{{ result.summaryTitle }}
{{ result.primary }}
{{ result.summaryLine }}
{{ badge.label }}
Paste KEY=value rows or drop one .env/.txt file; output refreshes locally.
{{ sourceStatus || 'Drop ENV or TXT onto the textarea.' }}
Choose the parser family that will read this file.
Upper snake keeps generated keys portable across common dotenv parsers.
Auto protects spaces, comments, quotes, and multiline values without over-quoting simple values.
Literal protects dollar signs in auto mode; interpolation leaves references readable for Compose-style substitution.
Turn off for the smallest possible file.
{{ include_comments ? 'Included' : 'Omitted' }}
Last declaration wins matches common dotenv override behavior.
Keep off when source order carries section meaning.
{{ sort_keys ? 'On' : 'Off' }}
Leave blank to emit the keys exactly after the selected key style.
Empty assignment keeps KEY=; commented placeholder leaves a safer prompt for required values.
Safe placeholders keeps non-secret defaults and blanks secret-like values.
Keep on before screenshots or shared CSV previews.
{{ mask_secret_previews ? 'On' : 'Off' }} 
{{ result.envText || '# Add variable rows to generate a .env file.' }}
{{ result.exampleText || '# Add variable rows to generate a .env.example file.' }}
Key Value preview Quote Source Comment Copy
{{ row.key }} {{ row.preview }} {{ row.quote }} {{ row.source }} {{ row.comment }}
No variable ledger rows
Add KEY=value rows before exporting this ledger.
Severity Check Finding Action Copy
{{ row.severity }} {{ row.check }} {{ row.finding }} {{ row.action }}
No review rows available
Add source variables to build the review checklist.
Tags: Devtools, File Tools, Sysadmin
ENV Converter Convert .env files to YAML, JSON, runtime env, INI, and properties output with parser traces, expansion checks, and secret-like value review.
Environment Variable Inventory Checker Audit required environment variables against pasted or uploaded inventories with redacted missing, blank, placeholder, duplicate, and secret-like findings.
Docker Compose Generator Build Docker Compose YAML for one service, with image/build choices, port exposure, .env secret references, healthchecks, networks, and review notes.
API Key Generator Generate API keys in your browser with public lookup IDs, entropy targets, SHA-256 storage hashes, and sensitive-batch warnings.
Customize
Advanced
:

Configuration handoffs usually fail in small, quiet places: a renamed database host, a missing feature flag, a copied token, or a local value that accidentally becomes the production default. Environment variables keep those values outside application code so a laptop, a staging server, a container, and production can run the same build with different settings.

Dotenv files are a common way to pass that configuration around as plain text. Each useful row gives a variable name and a value, but the row is not just a casual note. The reader still applies rules for names, quotes, comments, interpolation, blank values, and duplicate declarations. A password with a dollar sign may stay literal in one loader and expand as a reference in another. A comment marker after a space can turn the rest of a row into a note. A repeated key may hide the setting that someone expected to win.

Environment variable
A named value made available to a process at startup or by its surrounding shell, service manager, or container runtime.
Dotenv file
A text file that stores environment-variable rows, usually as KEY=value, so development and deployment tools can load them.
Example file
A shareable template that documents required keys while replacing secrets with blanks or placeholders.
A dotenv row split into key, equals sign, value, comment, name rule, quote choice, duplicate decision, and example placeholder
A safe dotenv handoff checks the row anatomy before the real file and the example file are shared.

The split between a real .env file and an .env.example file is a practical safety pattern. The real file carries runtime values and often belongs outside source control. The example file documents the required keys, keeps harmless defaults where they help setup, and replaces secrets with blanks or placeholders. The example only helps when it stays close to the real shape of the configuration without leaking credentials, internal hostnames, or account details.

No single dotenv grammar covers every runtime. Node.js, Docker Compose, Python dotenv libraries, and shell sessions overlap on the basic key-value idea, then differ on interpolation, export prefixes, blank values, quotes, and duplicate precedence. A reviewed dotenv draft should still be loaded by the exact application, Compose command, Python call, or shell session that will use it.

How to Use This Tool:

Start with the variable rows you already have, choose the parser family that will read the file, and use the review output before copying real credentials anywhere.

