.env file validator — find missing values, duplicates, and exposed secrets
Runs entirely in your browser — nothing is uploaded or transmitted
paste your .env file below
⌘↵ to lint
issues
parsed keys
# key value status
.env.example
copied!

.env File Validator & Linter

EnvLint is a free browser-based validator for .env files — the environment variable configuration files used by nearly every modern web application. Paste your .env file into the editor above and instantly see a full parse of every key-value pair, a list of issues, and a generated .env.example template you can safely commit to your repository.

Unlike other online .env tools, EnvLint runs entirely in your browser. Your environment variables never leave your machine. There is no server, no database, and no network request. You can verify this by opening your browser's developer tools and watching the Network tab — you'll see nothing sent after you click "lint .env."

What EnvLint checks

How to use the .env.example output

The generated .env.example replaces all values with descriptive placeholders while preserving comments and key names. This file is safe to commit to version control — it documents which environment variables your project requires without exposing any secrets. Team members clone the repo, copy .env.example to .env, and fill in their own values.

The .env file format

A .env file stores environment variables as KEY=VALUE pairs, one per line. Lines beginning with # are comments. Values can be quoted with single or double quotes to preserve whitespace or include special characters. The export prefix is optional and is stripped by most loaders. Empty lines are ignored.

The format is read at startup by dotenv (Node.js), python-dotenv (Python), dotenv-rails (Ruby/Rails), godotenv (Go), and dozens of other libraries. Despite its ubiquity, there is no single formal specification — parsers differ in edge cases around quoted values, multiline support, and whitespace handling. EnvLint follows the most widely-adopted conventions from the original Node.js dotenv package.

Security note

Your .env file typically contains database credentials, API keys, authentication secrets, and other sensitive values. Never paste it into a tool that submits data to a server unless you fully trust that server and its data handling practices. EnvLint is designed from the ground up to eliminate this risk — there is no server to trust.

Frequently asked questions

Is my .env file uploaded to a server?

No. EnvLint runs entirely in your browser using JavaScript. Your .env content never leaves your machine — there is no server, no database, and no logging of any kind.

What is a .env file?

A .env file stores environment variables — configuration values like database URLs, API keys, and feature flags — for a software project. It is read at startup by frameworks like Node.js (via dotenv), Ruby on Rails, Django, and others. The file lives in the project root and should never be committed to version control.

What does "missing value" mean?

A missing value means the key exists in the file but has nothing after the equals sign — for example, DATABASE_URL=. This is almost always a configuration error. The application will see an empty string or undefined for that variable.

Why are duplicate keys a problem?

Most .env loaders silently use the last (or first) occurrence when a key appears more than once, discarding the other. This can cause subtle bugs when you think you're setting a variable but a later duplicate overrides it without any warning.

Does EnvLint support multiline values?

Yes. EnvLint handles quoted values that span multiple lines, values containing # characters, and values with embedded equals signs, following common dotenv conventions.

What is a .env.example file?

A .env.example is a safe-to-commit template of your .env with all sensitive values replaced by placeholder text. It documents which environment variables your project requires. EnvLint generates one automatically from your input.

More free tools

Cronfig — cron expression tester  ·  FeedLint — RSS/Atom feed validator  ·  DiffLint — git diff linter  ·  LinkScrub — strip tracking params from URLs  ·  qrnch — QR code generator  ·  hashchop — hash generator  ·  jwtchop — JWT decoder  ·  epochop — Unix timestamp  ·  b64chop — Base64 encoder  ·  csvchop — CSV to JSON  ·  uuidchop — UUID generator  ·  radish — stack trace analyzer  ·  pxicons — pixel favicon editor  ·  yamlchop — YAML validator  ·  sqlchop — SQL formatter  ·  freetakuzu — Takuzu puzzle