frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: envapt, typed env config for decoupled TS codebases (Node to edge)

https://github.com/materwelonDhruv/envapt
1•materwelon•1h ago
Hi HN. I'm Dhruv and I've been working on envapt for about a year now and I've FINALLY completed the roadmap I scope creeped and QA'd over the past few months. It reads environment config in TypeScript and returns the typed value instead of string | undefined, from whatever source you bind. It runs on Node, Bun, Deno, Cloudflare Workers, the browser, and well, anywhere.

Most typed-env libraries have you declare every variable in one central schema and read the result from one object. That works well for a single application. Mostly. That didn't work for me because in a framework or a monorepo, decoupled packages each read their own config values, and sharing one config object across every package just doesn't make sense to me, plus some other nits.

envapt does the opposite. You bind a source once at startup, and on Node/Deno/Bun it binds your .env files and process.env for you, with cascading profiles per environment. After that, ANY typed read in ANY file uses that source, and each value is validated at the place that reads it. All you gotta do is import the reader from 'envapt'.

Say different files each need their own config. Each one just reads what it needs.

  // db.ts
  import { Envapter, Converters } from 'envapt';
  export const dbUrl = Envapter.getRequired('DATABASE_URL', Converters.Url);
  export const poolSize = Envapter.getNumber('POOL_SIZE', 10);
  // getRequired throws if the var is missing. fail fast!

  // http.ts (your api file with CORS)
  import { Envapter, Converters } from 'envapt';
  export const allowedOrigins = Envapter.getUsing(
    'ALLOWED_ORIGINS',
    Converters.array({ of: Converters.Url }),
    []
  ); // 'a.com,b.com' -> URL[]
No config object is passed between them. Each reads from the source you bound once.

Built-in converters cover the usual primitives plus JSON, URL, RegExp, Date, duration, port, email, and typed arrays. A fallback removes undefined from the return type so you don't need to do stuff like value ?? defaultValue everywhere. You can also provide your own converter or validator as a custom function.

Oh. It also has both TC39 and legacy decorators: @EnvTime('TTL', '1h') static accessor ttl. Fully type checked at compile time.

If you already validate with zod, valibot, or arktype, hand that schema to envapt and it runs the value through it (if it exists).

  import { z } from 'zod';
  import { Envapter } from 'envapt';
  const logLevel = Envapter.parse(
    'LOG_LEVEL',
    z.enum(['debug', 'info', 'warn', 'error']),
    'info'
  );
  // 'debug' | 'info' | 'warn' | 'error'
envapt depends on the Standard Schema interface, so any conformant validator works and none is added to your lockfile. Aaaand it has zero runtime and zero peer dependencies.

Oh, also. env values can reference each other and resolve at read time, like DATABASE_URL=postgres://${DB_HOST}/${DB_NAME}. A reference cycle is caught and left as text so it doesn't crash your app.

The last four majors, mainly v8, came out of me using envapt in my own projects and finding more to offload to it. seedcord, a Discord bot framework I maintain, builds bots that run on a gateway server and on Cloudflare Workers. On the edge there is no filesystem and no process.env, and before v8 that split needed a different import per runtime and some manual wiring. Now it is one import. The package exports resolve the file build on Node/Bun/Deno and the portable build on Workers, edge, and the browser. seedcord binds the Worker env as the source in its build step, so a user writes their config once and the same code reads .env files in dev and the injected Worker env in production, with no per-runtime branch.

Anyhow, it is on npm <https://www.npmjs.com/package/envapt> and JSR <https://jsr.io/@materwelon/envapt>. Docs <https://envapt.materwelon.dev> (It can do a lot more).

Pls try :)!!!

Bloom Energy's Big Lie

https://hntrbrk.com/investigations/bloom
1•jaredwiener•2m ago•0 comments

A full body MRI earns you a year of smoking

https://entropicthoughts.com/full-body-mri-earns-you-a-base-jump
1•kqr•3m ago•0 comments

A browser MMO snake where ~1000 players share one CPU core

https://growordie.io
1•ncakes•5m ago•0 comments

Crypto firms prepare defenses as quantum threat to encryption draws nearer

https://www.reuters.com/legal/government/crypto-firms-prepare-defenses-quantum-threat-encryption-...
1•tartoran•5m ago•0 comments

A Windows utility for a problem that kept stealing 10 minutes at a time

https://www.indiehackers.com/post/i-launched-a-windows-utility-for-a-problem-that-kept-stealing-1...
1•enlightpixel•6m ago•0 comments

An AI coal mine security camera network powered by plaintext passwords

https://eaton-works.com/2026/07/08/coal-india-camera-hack/
2•EatonZ•8m ago•1 comments

A jigsaw puzzle where every piece is a slice of live video

https://jumpcutjigsawpuzzles.com/
1•tjsbbi•11m ago•1 comments

Show HN: Runo – open-source web scraping that returns typed JSON

https://github.com/rhymeswithlimo/runo
1•barebearcountry•12m ago•0 comments

Meta AI glasses disable the camera if the capture LED is destroyed

https://9to5google.com/2026/07/07/meta-ray-ban-smart-glasses-privacy-light-camera-update/
3•p_stuart82•12m ago•0 comments

Show HN: Arbor – code graph MCP server so agents stop grep-reading your codebase

https://github.com/Anandb71/arbor/releases/tag/v2.4.0
1•anandb71•13m ago•1 comments

How to tell if a photo is AI-generated from its metadata (C2PA, XMP, EXIF)

https://photoinvestigator.co/blog/how-to-tell-if-a-photo-is-ai-generated-metadata/
1•Danbana•13m ago•0 comments

macOS 28 will not support encrypted HFS+ volumes

https://support.apple.com/en-us/125615
6•Lihh27•17m ago•0 comments

Be Grateful to Own Nothing

https://mkultra.monster/gaming/2026/07/03/physical-shmysical/
1•speckx•17m ago•0 comments

Ask HN: Software Engineering Guide – seeking recommendations

1•jph•17m ago•0 comments

California Institute for Machine Consciousness – Research Program Whitepaper [pdf]

https://cimc.ai/cimcWhitepaper.pdf
1•helloplanets•20m ago•0 comments

Van Wijngaarden Grammar

https://en.wikipedia.org/wiki/Van_Wijngaarden_grammar
2•stevefan1999•20m ago•0 comments

In San Francisco, Some Home Sellers Now Ask for OpenAI or Anthropic Stock

https://www.nytimes.com/2026/07/08/technology/san-francisco-home-sales-openai-anthropic-ipo.html
5•reaperducer•21m ago•0 comments

Stell-R – trace musical influence paths via minimum spanning tree

https://stell-r.com/Stellar/index_/
1•ebagou•21m ago•1 comments

The CEO of AWS on why Amazon is hiring 11,000 interns and junior employees

https://www.platformer.news/matt-garman-aws-ceo-interview-ai-jobs/
2•maybiiLen•22m ago•0 comments

Show HN: Fluffy Sparrow – Frictionless, Fast, Note Taking App

https://tmahmood.github.io/fluffy_sparrow/
1•t_mahmood•22m ago•0 comments

Show HN: Visually orchestrate Claude Code agents

https://github.com/rondoflow/rondoflow
1•arzzen•23m ago•0 comments

GPT‑Live

https://openai.com/index/introducing-gpt-live/
80•logickkk1•25m ago•33 comments

EmTech AI 2026: The Rise of the AI Platform

https://www.technologyreview.com/2026/07/08/1140223/emtech-ai-2026-the-rise-of-the-ai-platform/
1•joozio•27m ago•0 comments

Hash Functions

http://www.cse.yorku.ca/~oz/hash.html
1•gregsadetsky•28m ago•0 comments

Show HN: Orbit – native Mac app for many Google accounts, isolated, no server

https://orbitformac.com/
1•andrew_kwak•28m ago•1 comments

Show HN: Pretend to Vibe Code, but Meditate

https://tomreinert.de/no-effort/
4•tom2948329494•30m ago•2 comments

Rage: Fiber-based Ruby web framework with Rails ergonomics and a unified runtime

https://github.com/rage-rb/rage
1•thunderbong•32m ago•0 comments

Why the tech industry can't keep up with the AI backlash

https://www.platformer.news/ai-backlash-data-centers-jobs-inflation/
2•speckx•33m ago•0 comments

GhostLock, a stack-UAF that has existed in ALL Linux distributions for 15 years

https://nebusec.ai/research/ionstack-part-2/
4•ranger_danger•34m ago•0 comments

EU now one step away from reviving private message scanning rules

https://cyberinsider.com/eu-now-one-step-away-from-reviving-private-message-scanning-rules/
9•ggirelli•35m ago•1 comments