  1. Paste rows into Variable rows, browse for a .env or .txt file, drop a file onto the textarea, or use Load sample. Files larger than 512 KB are rejected so an accidental large text file does not overwhelm the page.
  2. Use Normalize keys when labels such as api-url or database url should become portable names such as API_URL. Leave intentional names alone by choosing Preserve valid source keys.
  3. Set Compatibility profile to Node.js dotenv, Docker Compose, Python dotenv, or Shell-compatible export. The profile changes review guidance and shell export formatting rather than proving that every downstream parser will agree.
  4. Keep Quote policy on Auto safe for the first pass. Use Dollar handling to decide whether dollar-style text should stay literal or remain available for interpolation in readers that support it.
  5. Open Advanced for duplicate policy, sorting, a key prefix, blank-value handling, example-template style, and masked secret previews. These choices affect what appears in the .env File, .env.example, Variable Ledger, and Review Checklist.
  6. Fix Error rows in the Review Checklist before copying output. Review Warning rows for duplicates, quote safety, secret posture, and literal dollar handling.
  7. Confirm the Variable Ledger row by row. It shows the emitted key, value preview, quote type, original line reference, and comment so accidental renames or masked secrets are easier to catch.

After copying or downloading the generated text, run the target loader and compare its final values with the ledger before treating the file as ready.

Interpreting Results:

Read the generated .env File as the sensitive runtime file. It keeps the selected real values, including any credentials. Read .env.example as the safer documentation file, not as proof that the real deployment is configured.

  • Error means a row did not become a valid dotenv assignment. Do not use the generated file until those rows are fixed or removed.
  • Warning means the row may still be usable, but a person should decide whether the duplicate, quote, secret, or dollar behavior is intended.
  • Info records non-blocking changes such as key normalization, blank values, or removed export prefixes.
  • Pass means the selected settings did not produce active errors or warnings. It does not replace a loader test.

The safest verification cue is a real run: use docker compose config, a small dotenv loading check, or a fresh shell session and compare the values that the runtime sees with the rows shown in the Variable Ledger.

Technical Details:

Dotenv syntax is a convention family rather than one universal standard. The shared core is a variable name, an equals sign or supported delimiter, and a text value. Names are most portable when they start with a letter or underscore and then use letters, digits, and underscores. Values stay text even when they look like numbers, booleans, JSON, URLs, or connection strings.

Parsing details decide whether the text is safe to reuse. Blank lines and full-line comments are usually ignored, inline comments require loader-specific care, and some readers accept a colon as the key-value delimiter. Quoting is the main place where intent can drift. Unquoted values are compact, but whitespace, comment markers, backslashes, quotes, newlines, and dollar references can change how a reader parses the row. Double quotes protect many special characters with escapes. Single quotes are useful when dollar-style text must stay literal in readers that would otherwise interpolate it.

Transformation Core

A reviewed dotenv draft can be traced through a deterministic text transformation from pasted rows to reviewed assignments.

Step What changes What to inspect
Parse rows Reads assignment rows, optional export prefixes, colon rows, comma rows, pipe rows, blank lines, full-line comments, and inline comments. Rows without a usable key become errors. Comments can be carried into generated comments when comments are enabled.
Name keys Converts labels to uppercase snake case or preserves valid names, then applies an optional prefix. Renamed keys appear as info rows so accidental changes are visible.
Resolve duplicates Keeps the first declaration, keeps the last declaration, or emits duplicate rows depending on the selected policy. Duplicate-key warnings show where the same emitted key appears more than once after normalization.
Choose quotes Auto safe leaves simple values unquoted and quotes values that need protection; fixed policies force double quotes, single quotes, or no quotes. Unsafe unquoted values and dollar references are called out in the review.
Build examples Creates placeholders by blanking every value, preserving non-secret values, or replacing secret-like values while keeping useful defaults. The example file should document required keys without carrying live credentials.

Compatibility Notes

Profile Main concern Practical check
Node.js dotenv Variable names should follow the portable letters, digits, and underscores pattern, and quoted values may preserve text that would be fragile unquoted. Check that values meant to be numbers or booleans are still expected as strings by the application.
Docker Compose Unquoted and double-quoted values can be used for interpolation, and later environment files can override earlier values in Compose workflows. Run the Compose config command that shows the interpolated model before deploying.
Python dotenv Python dotenv files are Bash-like, support comments and quotes, and can expand brace-style variable references. Confirm whether existing environment variables should override file values in the loading call.
Shell export Rows are emitted with an export prefix so a shell session can receive the variables. Open a fresh shell and verify that quoted values, spaces, and dollar signs arrive as intended.

