Cross-check environment variables used in Python code against .env and docker-compose.
Project description
dotenvcheck cross-checks the environment variables used in your Python code against those declared in your .env and docker-compose.yml files.
It reports unused, missing, and mismatched variables — helping you keep your environment configuration clean and consistent.
For example, if you’ve ever had a project with 20 variables in .env but only 10 actually used, dotenvcheck instantly shows you which ones can be safely removed or fixed.
Installation
pip install dotenvcheck
# or
pipx install dotenvcheck
# with docker-compose support
pip install "dotenvcheck[compose]"
Usage
From your project root (where .env lives):
dotenvcheck .
You’ll get a report listing missing, unused, or suspicious environment variables.
Example output:
== dotenvcheck report ==
unused (2): DATABASE_URL, NOTUSEDAPI_KEY
sources:
API_KEY: .env
DATABASE_URL: .env
DEBUG: .env
NOTUSEDAPI_KEY: .env
Configuration (optional)
You can configure defaults globally for your project via a [tool.dotenvcheck] section in your pyproject.toml.
[tool.dotenvcheck]
exclude = [".venv", "venv", "env", ".git", "__pycache__", "dist", "build", "node_modules"]
fail_on = ["missing"]
dotenv = ".env"
include = "*.py"
Options
| Key | Type | Default | Description |
|---|---|---|---|
exclude |
list of strings | [".venv", "venv", "env", ".git", "__pycache__", "dist", "build", "node_modules"] |
Directories or file patterns to ignore while scanning your code. |
include |
string or list of strings | "*.py" |
Glob pattern(s) of files to include when scanning for environment variable usage. |
dotenv |
string | ".env" |
Path to your .env file used for validation. |
fail_on |
list of strings | ["missing"] |
Determines which findings trigger a non-zero exit code. Options: "missing", "typos", "bad_values", "unused". |
Behavior
- Ignores common directories like
.venv,dist/,build/, and.git/by default. - Command-line arguments always override
pyproject.toml. - Works seamlessly across macOS, Linux, and Windows.
- Fully supports Python 3.8 → 3.12+.
Project structure
dotenvcheck/
├─ src/
│ └─ envguard/
│ ├─ __init__.py
│ ├─ __main__.py
│ ├─ cli.py
│ ├─ scanner.py
│ ├─ dotenv.py
│ ├─ compose.py
│ └─ report.py
├─ tests/
├─ pyproject.toml
├─ LICENSE
├─ README.md
└─ .github/
└─ workflows/
├─ test.yml
└─ workflow.yml
License
MIT License – feel free to use, modify, and contribute.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file dotenvcheck-0.1.9.tar.gz.
File metadata
- Download URL: dotenvcheck-0.1.9.tar.gz
- Upload date:
- Size: 7.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
36bd6474b9cbe9248d9d45d2cd9074d9690ca0e251682533ba478e0ea02c9a30
|
|
| MD5 |
6099522c4e068fc286d4af899be942df
|
|
| BLAKE2b-256 |
21627265a7e561f837cadbc17dc98424222558930698d50dc9f27ad913c79bb1
|
Provenance
The following attestation bundles were made for dotenvcheck-0.1.9.tar.gz:
Publisher:
workflow.yml on dipendrapant/dotenvcheck
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
dotenvcheck-0.1.9.tar.gz -
Subject digest:
36bd6474b9cbe9248d9d45d2cd9074d9690ca0e251682533ba478e0ea02c9a30 - Sigstore transparency entry: 631511427
- Sigstore integration time:
-
Permalink:
dipendrapant/dotenvcheck@4f3325ef24ac95223239cc2f65eba4669a5b71c0 -
Branch / Tag:
refs/tags/v0.1.9 - Owner: https://github.com/dipendrapant
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
workflow.yml@4f3325ef24ac95223239cc2f65eba4669a5b71c0 -
Trigger Event:
push
-
Statement type:
File details
Details for the file dotenvcheck-0.1.9-py3-none-any.whl.
File metadata
- Download URL: dotenvcheck-0.1.9-py3-none-any.whl
- Upload date:
- Size: 9.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
58af6b1c90e387ce88d2cabdce6ac20a4bbc0f761fd8ecc90cad39154774b712
|
|
| MD5 |
ed631d401cc6f0890859fb0e55606a47
|
|
| BLAKE2b-256 |
85f1a9018a6393cb1a029f5d67180ff2582f717392ae1b6e7b8ba733ee7b7710
|
Provenance
The following attestation bundles were made for dotenvcheck-0.1.9-py3-none-any.whl:
Publisher:
workflow.yml on dipendrapant/dotenvcheck
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
dotenvcheck-0.1.9-py3-none-any.whl -
Subject digest:
58af6b1c90e387ce88d2cabdce6ac20a4bbc0f761fd8ecc90cad39154774b712 - Sigstore transparency entry: 631511476
- Sigstore integration time:
-
Permalink:
dipendrapant/dotenvcheck@4f3325ef24ac95223239cc2f65eba4669a5b71c0 -
Branch / Tag:
refs/tags/v0.1.9 - Owner: https://github.com/dipendrapant
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
workflow.yml@4f3325ef24ac95223239cc2f65eba4669a5b71c0 -
Trigger Event:
push
-
Statement type:
