I built a CLI that scans, validates and audits your .env files and it works with any stack

#go #security #opensource #devops

Every dev team has lost hours to .env problems.

A missing variable breaks a deploy.
An API key gets committed to Git.
A new teammate spends half a day figuring out which variables they need.
Nobody documented anything.

I built Razify to make all of that stop happening.

What is Razify?

Razify is a single binary CLI tool for .env file management.
It diffs, scans, validates, documents, and audits your environment
variables — all from your terminal.

No cloud account
No tracking
No Go installation required

Works with Node.js, Python, Ruby, Laravel, Rails — anything that uses .env files.

What it does

🔍 Secret scanning

   razify scan .env

Detects leaked secrets using 80+ regex patterns combined with
Shannon entropy analysis to catch what pattern matching alone would miss.

   ✘  [CRITICAL] Line 6: DB_PASSWORD — weak or default value
   ⚠  [HIGH]     Line 5: AWS_ACCESS_KEY — cloud provider credential

   Summary: 1 CRITICAL  4 HIGH  1 MEDIUM

✅ Pre-deploy validation

   razify validate .env .env.example

Catches missing required variables before you deploy.
Returns exit code 1 — plugs straight into CI/CD.

   - name: Validate environment
     run: razify validate .env .env.example --json

🛡️ Git commit protection

   razify guard install

Installs a pre-commit hook that blocks any commit
containing exposed secrets. Set it once, forget about it.

📊 Health score

   razify audit .env .env.example

Runs scan + validate + diff together.
Gives you a score out of 100 with actionable recommendations.

📄 Auto-generated docs

   razify docs .env.example -o ENV_DOCS.md

Generates a markdown table from your inline comments.
No more "what does this variable do?"

Installation

   # macOS / Linux
   brew tap Hossiy21/tap && brew install razify

   # Windows
   scoop install razify

   # Go users
   go install github.com/Hossiy21/razify@latest