What is a .env.example file?

A .env.example file is a template that shows which environment variables a project requires, without including any real values. It is safe to commit to version control. Developers clone the repo, copy .env.example to .env, and fill in their own values. It serves as living documentation for required configuration.

Should I commit my .env file to Git?

No. Never commit your .env file to Git. It typically contains API keys, database passwords, and other secrets. Add .env to your .gitignore file. Instead, commit a .env.example file with all values replaced by empty strings or placeholder descriptions. This way, new team members know which variables to configure without exposing secrets.

.env.example Generator

Parse your .env to create a safe template, build one from scratch, or compare two .env files side-by-side.

Paste your .env file

Generated .env.example

Paste your .env file to generate a safe .env.example template.

How to Use the .env.example Generator

Parse mode — paste your existing .env file. Sensitive values (keys, passwords, tokens) are automatically detected and replaced with placeholder descriptions. Non-sensitive values with obvious defaults (ports, flags) are kept as-is.
Build mode — construct a .env.example from scratch by adding variables with names, default values, descriptions, and required flags. Group them by section (Database, API, Auth, etc.).
Compare mode — paste two .env files to see which variables exist in one but not the other. Useful when syncing .env files across environments or finding missing variables.
Download or copy the generated .env.example and commit it to your repository.

Why .env Files Matter

Environment variables are the standard way to configure applications across different environments (development, staging, production) without hardcoding values in source code. The twelve-factor app methodology specifically requires storing configuration in the environment as one of its core principles. A .env file is a convenient local way to set these variables during development. The dotenv package for Node.js popularized this pattern, and it is now standard practice across virtually all web frameworks.

Security Best Practices

Your .env file contains secrets that must never be committed to version control. Add .env and .env.local to your .gitignore immediately after creating a new project. A .env.example file serves as the safe, committable documentation of what variables the application needs. Anyone who clones the repository copies .env.example to .env and fills in their own credentials. This pattern prevents accidental secret exposure while ensuring developers know exactly what to configure.

Detecting Sensitive Values

This tool automatically flags values as sensitive when the variable name contains keywords like KEY, SECRET, PASSWORD, TOKEN, PASS, PRIVATE, CREDENTIAL, or AUTH. These are replaced with descriptive placeholders like your-api-key-here in the output. Non-sensitive values with obvious defaults — like PORT=3000 or NODE_ENV=production — are preserved as-is, since they do not expose any secrets.

Environment File Hierarchy

Frameworks like Next.js, Vite, and Create React App support multiple .env files with a defined priority order. From lowest to highest priority: .env (base defaults), .env.local (local overrides, always gitignored), .env.development / .env.production (environment-specific), .env.development.local / .env.production.local (local environment-specific overrides). Understanding this hierarchy prevents confusion when variables seem to be ignored — a higher-priority file is likely overriding them. Use our GitHub Actions Generator to see how to use secrets in CI/CD pipelines.

Grouping Variables by Section

For larger applications with many environment variables, organizing them into sections with comment headers significantly improves readability. Common sections include Database (connection strings, pool size), External APIs (API keys, base URLs), Authentication (JWT secrets, OAuth credentials), Storage (S3 buckets, CDN URLs), Feature Flags (boolean toggles), and Application Settings (port, log level, environment name). The Build mode in this generator lets you assign each variable to a named section, which then appears as a comment block in the output.

Frequently Asked Questions

A .env.example file is a template showing which environment variables a project requires, without real values. It is safe to commit to Git. Developers copy it to .env and fill in their own credentials. It serves as living documentation for required configuration.

No. Never commit your .env file to Git. Add .env to your .gitignore. It typically contains API keys, passwords, and secrets. Instead, commit .env.example with all secrets replaced by placeholders so team members know what to configure.

The tool flags values as sensitive when the variable name contains keywords like KEY, SECRET, PASSWORD, TOKEN, PASS, PRIVATE, CREDENTIAL, AUTH, or CERT. Flagged values are replaced with placeholder descriptions in the generated .env.example.

.env is the default environment file. .env.local overrides it and is gitignored by default in frameworks like Next.js and Vite, making it suitable for machine-specific secrets. .env.development and .env.production are loaded for their respective environments.

No. This tool runs entirely in your browser. Your environment variables and secrets are never sent anywhere. All parsing, redaction, and generation happens locally using JavaScript. Close the tab and your data is gone.