Worked Transformation

A pasted row such as this carries a key, a connection string, and an inline comment:

DATABASE_URL=postgres://app:change-me@db:5432/app # primary database

With normalized keys, auto safe quoting, preserved comments, and safe placeholders, the real file can keep the connection string while the example file replaces it with a generic database URL:

# primary database
DATABASE_URL=postgres://app:change-me@db:5432/app

# primary database
DATABASE_URL=postgres://user:password@host:5432/database

Secret-like detection is a heuristic. Names containing terms such as SECRET, TOKEN, PASSWORD, API_KEY, or CREDENTIAL are treated as sensitive, and long mixed strings can also be flagged. Masking changes previews in review tables only; the generated real file still contains the selected values.

Privacy Notes:

Dotenv rows often contain credentials, so the safest assumption is that the real output is sensitive.

  • Pasted text and loaded files are processed in the browser; generation does not require sending dotenv contents to a server.
  • The real .env File keeps actual selected values and should stay out of source control when it contains credentials or deployment-only settings.
  • Masked secret previews protect review tables, not the generated real file. Screenshots, copied CSV rows, DOCX tables, JSON output, and downloads can still disclose values if masking is turned off or the real file is shared.
  • Review the .env.example output before committing it because non-secret defaults may still reveal hostnames, service names, account IDs, or environment structure.

Worked Examples:

New service setup. A developer pastes APP_ENV=production, APP_HOST=app.example.test, and LOG_LEVEL=info. The .env File emits three variables, the Variable Ledger shows each quote type as none, and the Review Checklist records only key-normalization info if the names changed.

Duplicate rollout value. A handoff contains api-host=old-api.example.test and API_HOST=new-api.example.test. With uppercase snake case, both rows become API_HOST. The Review Checklist reports a duplicate-key warning, and the duplicate policy decides whether the first row, last row, or both rows appear in the .env File.

Secret in an example file. A row such as API_TOKEN=8f3a91b24c0e92a6d719cc38 is flagged as secret-like. The Variable Ledger can mask the preview, while .env.example can emit API_TOKEN=<set-secret> instead of the real token.

Dollar sign in a password. A password such as DB_PASSWORD=p$word${ENV} can be misread by a reader that expands dollar references. The Review Checklist warns under literal-dollar settings when the selected profile may still expand the value, so the safer next move is a single-quote-compatible value or a final loader test.

FAQ:

Why did my variable name change?

With Normalize to UPPER_SNAKE, names such as api-url, database url, and 2fa token are converted into portable dotenv keys. Choose Preserve valid source keys when the original name is already valid and intentional.

Why did a row become an error?

A row becomes an Error when it cannot produce a usable key. Rewrite it as KEY=value, remove stray punctuation from the name, or delete the row before copying the generated file.

Should I commit the generated .env file?

Commit the reviewed .env.example only when placeholders and preserved defaults are safe. Keep the real .env File out of source control when it contains credentials, private hostnames, or deployment-only values.

Why are some values quoted?

Auto safe quotes values that contain spaces, comment markers, quotes, escapes, multiline text, or profile-specific risky words. Force a quote policy only when the target loader has a known requirement.

Why does dollar handling matter?

Some dotenv readers treat $VAR or ${VAR} as a reference to another variable. Use literal handling for passwords and tokens that must keep dollar characters exactly as typed, then verify the final value in the target runtime.

Glossary:

Dotenv
A plain text convention for storing environment-variable rows outside application code.
Environment variable
A named text value supplied to a process by its surrounding runtime environment.
Interpolation
Expansion of references such as $VAR or ${VAR} by a reader that supports variable substitution.
Duplicate key
Two or more rows that emit the same final variable name after normalization and optional prefixing.
Secret-like
A key or value that resembles a credential and should be masked in previews or replaced in an example file.
Placeholder
A safe stand-in value used to document a required variable without exposing the real value.

References: