🎩 You're Invited:Meet the Socket team at Black Hat in Las Vegas, August 3-6.RSVP →
Sign In

@varlock/nextjs-integration

Package Overview
Dependencies
Maintainers
2
Versions
36
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@varlock/nextjs-integration

drop-in replacement for @next/env that uses varlock to load .env files with validation and extra security features

latest
Source
npmnpm
Version
1.1.4
Version published
Weekly downloads
7.1K
-46.66%
Maintainers
2
Weekly downloads
 
Created
Source

@varlock/nextjs-integration

This package helps you integrate varlock into a Next.js project.

It is designed as a drop-in replacement for @next/env, which is the internal package that Next.js uses to load .env files, as well as a small plugin for your next.config.* file that enables additional security features.

It supports Next.js v14+, including full support for both Next.js 15 and 16 with both Webpack and Turbopack bundlers.

Compared to the default @next/env behavior, this package provides:

  • validation of your env vars against your .env.schema
  • type-generation and type-safe env var access with built-in docs
  • redaction of sensitive values from application logs
  • leak detection and prevention, both at build and runtime
  • sourcemap scrubbing to prevent secrets leaking in production source maps
  • more flexible multi-env handling - you can load env-specific files other than .env.development/.env.production

See our docs site for complete installation and usage instructions.

Keywords

varlock

FAQs

Package last updated on 06 Jul 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts