Catch configuration drift before it becomes a runtime problem or a contributor onboarding failure. env-diff-checker compares .env.example with a real .env file and reports missing keys, extra keys, blank values, duplicates, invalid dotenv lines, placeholder-looking values, and simple format mismatches.
The tool is built for local checks and CI. It reads plain dotenv-style files and does not load or export variables into the current process.
Open-source projects often lose maintainer time to broken local setup, stale examples, and release configuration drift. Env Diff Checker gives maintainers a small CI guardrail that keeps documented environment variables aligned with the actual project.
From source:
git clone https://github.com/chunjiegame-cpu/env-diff-checker.git
cd env-diff-checker
npm install
node bin/env-diff.js --helpAs a package after publishing:
npm install -g env-diff-checker
env-diffenv-diff
env-diff --example .env.example --env .env.local
env-diff --json
env-diff --allow-extra
env-diff --out env-diff-report.md
env-diff --no-failEnv Diff Checker report
Example: .env.example
Actual: .env
Status: CHECK
Missing variables
- DATABASE_URL (line 2 in example)
Blank values
- SESSION_SECRET (line 8)
Suspicious values
- API_TOKEN: actual value still looks like a placeholder
| Finding | Example |
|---|---|
| Missing variable | DATABASE_URL exists in .env.example but not .env. |
| Extra variable | .env contains a key not documented in .env.example. |
| Blank value | API_TOKEN= is present but empty. |
| Duplicate declaration | The same key appears more than once. |
| Invalid line | A non-comment line is not valid KEY=value syntax. |
| Placeholder value | The real env still says changeme, replace-me, or matches the example. |
| Type mismatch | Example says PORT=3000, actual says PORT=abc. |
| Option | Description |
|---|---|
--example <file> |
Path to the example file. Defaults to .env.example. |
--env <file> |
Path to the actual env file. Defaults to .env. |
--json |
Print machine-readable JSON. |
--allow-extra |
Do not treat extra actual variables as a failure. |
--no-fail |
Always exit 0 if files can be read. Useful for reports. |
-o, --out <file> |
Write a Markdown report. |
-h, --help |
Show help. |
name: env drift
on: [pull_request]
jobs:
env:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
- run: npx env-diff --example .env.example --env .env.ci- Keep
.env.examplereviewed as part of every config change. - Run
env-diff --example .env.example --env .env.ciin pull requests. - Use
--out env-diff-report.mdwhen filing setup issues for new contributors. - Pair JSON output with Codex or another automation to propose safer
.env.exampleupdates.
import { compareEnv } from "env-diff-checker";
const result = compareEnv(exampleText, actualText, { allowExtra: false });
if (!result.ok) {
console.log(result.missing, result.suspicious);
}- Supports
KEY=valueandexport KEY=value. - Ignores blank lines and full-line comments.
- Preserves
#inside quoted values. - Strips inline comments such as
DEBUG=true # local. - The last duplicate value wins, but duplicates are still reported.
| Code | Meaning |
|---|---|
0 |
No findings, or --no-fail was used. |
1 |
Files could not be read, arguments were invalid, or drift was found. |
- It does not decrypt secret managers or read shell profile files.
- Type inference is intentionally conservative and based on example values.
- It does not validate whether URLs or credentials are reachable.
npm install
npm test
node bin/env-diff.js --helpParser changes should include cases for quoted values, inline comments, duplicates, and malformed lines.
See docs/codex-for-oss.md for a concise maintainer-oriented project summary and API-credit usage plan.
MIT