Ultra-secure, high-performance .env file loader
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Project description
SimpleEnvs
Ultra-secure, high-performance .env file loader for Python
Drop-in replacement for python-dotenv with enterprise security and 2-40x performance
๐ Why SimpleEnvs?
- ๐โโ๏ธ 2-40x faster than python-dotenv (verified benchmarks)
- ๐ Enterprise-grade security with memory isolation
- ๐ฏ Automatic type conversion (int, bool, float)
- โก Zero configuration - works out of the box
- ๐ 100% python-dotenv compatible API
- ๐ Smart directory scanning - finds .env files automatically
๐ฆ Installation
pip install simpleenvs-python
โก Quick Start
Python-dotenv Migration (1-line change!)
# Before (python-dotenv)
from dotenv import load_dotenv
load_dotenv()
# After (SimpleEnvs) - Only change the import!
from simpleenvs import load_dotenv
load_dotenv() # Same API, up to 40x faster! ๐
Basic Usage
# Create .env file
echo "APP_NAME=MyApp\nDEBUG=true\nPORT=8080" > .env
# Load environment variables
from simpleenvs import load_dotenv
load_dotenv()
# Access variables
import os
print(os.getenv('APP_NAME')) # "MyApp"
print(os.getenv('DEBUG')) # "True" (auto-converted!)
print(os.getenv('PORT')) # "8080"
Type-Safe Access
import simpleenvs
simpleenvs.load_dotenv()
# Type-safe getters
app_name = simpleenvs.get_str('APP_NAME', 'DefaultApp') # str
debug = simpleenvs.get_bool('DEBUG', False) # bool
port = simpleenvs.get_int('PORT', 8080) # int
๐ Performance
Latest GitHub Actions benchmark results:
| Variables | File Size | python-dotenv | SimpleEnvs Standard | SimpleEnvs Secure | Speedup |
|---|---|---|---|---|---|
| 10 vars | 482B | 2.0ms | 0.1ms | 0.4ms | 13.5x faster โก |
| 50 vars | 1.3KB | 5.9ms | 0.2ms | 0.5ms | 23.8x faster โก |
| 100 vars | 2.4KB | 10.9ms | 0.4ms | 0.6ms | 28.3x faster โก |
| 500 vars | 11KB | 51.3ms | 2.0ms | 1.7ms | 26.1x faster โก |
| 1000 vars | 22KB | 105.1ms | 5.0ms | 2.7ms | 20.9x faster โก |
| 5000 vars | 111KB | 633.3ms | 72.5ms | 12.5ms | 8.7x faster ๐ |
Key discovery: Secure mode (with enterprise security) can be faster than standard mode on larger files!
Test yourself:
# Run the same benchmark as our CI
python -m simpleenvs.benchmark --quick
# Include secure mode testing
python -m simpleenvs.benchmark --secure
๐ Security Features
Simple Mode (Default)
Perfect for development and most production use cases:
from simpleenvs import load_dotenv
load_dotenv() # Variables stored in os.environ
Secure Mode (Enterprise)
Memory-isolated environment variables that never touch os.environ:
from simpleenvs import load_dotenv_secure, get_secure
load_dotenv_secure() # Memory-isolated loading
# Secure access (not in os.environ!)
jwt_secret = get_secure('JWT_SECRET')
db_password = get_secure('DB_PASSWORD')
# Verify isolation
import os
print(os.getenv('JWT_SECRET')) # None - properly isolated! ๐
๐ก๏ธ Security Test Matrix
| Attack Vector | Tests | Status | Protection Level |
|---|---|---|---|
| Path Traversal | 8/8 โ | ../../../etc/passwd |
๐ด BLOCKED |
| Script Injection | 7/7 โ | <script>alert('xss') |
๐ด BLOCKED |
| Command Injection | 7/7 โ | $(rm -rf /) |
๐ด BLOCKED |
| File Size Attacks | 4/4 โ | 15MB+ malicious files | ๐ด BLOCKED |
| Memory Security | 3/3 โ | Isolation verification | ๐ข SECURED |
| Type Safety | 5/5 โ | Invalid conversions | ๐ก HANDLED |
| Edge Cases | 17/17 โ | Unicode, encoding, etc. | ๐ข ROBUST |
Security Testing
# Run comprehensive security tests
python -m simpleenvs.vuln_test
# Sample threats automatically blocked:
# โ ../../../etc/passwd # Path traversal
# โ <script>alert('xss')</script> # Script injection
# โ $(rm -rf /) # Command injection
# โ 15MB+ malicious files # DoS attacks
# โ
Memory isolation verified # Enterprise security
# ๐ Total: 51/51 tests passed (100% success rate)
๐ Smart Directory Scanning
Unlike python-dotenv, SimpleEnvs automatically finds your .env files:
# Your project structure
my-project/
โโโ app.py # Run from here
โโโ config/
โ โโโ .env # โ
Found automatically!
โโโ environments/
โ โโโ .env.production # โ
Found automatically!
โโโ docker/
โโโ .env.docker # โ
Found automatically!
# SimpleEnvs (auto-discovery)
from simpleenvs import load_dotenv
load_dotenv() # Finds the first .env file automatically!
# Manual control when needed
load_dotenv('.env.production') # Specific file
load_dotenv('config/database.env') # Custom path
simpleenvs.load(max_depth=3) # Search deeper
๐ฏ Advanced Features
Async Support
import simpleenvs
# Async loading
await simpleenvs.load('.env')
await simpleenvs.load_secure('.env')
# Or one-liner
from simpleenvs import aload_dotenv
await aload_dotenv()
FastAPI Integration
from fastapi import FastAPI
import simpleenvs
app = FastAPI()
@app.on_event("startup")
async def startup():
# Public config
await simpleenvs.load('config.env')
# Sensitive secrets (memory-isolated)
await simpleenvs.load_secure('secrets.env')
@app.get("/config")
def get_config():
return {
"app_name": simpleenvs.get_str("APP_NAME"),
"debug": simpleenvs.get_bool("DEBUG"),
"port": simpleenvs.get_int("PORT", 8000)
}
Environment-Specific Loading
import simpleenvs
# Auto-detect environment
env = os.getenv('ENVIRONMENT', 'development')
simpleenvs.load_dotenv(f'.env.{env}')
# Production with security
simpleenvs.load_dotenv_secure('.env.production')
๐ SimpleEnvs vs python-dotenv
| Feature | python-dotenv | SimpleEnvs |
|---|---|---|
| Performance | Baseline | 2-40x faster โก |
| Type Safety | Manual casting | Automatic ๐ฏ |
| Security | Basic | Enterprise-grade ๐ |
| Memory Isolation | โ | โ Secure mode |
| Async Support | โ | โ Full support |
| Auto-discovery | โ | โ Smart scanning |
| API Compatibility | โ | โ Drop-in replacement |
๐ ๏ธ API Reference
Loading Functions
# Simple loading (python-dotenv compatible)
load_dotenv(path=None) # Sync
aload_dotenv(path=None) # Async
# Secure loading (memory-isolated)
load_dotenv_secure(path=None, strict=True)
# Advanced loading
simpleenvs.load(path, max_depth=2) # Async with depth control
simpleenvs.load_sync(path, max_depth=2) # Sync with depth control
simpleenvs.load_secure(path, strict=True) # Full secure loading
Type-Safe Getters
# Simple access (from os.environ)
get(key, default=None) # Any type
get_str(key, default=None) # String
get_int(key, default=None) # Integer
get_bool(key, default=None) # Boolean
# Secure access (memory-isolated)
get_secure(key, default=None) # Any type
get_str_secure(key, default=None) # String
get_int_secure(key, default=None) # Integer
get_bool_secure(key, default=None) # Boolean
Utility Functions
# Status checks
is_loaded() # Simple loader status
is_loaded_secure() # Secure loader status
# Information
get_info() # Library info
get_security_info() # Security session info
get_all_keys() # All loaded keys
# Cleanup
clear() # Clear all loaded data
๐งช Testing
Run Tests
# Install with test dependencies
pip install simpleenvs[test]
# Run full test suite
pytest tests/ -v
# Run with coverage
pytest tests/ --cov=simpleenvs --cov-report=html
Benchmarks
# Performance comparison with python-dotenv
python -m simpleenvs.benchmark
# Quick test (3 rounds)
python -m simpleenvs.benchmark --quick
# Include secure mode testing
python -m simpleenvs.benchmark --secure
# More rounds for accuracy
python -m simpleenvs.benchmark --rounds 10
Security Testing
# Comprehensive security tests
python -m simpleenvs.vuln_test
# Tests path traversal, injection attacks, memory isolation, etc.
# 51 security tests covering enterprise threat scenarios
๐๏ธ Use Cases
Development
# Quick setup
from simpleenvs import load_dotenv
load_dotenv() # Fast, simple, effective
Production Web Apps
# Public config + secure secrets
await simpleenvs.load('config.env') # Public settings
await simpleenvs.load_secure('secrets.env') # Sensitive data
Enterprise Applications
# Maximum security with monitoring
from simpleenvs import SecureEnvLoader
loader = SecureEnvLoader(session_id="prod-001")
await loader.load_secure()
# Access with logging
secret = loader.get_secure('API_KEY')
# Audit trail
logs = loader.get_access_log()
integrity_ok = loader.verify_file_integrity('.env')
๐ค Contributing
We welcome contributions! Please see CONTRIBUTING.md for guidelines.
Development Setup
# Clone repository
git clone https://github.com/vmintf/SimpleEnvs-Python.git
cd SimpleEnvs-Python
# Install in development mode
pip install -e ".[dev]"
# Run tests
pytest tests/ -v
# Format code
black src/ tests/
isort src/ tests/
๐ License
MIT License - see LICENSE file for details.
๐ Acknowledgments
- Inspired by python-dotenv
- Built with security principles from OWASP
- Performance optimizations inspired by Zig design philosophy
- Project originated from Zig SimpleEnvs
๐ Learn More
- ๐ Full Documentation
- ๐ Issue Tracker
- ๐ฌ Discussions
- ๐ฆ PyPI Package
Made with โค๏ธ for the Python community
Simple to use, enterprise-grade security, proven performance ๐
Project details
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
simpleenvs_python-2.0.0b1.tar.gz
(49.7 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file simpleenvs_python-2.0.0b1.tar.gz.
File metadata
- Download URL: simpleenvs_python-2.0.0b1.tar.gz
- Upload date:
- Size: 49.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d691b87c2ae2124c81a0f6a132061cddc165cae96fb32339effc4735aec0f5c9
|
|
| MD5 |
0b4407fd6c930b3171bd6d0aa3464787
|
|
| BLAKE2b-256 |
ab8e14507520b11548f35061e7bcbbb58cbc6e4463f5b8be36692e7aede7a1ac
|
Provenance
The following attestation bundles were made for simpleenvs_python-2.0.0b1.tar.gz:
Publisher:
deploy.yml on vmintf/SimpleEnvs-Python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
simpleenvs_python-2.0.0b1.tar.gz -
Subject digest:
d691b87c2ae2124c81a0f6a132061cddc165cae96fb32339effc4735aec0f5c9 - Sigstore transparency entry: 236629128
- Sigstore integration time:
-
Permalink:
vmintf/SimpleEnvs-Python@b9b73c2bb4ddb7668c0d4bec5fbc138f10a42fb0 -
Branch / Tag:
refs/tags/v2.0.0-beta.1 - Owner: https://github.com/vmintf
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
deploy.yml@b9b73c2bb4ddb7668c0d4bec5fbc138f10a42fb0 -
Trigger Event:
release
-
Statement type:
File details
Details for the file simpleenvs_python-2.0.0b1-py3-none-any.whl.
File metadata
- Download URL: simpleenvs_python-2.0.0b1-py3-none-any.whl
- Upload date:
- Size: 42.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b5904bf40b7dd37716f10f705cb81f904e0bc942306a5e9ae18f5bb835f38bd7
|
|
| MD5 |
ad521b2a808665bb7fb03717ba0d8c3f
|
|
| BLAKE2b-256 |
8495a09a067e3830a4fab4eb3981db35df8fac9bed6665c6a9a683b829437ce5
|
Provenance
The following attestation bundles were made for simpleenvs_python-2.0.0b1-py3-none-any.whl:
Publisher:
deploy.yml on vmintf/SimpleEnvs-Python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
simpleenvs_python-2.0.0b1-py3-none-any.whl -
Subject digest:
b5904bf40b7dd37716f10f705cb81f904e0bc942306a5e9ae18f5bb835f38bd7 - Sigstore transparency entry: 236629136
- Sigstore integration time:
-
Permalink:
vmintf/SimpleEnvs-Python@b9b73c2bb4ddb7668c0d4bec5fbc138f10a42fb0 -
Branch / Tag:
refs/tags/v2.0.0-beta.1 - Owner: https://github.com/vmintf
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
deploy.yml@b9b73c2bb4ddb7668c0d4bec5fbc138f10a42fb0 -
Trigger Event:
release
-
Statement type:
