envdrift is a tiny CLI that detects drift between environment variables used in source code and keys documented in .env.example.
It does one thing:
- Find keys used in code but missing in
.env.example - Find keys in
.env.examplethat are no longer used in code
Config drift breaks onboarding and CI in silent ways:
- app boots locally for one person but fails for others
- stale keys remain in
.env.exampleand confuse contributors - new keys are introduced in code but never documented
envdrift gives you a single, fast check for this.
git clone https://github.com/jszzr/envdrift.git
cd envdrift
node bin/envdrift.js /path/to/your/projectScanned 42 files
Example file: /repo/.env.example
Missing in .env.example (used in source):
- API_KEY
- DATABASE_URL
Unused in .env.example (not found in source):
- LEGACY_TOKEN
Exit code behavior:
0: no missing keys (unused keys allowed by default)1: missing keys found1with--strict: missing keys or unused keys found2: invalid arguments or runtime errors
envdrift [root] [options]Options:
--example <file>: env template path relative to root (default:.env.example)--include <dirs>: only scan these directories (comma-separated)--exclude <dirs>: ignore these directories (comma-separated)--ext <exts>: file extensions to scan (comma-separated)--strict: fail also on unused keys--json: output JSON for CI integrations-h, --help: help
name: envdrift
on:
pull_request:
push:
branches: [main]
jobs:
envdrift:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- run: npx envdrift . --strictprocess.env.KEYprocess.env["KEY"]import.meta.env.KEYos.environ.get("KEY")/os.environ("KEY")getenv("KEY")
Only uppercase keys are matched by design (FOO_BAR).
- Dynamic key access like
process.env[prefix + "_KEY"]is not statically detectable. - If your project uses a custom config layer, keep
.env.exampleas the source of truth.
npm testMIT