dotenv-vault-check
v1.0.0
Published
A CLI tool that validates and compares multiple .env files to prevent configuration mismatches and deployment issues.
Maintainers
Readme
dotenv-vault-check
A CLI tool that validates and compares multiple .env files to prevent configuration mismatches and deployment issues.
Installation
npm install -g dotenv-vault-checkOr run instantly:
npx dotenv-vault-checkCLI Usage
Compare env files
$ npx dotenv-vault-check
🔍 Comparing environment files...
❌ Missing in .env.production:
- JWT_SECRET
- REDIS_URL
⚠ Unused in .env.staging:
- OLD_API_KEY
⚠ Secret strength warnings:
- JWT_SECRET: too short (3 chars, min 32)
✅ All checks passedCI mode
npx dotenv-vault-check --ciExits with code 1 if any problems found — perfect for CI/CD pipelines.
Generate .env.example
npx dotenv-vault-check --generateCreates .env.example with all keys from your .env (values blanked out).
What It Checks
| Check | Description |
|-------|-------------|
| Missing variables | Keys in .env but missing from .env.production, .env.staging, etc. |
| Unused variables | Keys in other env files but not in .env |
| Mismatched values | Same key, different values across env files |
| Secret strength | Weak JWT secrets, short API keys, empty values |
Supported Files
.env.env.example.env.production.env.staging.env.local
API Usage
import compare from "dotenv-vault-check";
const result = compare("/path/to/project");
// {
// missing: { ".env.production": ["JWT_SECRET"] },
// unused: { ".env.staging": ["OLD_KEY"] },
// mismatched: [{ file: ".env.production", key: "PORT", expected: "3000", actual: "8080" }],
// secrets: [{ key: "JWT_SECRET", reason: "too short" }]
// }Test
node test.jsLicense
MIT
