βββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β βββββββ βββββββ βββββββββββ ββββββ βββ β
β ββββββββββββββββββββββββββββ βββββββ ββββ β
β βββ βββ ββββββββββββββββββ βββββββ β
β βββ βββ ββββββββββββββββββ βββββββ β
β ββββββββββββββββββββββββββββ ββββββ βββ β
β βββββββ βββββββ βββββββββββ ββββββ βββ β
β β
β The Ultimate Environment Variable Manager β
β v1.0.0 β
βββββββββββββββββββββββββββββββββββββββββββββββββββββ
Validate, Type, Encrypt, Sync, and Never Ship Broken Configs Again.
Getting Started Β· Schema Reference Β· CLI Reference Β· Vault Guide Β· Docs
Every project uses environment variables. Every project gets them wrong eventually.
- Missing variables crash production at 3 AM.
- Wrong types (
process.env.PORTis always a string) cause silent bugs. - Leaked secrets in
.envfiles end up in git history forever. - Drifting
.env.examplefiles lead to confusing onboarding for new developers. - No validation means you find out about missing configs at runtime.
ultraenv solves all of these problems with a single, zero-dependency library that provides:
| Problem | ultraenv Solution |
|---|---|
No type safety for process.env |
Full TypeScript inference from schema |
| Secrets leaked in git | Built-in secret scanner with 55+ patterns |
No .env validation |
Schema engine with 30+ validators |
| Secrets in plain text | AES-256-GCM encrypted vault |
.env.example out of sync |
Auto-sync with watch mode |
| No multi-environment support | Multi-env management (dev, staging, prod) |
| Can't use in CI/CD | CI commands with SARIF output |
| Hard to migrate from dotenv | Drop-in replacement with load() |
| Feature | ultraenv | dotenv | envalid | @t3-oss/env |
|---|---|---|---|---|
Parse .env files |
β | β | β | β |
| TypeScript inference | β Full | β | β Partial | β Full |
| Schema validators | β 30+ | β | β 8 | β Via zod |
| String validators | β 20+ | β | β | Via zod |
| Secret scanning | β 55+ patterns | β | β | β |
| Encrypted vault | β AES-256-GCM | β | β | β |
| Key rotation | β | β | β | β |
.env.example sync |
β Watch mode | β | β | β |
| Type generation | β
.d.ts / module / JSON Schema |
β | β | β |
| Multi-environment | β 11 file variants | β | β | β |
| Framework presets | β 9 presets | β | β | β |
| CI/CD integration | β SARIF output | β | β | β |
| Variable interpolation | β
$VAR / ${VAR} |
β | β | β |
| File cascade | β Priority-based | β | β | β |
| Hot reload watcher | β | β | β | β |
| Health check API | β | β | β | β |
| Express middleware | β | β | β | β |
| Fastify plugin | β | β | β | β |
| SARIF output | β | β | β | β |
| Git hook integration | β | β | β | β |
| dotenv-compatible API | β | β | β | β |
| Zero dependencies | β | β | β | β |
| Node.js | β₯ 18 | β₯ 12 | β₯ 14 | β₯ 18 |
Get started in three steps:
npm install ultraenvCreate an env.ts file:
import { defineEnv, t } from 'ultraenv';
const env = defineEnv({
DATABASE_URL: t.string().format('url').required(),
PORT: t.number().port().default(3000),
NODE_ENV: t.enum(['development', 'staging', 'production'] as const).required(),
DEBUG: t.boolean().default(false),
ADMIN_EMAIL: t.email().optional(),
ALLOWED_ORIGINS: t.array().separator(';').default(['http://localhost:3000']),
CACHE_TTL: t.duration().default('1h'),
MAX_UPLOAD_SIZE: t.bytes().default('10MB'),
});
export default env;import env from './env';
const server = createServer({
port: env.PORT, // number
host: env.HOST, // string
databaseUrl: env.DATABASE_URL,
});npm install ultraenv
pnpm add ultraenv
yarn add ultraenv
bun add ultraenvnpm install -g ultraenv
ultraenv init
ultraenv validate
ultraenv scan| Command | Description |
|---|---|
ultraenv init |
Initialize project |
ultraenv validate |
Validate environment variables |
ultraenv typegen |
Generate TypeScript types |
ultraenv sync |
Sync .env.example |
ultraenv scan |
Scan for leaked secrets |
ultraenv debug |
Show diagnostics |
ultraenv protect |
Check .gitignore protection |
ultraenv doctor |
Run self-checks |
ultraenv vault * |
Vault encrypt/decrypt/rekey |
ultraenv envs * |
Multi-environment management |
ultraenv ci * |
CI/CD integration commands |
All schema builders via the t factory:
import { defineEnv, t } from 'ultraenv';
t.string().format('url').required()
t.number().port().default(3000)
t.boolean().default(false)
t.enum(['a', 'b'] as const).required()
t.url({ protocols: ['https'] }).required()
t.email().optional()
t.array().separator(';').trimItems().required()
t.json<{ theme: string }>().required()
t.duration().default('1h')
t.bytes().default('10MB')
t.path({ mustExist: false }).default('./uploads')
t.uuid({ version: 4 }).required()
t.ip().required()
t.cron().default('0 2 * * *')ultraenv vault init --env production
ultraenv vault encrypt --env production
git add .env.vault # safe to commit!
ultraenv vault decrypt --env production- Algorithm: AES-256-GCM
.env.vaultβ commit β.env.keysβ gitignore β
ultraenv scan # Scan files
ultraenv scan --scope git-history # Scan git history
ultraenv scan --format sarif --output results.sarif # GitHub Code Scanning55+ patterns: AWS, GitHub, Google, Stripe, Slack, private keys, DB URLs, and more.
git clone https://github.com/Avinashvelu03/ultraenv.git
cd ultraenv && npm install
npm test
npm run buildMIT Β© 2024 Avinash Velu
βββββββ βββββββ ββββ βββ ββββββ βββββββββββββββββ
ββββββββββββββββββββββ ββββββββββββββββββββββββββββ
βββ ββββββ βββββββββ βββββββββββ βββ ββββββ
βββ ββββββ βββββββββββββββββββββ βββ ββββββ
ββββββββββββββββββββ βββββββββ βββ βββ ββββββββ
βββββββ βββββββ βββ ββββββββ βββ βββ ββββββββ
ultraenv is solo-built and freely available to every developer on Earth. If it saved your secrets, saved your sanity, or caught a leak before prod β it earned your support.
Zero-cost support:
- β Star on GitHub
- π Report a bug or request a feature
- π£ Share ultraenv with your team or in your community
Made with β€οΈ by Avinash Velu