to prevent hardcoding secrets and reduce exposure risks.
- Implement environment-specific .env files with strict access controls to limit credential exposure.
- Leverage dotenv parsing capabilities to automate validation and scanning of environment variables for sensitive data leaks.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about dotenv. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
server
nextcloud/server
☁️ Nextcloud server, a safe home for all your data
gitleaks
gitleaks/gitleaks
Find secrets with Gitleaks 🔑
trufflehog
trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
Ciphey
bee-san/Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
sops
getsops/sops
Simple and flexible tool for managing secrets
ecapture
gojue/ecapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.