# EnvForge BETA v1.1
⚡ Structured .env scaffolding for modern applications.
Generate, validate, and protect environment variables for 14+ services – without ever opening a docs page.
Github repo
[https://github.com/Jos3456/envforge]
NPM version
(https://img.shields.io/npm/v/envforge-dev)
MIT License
(https://img.shields.io/badge/License-MIT-yellow.svg)
## Installation
bash
npm install envforge-dev
**Requirements:** Node.js 18 or later.
---
**## Quick Start**
bash
# 1. Generate an .env file and choose your providers
envforge init
# 2. Fill in your actual credentials
envforge fill
# 3. Check everything is set correctly
envforge validate
## All Commands
### Scaffolding
| Command | What it does |
|---|---|
envforge init |
Create a new .env by selecting providers interactively |
envforge add <provider> |
Add variables from a specific provider to your existing .env
|
envforge preset |
Generate a .env from a popular stack preset |
envforge example |
Create a safe‑to‑commit .env.example file |
envforge fill |
Interactively enter values (secret keys are masked) |
envforge list |
Show all built‑in and custom providers |
### Guardrails
| Command | What it does |
|---|---|
envforge validate |
Check that all required variables are filled in |
envforge scan |
Detect secret keys accidentally exposed in frontend code |
envforge hook install |
Install a pre‑commit hook that runs validate + scan
|
### Customisation
| Command | What it does |
|---|---|
envforge provider add |
Create a custom provider template |
envforge registry update |
Download the latest providers from the community registry |
## Built‑in Providers
| Category | Providers |
|---|---|
| Database | Supabase, Neon, MongoDB Atlas |
| Auth | Clerk, Auth0, Firebase |
| AI | OpenAI, Anthropic (Claude) |
| Payments | Stripe |
| Resend, SendGrid | |
| Storage | Cloudinary, AWS S3 / Cloudflare R2 |
| Other | Vercel |
Missing a provider? Add your own with
envforge provider addor contribute one to the community.
## Framework‑Aware Scanning
Use --framework for smarter detection:
# Next.js specific rules (app/ vs pages/, "use client")
envforge scan --framework next
The basic envforge scan works for any project.
Pre‑Commit Hook
Block commits that expose secrets or miss required variables:
envforge hook install
Now every commit runs envforge validate --quiet and envforge scan --quiet.
Custom Providers
Store your custom templates in .envforge.json (project) or ~/.envforge.json (global):
{
"providers": [
{
"name": "my-api",
"displayName": "My Custom API",
"category": "other",
"variables": [
{
"key": "MY_API_KEY",
"description": "API key for My Service",
"required": true,
"secret": true,
"example": "mk-xxxxxxxxxxxx"
}
]
}
]
}
Then use it:
envforge add my-api
Presets
Jump‑start common stacks:
| Preset | Providers |
|---|---|
nextjs-supabase-stripe |
Supabase + Stripe |
ai-saas |
OpenAI + Resend + Stripe |
clerk-neon |
Clerk + Neon |
image-upload |
Cloudinary + Supabase |
fullstack-kit |
Clerk + Neon + Cloudinary + Stripe |
Ignoring Files in Scans
Create a .envforgeignore file (same syntax as .gitignore) to exclude directories:
src/legacy
__tests__/
Contributing
New providers and features are welcome! Add a provider to src/core/templates/providers.ts or open an issue to request one.
License
MIT © Joseph Kariuki
Top comments (1)
Check out varlock.dev - it solves many problems of dealing with env files. We don't have a notion of providers, but we do have an upcoming notion of importing from public schemas, which would solve the same issue.
It's free and open source - active userbase. Drop in integrations and many plugins to pull secrets from most popular sources.