Command Line Flags

Core Operations

Scan your codebase for environment variable usage. This is the default behavior when no flags are specified.

File Specification

Specify a custom path to your .env file instead of using the default location, which is the root of your project.

Specify a custom path to your .env.example file.

It does not matter whether you use the --env or --example flag, as both will work as the environment variable source.

If you use both, --example will be prioritized over --env.

File Pattern Control

Completely replace the default file patterns with your own comma-separated list.

Add additional file patterns to the default scan patterns (extends rather than replaces).

Exclude specific file patterns from being scanned.

Filtering & Ignoring

Ignore specific environment variable keys during analysis.

Use a regex pattern to ignore matching environment variable keys.

Comparison Options

Compare all of your .env* files for differences.

Together with compare, check values between your .env* files

Together with compare, you can allow duplicate values.

Only run specific analysis categories. Available: missing, extra, empty, mismatch, duplicate, gitignore.

By running --compare without having a .env or .env.example file, you will be prompted to create one.

You can automatically answer "Yes" to all prompts and run non-interactively. in this scenario, you will not be prompted to create a .env from your existing .env.example file.

Automation & CI/CD

Run in CI mode: non-interactive and never creates files. Perfect for continuous integration.

Enable strict mode - the process will fail on warnings, not just errors.

Automatically fix common issues like removing duplicates and adding missing keys.

Output Control

Output results in JSON format instead of human-readable text.

Disable colored output for terminals that don't support colors.

Hide variables that are defined in .env but not used in your codebase.

Hide the statistics summary at the end of the report.

Security

Disable potential secret detection during codebase scanning (secret detection is enabled by default).

If you only want to ignore a specific line in your codebase from potential secrets detection, you can add // dotenv-diff-ignore comment at the end of the line:

Note: This will only ignore potential secrets warnings for the specific line it is added to. Other errors on the same line will still be reported:

In the above example, only the potential secret warning for the hardcoded URL will be ignored. The missing variable warning for API_URL will still be reported if it is not defined in .env.

Common Flag Combinations

CI/CD Pipeline:

This command sets up a CI/CD pipeline with strict mode and compare it to your .env.example file.

This command works well in a turbo monorepo setup.