Skip to content

PaulJPhilp/effect-env

BranchesTags

Repository files navigation

effect-env — typed, testable, policy-aware env for Effect apps

npm version GitHub License: MIT

A TypeScript library for managing environment variables with type safety, schema validation, and security features using Effect.

Features

  • Type-safe: Full TypeScript inference from @effect/schema definitions
  • Schema-driven: Validation, transformation, and type inference in one place
  • Server/Client separation: Prevent secrets from leaking to client bundles (t3-env style)
  • Prefix enforcement: Automatic validation that client vars use correct prefix
  • Testable: Built on Effect layers, easy to mock in tests
  • Secure: Redaction helpers for safe logging, production-safe overrides
  • Effect-native: Full composability with Effect ecosystem

Installation

npm install effect-env # or bun add effect-env

Quickstart

Simple Usage (Single Schema)

import { Schema as S } from "effect" import { createSimpleEnv, EnvService } from "effect-env" // 1. Define your schema const env = createSimpleEnv( S.Struct({ NODE_ENV: S.Literal("development", "production", "test"), PORT: S.NumberFromString, DATABASE_URL: S.String }), process.env ) // 2. Use in your program const program = Effect.gen(function* () { const envService = yield* EnvService const port = yield* envService.get("PORT") // typed as number const dbUrl = yield* envService.get("DATABASE_URL") // typed as string return { port, dbUrl } }) // 3. Run with the env layer Effect.runPromise(Effect.provide(program, env))

Server/Client Separation (t3-env style)

import { Schema as S } from "effect" import { createEnv, EnvService } from "effect-env" const env = createEnv({ // Server-only variables (never exposed to client) server: S.Struct({ DATABASE_URL: S.String, API_SECRET: S.String, JWT_SECRET: S.String }), // Client-safe variables (sent to browser) // Must start with the clientPrefix! client: S.Struct({ PUBLIC_API_URL: S.String, PUBLIC_APP_NAME: S.String }), clientPrefix: "PUBLIC_", runtimeEnv: process.env }) const program = Effect.gen(function* () { const envService = yield* EnvService // All typed correctly and safely const apiUrl = yield* envService.get("PUBLIC_API_URL") const secret = yield* envService.get("API_SECRET") return { apiUrl, secret } }) Effect.runPromise(Effect.provide(program, env))

Schema Transformations

Use Effect Schema's built-in transformations:

const env = createSimpleEnv( S.Struct({ PORT: S.NumberFromString, // String → Number DEBUG: S.BooleanFromString, // "true" | "false" → boolean CONFIG: S.parseJson(S.Unknown), // JSON string → object LOG_LEVEL: S.optionalWith(S.String, { default: () => "info" // Defaults }) }) )

Testing with Override

it("uses overridden PORT", async () => { const program = Effect.gen(function* () { const env = yield* EnvService // Override just for this effect return yield* env.withOverride("PORT", "9000")( env.get("PORT") ) }) const result = await Effect.runPromise(Effect.provide(program, env)) expect(result).toBe("9000") }) // Note: withOverride is disabled in production (process.env.NODE_ENV === "production")

Validation

Validate environment at startup for clear error reporting:

import { validate } from "effect-env" const envSchema = S.Struct({ PORT: S.NumberFromString, API_KEY: S.String }) // In dev/test: prints friendly table and continues // In production: fails fast with exit code await Effect.runPromise(validate(envSchema, process.env))

Sample validation report:

Key | Status | Details -------------|--------------|-------- API_KEY | missing | required but not provided PORT | invalid | Expected number, actual "abc"

Redaction

Safely log environment variables without exposing secrets:

import { redact } from "effect-env" const safeEnv = redact(process.env) // { NODE_ENV: "development", API_KEY: "***", DB_PASSWORD: "***" } // Custom matchers const safeEnv = redact(process.env, { extra: ["SESSION_ID", /^CUSTOM_/] })

Redacts keys containing (case-insensitive): key, token, secret, password, pwd, private, bearer, api, auth.

Testing

Test with createSimpleEnv or createEnv using a test record:

import { createSimpleEnv, EnvService } from "effect-env" import { describe, it, expect } from "vitest" const testEnv = createSimpleEnv( S.Struct({ PORT: S.NumberFromString, DATABASE_URL: S.String }), { PORT: "3000", DATABASE_URL: "postgres://localhost" } ) it("reads typed env vars", async () => { const program = Effect.gen(function* () { const env = yield* EnvService return yield* env.get("PORT") // 3000 }) const result = await Effect.runPromise(Effect.provide(program, testEnv)) expect(result).toBe(3000) })

Or with withOverride in dev/test:

const program = Effect.gen(function* () { const env = yield* EnvService return yield* env.withOverride("PORT", "8080")(env.get("PORT")) }) const result = await Effect.runPromise(Effect.provide(program, env)) expect(result).toBe("8080")

API Reference

createEnv(config)

Create a typed environment layer with server/client separation.

createEnv({ server: S.Schema<Server>, // Server-only variables client: S.Schema<Client>, // Client-safe variables clientPrefix: "PUBLIC_", // Prefix for client vars runtimeEnv?: Record<string, string>, // Default: process.env skipValidation?: boolean, // Default: false onValidationError?: (error) => void // Custom error handler }): Layer<Env<Server & Client>>

createSimpleEnv(schema, runtimeEnv?, skipValidation?, onValidationError?)

Create a simple typed environment layer (no server/client separation).

createSimpleEnv( schema: S.Schema<T>, // Environment schema runtimeEnv?: Record<string, string>, // Default: process.env skipValidation?: boolean, // Default: false onValidationError?: (error) => void // Custom error handler ): Layer<Env<T>>

EnvService Methods

  • get<K>(key: K): Effect<E[K], EnvError> - Get typed value
  • require<K>(key: K): Effect<NonNullable<E[K]>, MissingVarError> - Require non-null
  • all(): Effect<E> - Get all values
  • withOverride<K>(key: K, value: string)(fa: Effect<A>): Effect<A> - Override for testing (disabled in production)

Utilities

  • validate(schema: S.Schema<E>, source: Record<string, string | undefined>, opts?): Effect<void, ValidationError> - Startup validation
  • redact(record: Record<string, string | undefined>, opts?): Record<string, string | undefined> - Safe logging

Legacy APIs (deprecated)

  • fromProcess, fromDotenv, fromRecord - Use createSimpleEnv instead
  • makeEnvSchema - Wrapper no longer needed with direct Schema usage

Notes

  • Security: Never log raw env vars. Use redact() for safe logging.
  • Type Inference: All types flow through the schema; no additional type annotations needed.
  • Defaults: Use S.optionalWith(S.String, { default: () => "value" }) for defaults.
  • Errors: Clear messages include key names and value snippets for debugging.
  • Production: Validation fails fast; withOverride is disabled.
  • Server/Client: Client variables MUST start with the configured prefix (default "PUBLIC_").

Contributing

PRs welcome! Run npm test and npm run typecheck before submitting.

License

MIT

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

41 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Contributors

Languages