July 11, 2026

Secrets, scandals, and .env files

Show HN: Dotenv-Diff v3.0.0

A new tool wants to stop secret settings chaos before your app melts down

TLDR: dotenv-diff v3.0.0 is a new tool that checks projects for missing or mishandled app settings before they cause public breakages. The community reaction was small but upbeat, with the biggest praise going to its unusual warning system for settings that are about to expire.

A fresh Show HN launch just dropped, and while the tool itself is all about boring-but-important behind-the-scenes cleanup, the community immediately zoomed in on the one feature that felt weirdly juicy: expiration dates for secret app settings. Yes, really. dotenv-diff scans a project to spot missing, unused, repeated, or wrongly used app settings before they blow up into late-night panic. It also plugs into code checks and team workflows, which is the kind of thing developers usually claim to love right after being burned by a bad launch.

The loudest reaction in the thread was basically: "okay, this is actually smart." Commenter cyberge99 summed up the mood by calling the expiration metadata a "novel touch," and that became the star of the show. Because in a sea of tools promising to catch mistakes, a feature that warns when a token or key is getting old feels like the kind of small detail that saves huge embarrassment later. It’s less glamorous than a new gadget, but to the crowd, it has major "future-me will thank me" energy.

The funny subtext? This is peak developer drama: everyone knows hidden app settings are chaotic, nobody wants to talk about them, and then a tool shows up offering to be the hall monitor. The vibe wasn’t angry so much as amused and impressed — like the comments section had collectively discovered a smoke alarm that also roasts you for leaving the oven on.

Key Points

  • Dotenv-Diff v3.0.0 is a CLI tool that scans codebases for environment variable references and flags missing, unused, duplicated, and misused variables.
  • The tool provides first-class support for SvelteKit, Next.js, and Nuxt, and also works in JavaScript/TypeScript projects using Node.js, Vue, and similar setups.
  • It supports configuration generation, Git hooks and CI/CD integration, framework-specific warnings, ignore comments, expiration metadata, baseline suppression, and variable inspection with `--explain`.
  • The article includes monorepo support with options to include shared files and ignore selected variables, along with documented exit codes for success and failure states.
  • The project is documented, open to contributions, released under the MIT license, and credited to chrilleweb.

Hottest takes

"actually pretty cool" — cyberge99
"@expiration metadata" — cyberge99
"a novel touch" — cyberge99
Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.