Envgrd: Detect Environment Variable Drift Using AST Analysis
Original: Show HN: Envgrd – Detect environment variable drift using AST analysis
Mood
informative
Sentiment
positive
Category
startup_launch
Key topics
Things like:
Code starts using a new env var but configs aren’t updated
Old variables sit in .env or docker-compose long after they’ve been removed
Onboarding fails because required env vars aren’t documented anywhere
CI/CD passes locally but fails remotely because variables were exported only on one machine
Regex-based scanners always produced tons of false positives and couldn’t handle dynamic patterns. So I built envgrd, a fast, AST-based scanner that uses Tree-Sitter to parse code (JS/TS, Go, Python, Rust, Java) and compare it against env sources: .env files, direnv, docker-compose, Kubernetes ConfigMaps/Secrets, systemd units, and shell exports.
It reports:
Missing env vars (used in code but not in configs)
Unused env vars (in configs but never referenced in code)
Dynamic patterns like process.env["prefix_" + var] or os.Getenv(key + "_suffix")
It runs in parallel, supports JSON output, and can be hooked into post-merge or CI jobs.
Repo: https://github.com/njenia/envgrd
Would love feedback, ideas, or any edge cases you think it should handle!
Envgrd: Detect environment variable drift using AST analysis
Snapshot generated from the HN discussion
Discussion Activity
No activity data yet
We're still syncing comments from Hacker News.
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Discussion hasn't started yet.
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.