A lightweight tool for analyzing .env files, checking for security issues, and generating clean example configuration files.
Overview
env-analyzer is a command-line tool that:
- Analyzes your existing
.envfiles - Identifies sensitive variables (API keys, passwords, tokens)
- Detects empty or misconfigured variables
- Suggests commonly used but missing variables
- Generates clean .env.example files for safe sharing
Installation
Global
npm install -g env-analyzerLocal
npm install env-analyzer --save-devUsage
Basic Usage
Navigate to your work directory (containing a .env file) and run:
env-analyzerExample Output
📋 ENV Analysis Results:
⚠️ Sensitive Variables:
- API_KEY: API keys are sensitive credentials
- DB_PASSWORD: Database passwords are sensitive credentials
Make sure not to include the actual values of these variables in your .env.example file.
❌ Empty Variables:
- CACHE_TTL: This variable is defined but has no value
💡 Recommended Variables:
- LOG_LEVEL: Specifies logging level
- CORS_ORIGIN: Specifies allowed origins for CORS
✅ .env.example file successfully created: /path/to/your/work/.env.exampleFeatures
- Security Analysis: Identifies potentially sensitive variables in your environment configuration
- Missing Variable Detection: Suggests common environment variables that might be missing
- Clean Example Generation: Creates a safe .env.example file for sharing with team members or in repositories
Example .env.example Output
# Example .env file
# Copy this file as .env and update with your values
API_KEY=your_secure_value_here
DATABASE_URL=value_here
NODE_ENV=value_here
DB_PASSWORD=your_secure_value_here
# Recommended variables
# Specifies logging level
LOG_LEVEL=value_here
# Specifies allowed origins for CORS
CORS_ORIGIN=value_here