envanalyzer-core
v0.1.0
Published
AST-based JS/TS environment variable analyzer with cross-file data flow tracing, confidence scoring, and family grouping
Maintainers
slowinternetReadme
envanalyzer-core
AST-based JS/TS environment variable analyzer. Parses every process.env access pattern, traces dynamic keys across file boundaries, and returns a confidence-weighted usage map.
Install
npm install envanalyzer-coreUsage
import { analyze, loadConfig, generateEnvExample, FileAnalysisCache } from 'envanalyzer-core'
const config = await loadConfig('.') // reads envanalyzer.config.js if present
const cache = new FileAnalysisCache() // optional — skip unchanged files
const result = await analyze({
rootDir: '.',
envTokens: config.envTokens, // optional custom family tokens
envFamilyPrefixes: config.envFamilyPrefixes, // optional explicit family prefixes
framework: 'vite', // optional — also detect import.meta.env
cache,
})
console.log(result.missing) // referenced in code, absent from .env
console.log(result.unused) // declared in .env, never referenced
console.log(result.dynamic) // dynamic accesses with trace results
console.log(result.families) // environment-variant key groups
const example = generateEnvExample(result) // .env.example contentWhat it detects
| Pattern | Example |
|---|---|
| Static dot | process.env.DB_URL |
| Static bracket | process.env["DB_URL"] |
| Destructuring | const { DB_URL } = process.env |
| Dynamic — local literal | const k = "DB_URL"; process.env[k] |
| Dynamic — function return | const k = getKey(); process.env[k] |
| Dynamic — cross-file import | import { KEY } from "./keys"; process.env[KEY] |
| Template literal | process.env[`${svc}_API_KEY`] |
| Vite | import.meta.env.VITE_KEY (with framework: "vite") |
Full documentation at the project repository.