Free · deterministic · no AI wrapper

Catch .env drift before deploy.

Upload a repo ZIP. EnvDrift scans code, Docker, Compose, YAML, shell scripts, docs, and GitHub Actions to spot missing variables, stale documentation, CI-only secrets, and risky files.

No signup. Max 12MB. Analysis runs locally on this server with regex/rule checks only.

What the report includes

  • Deploy readiness score and clear next steps
  • Missing variables used in code but absent from docs/examples/workflows
  • Stale .env.example or docs entries that look unused
  • GitHub Actions secrets/vars that only exist in CI
  • Risky files like real .env, keys, credentials, and secret-looking content
  • Copy-paste .env.example patch

Fast signal

A practical deploy checklist, not a giant static-analysis novel.

🎯

Specific fixes

Every finding links back to files, lines, and copyable .env.example entries.

🔒

Secret-aware

Flags real .env files, key material, credentials files, and CI secret references.

Frequently Asked Questions

Does EnvDrift use AI?

No. It is deterministic regex/rule-based scanning so the same ZIP produces the same report.

What languages does it scan?

JavaScript, TypeScript, Python, PHP, shell scripts, YAML, Dockerfiles, Docker Compose, docs, .env examples, and GitHub Actions workflows.

Is this a security scanner?

No. It is a deploy readiness helper. It catches common env drift and risky files, but it does not replace a real secrets scanner.