Skip to content

agent20usd/quickenv-check

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
src
src
 
 
test
test
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package.json
package.json
 
 

Repository files navigation

quickenv-check

Lightning-fast .env file validator. Zero dependencies.

Compare .env vs .env.example, find missing variables, detect leaked secrets, and enforce env hygiene in CI/CD pipelines.

Why?

Every project has .env files. Most have bugs in them:

  • Missing variables that crash at runtime
  • Empty values nobody noticed
  • Real API keys committed by accident
  • Placeholder values left in production

quickenv catches all of these in milliseconds, with zero dependencies.

Install

npm install -g quickenv-check

Or use in your project:

npm install --save-dev quickenv-check

Usage

# Validate .env against .env.example
quickenv

# CI mode (strict, fails on warnings)
quickenv --ci

# JSON output for automation
quickenv --json

# Check a specific env file
quickenv -e .env.staging -x .env.example

# Skip secret detection
quickenv --no-secrets

What It Checks

Check Description
Missing variables In .env.example but not in .env
Empty values Defined but blank
Placeholder values your_api_key, changeme, xxx, etc.
Leaked secrets OpenAI, GitHub, AWS, Stripe, Slack tokens, private keys
Extra variables In .env but not in .env.example

Secret Detection

Detects 18+ secret patterns including:

  • OpenAI API keys (sk-...)
  • GitHub tokens (ghp_, gho_, ghs_)
  • AWS access keys (AKIA...)
  • Stripe keys (sk_live_, pk_live_)
  • Slack tokens (xoxb-, xoxp-)
  • Telegram bot tokens
  • npm/PyPI tokens
  • Private keys (PEM format)
  • And more...

CI/CD Integration

GitHub Actions

- name: Validate env
  run: npx quickenv-check --ci

Pre-commit Hook

{
  "scripts": {
    "precommit": "quickenv --strict"
  }
}

Options

Flag Description
-e, --env <path> Path to .env file (default: .env)
-x, --example <path> Path to example file (auto-detected)
--strict Treat warnings as errors
--ci CI mode (strict + non-zero exit)
--no-secrets Skip secret detection
--json Machine-readable JSON output
-q, --quiet No output, just exit code

Programmatic API

const { parseEnvFile, validate } = require('quickenv-check');

const env = parseEnvFile(envContent);
const example = parseEnvFile(exampleContent);
const result = validate(env, example, { checkSecrets: true });

console.log(result.ok);      // true/false
console.log(result.errors);  // missing vars
console.log(result.secrets);  // detected secrets

Exit Codes

Code Meaning
0 All checks passed
1 Errors found (or warnings in strict mode)
2 Runtime error

License

MIT

Built with speed by AI Hustle Lab as part of the 100 Days of AI Hustle challenge.

About

Lightning-fast .env file validator. Zero dependencies. Detect missing vars, leaked secrets, placeholder values. CI/CD ready.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages