feat: explicit environment variables

[Rich-Harris]

Today, environment variables are implicitly available: anything in process.env can be imported directly (as long as the name is a valid identifier) from $env/static/private, or accessed via env imported from $env/dynamic/private. Environment variables beginning with publicPrefix are available from the public counterparts.

This is... fine, but there is some room for improvement:

• You get random auto-import suggestions — if I type H to begin importing Header.svelte, my editor will helpfully suggest that I meant HOMEBREW_CELLAR or something else improbable
• There's inconsistency between static (named imports) and dynamic (env.BLAH), which feels weird. If for some reason you use both $env/dynamic/public and $env/dynamic/private in the same module, you will need to rename them since you can't have two imports called env
• It's weird that you can reference a given env var both statically (inlined into the build) and dynamically (evaluated at runtime)
• There's a lot of modules!
• There's no central place that describes which environment variables are expected
• No validation — if a critical env var is missing or malformed, you might not find out until you start seeing errors in your production logs
• No type safety or inline documentation. Everything is just a string whose purpose you have to infer from the name

This PR presents an explicit alternative. Opt in by adding the following flag to your svelte.config.js...

export default {
  kit: {
    experimental: {
      explicitEnvironmentVariables: true
    }
  }
};

...and creating a src/env.ts (or src/env.js) that exports variables:

import { defineEnvVars } from '@sveltejs/kit/hooks';
import * as v from 'valibot';

export const variables = defineEnvVars({
  // by default, env vars are a) secret, b) evaluated when the app starts, and c) required
  POSTGRES_URL: {},

  // some environment variables are safe to be used in the client
  GOOGLE_ANALYTICS_ID: {
    public: true,

    // env vars can be validated, using any https://standardschema.dev library
    // (here, we're using https://valibot.dev)
    schema: v.pipe(v.string(), v.regex(/G-[A-Z0-9]+/))
  },

  // some can be evaluated at build time, meaning they can be used for dead code elimination
  SHOW_DEBUGGING_OVERLAY: {
    public: true,
    static: true,

    // if a description is provided, it will be visible when the imported variable is hovered
    description: 'If enabled, will show a FPS meter in the corner of the page',

    // validators can transform inputs, e.g. to a boolean
    schema: v.pipe(
      v.optional(v.string(), ''),
      v.transform((str) => str !== '')
    )
  }
});

The defineEnvVars helper just returns its argument, but is useful as it enforces the correct types (and provides autocomplete, etc). I'm tempted to add similar helpers for other hooks, though that's a conversation for another time.

With those variables defined, we can import them via two new modules — $app/env/private and $app/env/public. As with existing server-only modules, $app/env/private cannot be imported into code that can run in the client.

Types are inferred from validators, where provided, and inline documentation is attached to the variables:

If environment variables are missing, the app errors on startup (or build, for static env vars).

The validators (and indeed the entire src/env module) only ever run on the server. Public variables are sent to the client with the initial server rendered HTML, or (if the initial document is prerendered) by importing a generated module, the same as happens today.

The $app/environment module is aliased as $app/env, to make everything feel a bit more cohesive. The goal is to remove $app/environment and the four $env/* modules (and the associated configuration) in SvelteKit 3.

TODO:

• generateEnvModule for adapter-static
• Populate %sveltekit.env% with this rather than the existing env vars, where appropriate
• I just realised that public static vars don't work as advertised right now — need to fix that
• Don't bother sending static vars from the server to the client
• Make the docs nice

---

Please don't delete this checklist! Before submitting the PR, please make sure you do the following:

• It's really useful if your PR references an issue where it is discussed ahead of time. In many cases, features are absent for a reason. For large changes, please create an RFC: https://github.com/sveltejs/rfcs
• This message body should clearly illustrate what problems it solves.
• Ideally, include a test that fails without this PR but passes with it.

Tests

• Run the tests with pnpm test and lint the project with pnpm lint and pnpm check

Changesets

• If your PR makes a change that should be noted in one or more packages' changelogs, generate a changeset by running pnpm changeset and following the prompts. Changesets that add features should be minor and those that fix bugs should be patch. Please prefix changeset messages with feat:, fix:, or chore:.

Edits

• Please ensure that 'Allow edits from maintainers' is checked. PRs without this option may be closed.

[antony]

Hi! I would change validate to schema (or maybe parse), as validate naively implies being a (val: string) => boolean predicate

Ah yes - this solves my concerns around validate parsing/coercing too. Nice :)

[Rich-Harris]

@f-elix still not completely sure I understand — for the Vercel example, if you need env vars locally you don't need to manage anything yourself you can just do vc env pull, and if building/running on the platform they're just... there, so using vercel.environment.getSharedEnvVar (is that a real API? not familiar) seems unnecessary.

For the 1Password example, what's the advantage of calling the CLI from inside src/env.ts rather than in the pnpm dev/pnpm build command?

As for loadEnv, you'd miss out on the ability to configure the variable with public, static, etc.

Having said all that: if you do need to load variables directly inside src/env.ts then schema already gives you that flexibility. The one missing piece is that we currently disallow async schemas, but I actually don't think there'd be any problem allowing them:

import { defineEnvVars } from '@sveltejs/kit/hooks';
import * as v from 'valibot';
import { execSync } from 'child_process';

const mode = import.meta.env.MODE;
const value = (v: string | Promise<string>) => v.pipeAsync(v.unknown(), v.transformAsync(() => v));

export const variables = defineEnvVars({
  POSTGRES_URL: {
    // Could be a static value
    schema: value('postgresql://...'),
    // Can be derived from import.meta.env.MODE
    schema: value(mode === 'production' ? 'postgresql://...' : 'local-db-url')
    // The value can be async, so we can fetch the value from somewhere else
    schema: value(vercel.environment.getSharedEnvVar({
       id: "<id>",
       teamId: "team_1a2b3c4d5e6f7g8h9i0j1k2l",
       slug: "my-team-url-slug",
     }));
    // The 1Password CLI could be used like this, but it could be any CLI
    schema: value(execSync(`op read op://${mode}/postgresurl`))
  },
});

We should probably also expose $app/env (and $lib etc) so that you can import dev, making import.meta.env.MODE unnecessary.

It's also straightforward to configure (or, if desired) load things in bulk if necessary:

import { defineEnvVars } from '@sveltejs/kit/hooks';
import { systemEnvVars } from '@sveltejs/adapter-vercel/env'; // hypothetical!
import { load1PasswordEnvironment } from '$lib/server/1password';
import { dev } from '$app/env';

export const variables = defineEnvVars({
  ...systemEnvVars(), // VERCEL_URL etc
  ...load1PasswordEnvironment(dev ? 'development' : 'production'),
  MY_OTHER_STUFF: {...}
});

[Rich-Harris]

Actually I take it back, we can't allow async validators right now as that would force generateEnvModule to be async which would be a breaking change (albeit a relative minor one). Should be possible in v3 though.

In the meantime you can of course await directly in src/env:

-schema: value(vercel.environment.getSharedEnvVar({
+schema: value(await vercel.environment.getSharedEnvVar({

[f-elix]

Oh I see. I only saw schema as way to validate the value, not populate the variable, but you're right. Its actually much better.

To answer your question regarding calling a CLI or an SDK from env.ts (doesn't have to be Vercel, could be anything), its imo a cleaner and more flexible way than to hardcode that in a package.json script. You could have multiple environments (production, staging, tests, local dev, etc.) with different values, and that would become very messy to handle in package.json. In any case, I think schema gives me the flexibility I need for this.

I also wasn't clear with my loadEnv idea. That function would live next to defineEnvVars, its not meant to replace it. I saw defineEnvVars as a way to define a schema, and loadEnv as an alternative way to provide the values without needing local .env files.

So you can forget my first suggestion (the value property), schema already takes care of that. As for loadEnv, it would be a convenience function. I could for sure create a module, fetch my env vars, transform that into the defineEnvVars input and spread it like in your example, but it'd be nice if I didn't have to :).

Does that make more sense to you?

[Rich-Harris]

What would loadEnv do exactly?

[f-elix]

I think I explained this poorly.

What I had in mind is a function that returns dotenv file contents as a string, e.g. FOO=bar\nPUBLIC_X=y. SvelteKit would then parse that exactly like an .env file, validate it against the defineEnvVars schema and feed the resulting values into the $env/* modules.

That loader determines where the dotenv contents come from. The schema remains the source of truth for what variables exist, whether they are public/private/static, docs, validation, etc.

The reason this seems useful to me is that it keeps src/env.ts as the central place where env is declared, while still allowing the raw values to come from userland tooling rather than package scripts or shared env files.

I’m not sure whether this belongs in core, especially since there are details around precedence, async loading, build-time vs runtime behavior, and whether it should mutate process.env. But that was the shape I meant. loadEnv is probably also the wrong name — it would be more like defineEnvSource, loadDotenv, or something along those lines.

[Rich-Harris]

Ah, I think I understand — so basically this, without the pointlessly hard-coded string?

export const variables = defineEnvVars({
  FOO: {...},
  BAR: {...}
});

export const load = async () => `
  FOO=123
  BAR=456
`;

I think it's a candidate for a future addition, though probably not part of this PR

[f-elix]

Yes exactly! But yeah agreed that its out of scope for this PR. Really looking forward to this one :)

[BCsabaEngine]

Great! It works with zod4 too.