Complete Feature Reference

Every feature,
explained.

16 free features built into VS Code's sidebar — plus Pro cloud and team features for serious projects.

Install FreeSee Pricing
16
Free features
AES-256-GCM
Encryption
4
Export formats
3
External sync providers
0
Setup required

Free — no account needed

Everything in the free tier,
built into one panel

Install from the VS Code Marketplace, open any project with a .env file, and you're done. No config.

Variable Groups

Free

ENV Manager Pro reads your existing comment headers and auto-organises your variables into collapsible groups — no config file, no format changes, no plugins.

  • Supports # === NAME ===, # --- NAME ---, # [NAME] and ALL CAPS patterns
  • Groups show variable count and collapse independently
  • Emoji icons auto-assigned per group name (DATABASE → 🗄, AUTH → 🔑, etc.)
  • Zero changes to your .env file format
Your .env file
# === DATABASE ===
DB_HOST=localhost
DB_PORT=5432
DB_NAME=myapp

# === AUTH ===
JWT_SECRET=super_secret
GOOGLE_ID=894-xxx

# === PAYMENTS ===
STRIPE_KEY=sk-live-xxx
Sidebar shows
🗄 DATABASE3 vars
🔑 AUTH2 vars
💳 PAYMENTS1 var

Instant Search

Free

Type any part of a key or value and results filter in real-time across all variables and all groups. Essential once you cross 20 variables.

  • Searches both keys and values simultaneously
  • Highlights matching text in results
  • Works across all open .env files at once
  • Keyboard shortcut: Ctrl/Cmd + Shift + F inside the panel
stripe
STRIPE_KEY
STRIPE_WEBHOOK_SECRET
STRIPE_PRICE_ID_MONTHLY
STRIPE_PRICE_ID_ANNUAL

4 results · searching across 3 files

Show / Hide Secret Values

Free

All secret values are masked by default with ••••••••. Toggle the eye icon per-variable or for the whole panel. Perfect for screensharing or pair programming sessions.

  • Per-variable toggle — reveal only what you need
  • Global hide-all shortcut for quick screen shares
  • Masked values never get accidentally copy-pasted
  • State persists across panel closes
Hidden (default)
DATABASE_URL●●●●●●●●●●
JWT_SECRET●●●●●●●●●●
STRIPE_KEY●●●●●●●●●●
Revealed (toggled)
DATABASE_URLpostgres://user:pass@localhost/db

Inline Secret Generator

Free

Generate cryptographically strong secrets for any variable type — directly inside VS Code. No more tabbing to a browser to get a random string.

  • 6 secret types: JWT, UUID v4, Hex, Base64, Password, API Key
  • Generates inline — one click fills the value field
  • All generation is local — nothing sent to any server
  • Configurable length for password and hex types
Generate for: JWT_SECRET
JWT
256-bit signed
UUID v4
Random unique ID
Hex
32-byte random
Base64
URL-safe encoded
Password
16 chars mixed
API Key
sk-xxxxx format
✓ eyJhbGciOiJIUzI1NiJ9.abc123...

Duplicate Key Detection

Free

Duplicate keys silently override each other in .env files — a classic source of hard-to-debug bugs. ENV Manager highlights duplicates in red the moment it spots them.

  • Real-time detection as you type or paste
  • Shows both the original and duplicate with line numbers
  • Flags which value would win (last-write wins in Node.js)
  • Works across all .env files in the project
Live scan results
DB_HOST=localhost
DB_PORT=5432
API_KEY=abc123 line 8
API_KEY=xyz789 line 14 ← DUPLICATE
⚠ Value on line 14 overrides line 8 at runtime

Import & Export

Free

Paste raw .env text to bulk-import, or export your current variables in 4 formats to fit any toolchain — Docker, Kubernetes, Node.js, or standard .env.

  • Import by paste — no file picker needed
  • Export as .env, JSON, Docker --env-file, or K8s Secret YAML
  • One-click copy entire export to clipboard
  • Useful for onboarding new teammates or deploying to CI
Export formats
.envStandard — works everywhere
DB_HOST=localhost
JWT_SECRET=super_secret
JSONNode.js / config.json
{"DB_HOST":"localhost","JWT_SECRET":"super_secret"}
Docker--env-file flag
DB_HOST=localhost
JWT_SECRET=super_secret
K8s SecretYAML manifest
apiVersion: v1
kind: Secret
data:
  DB_HOST: bG9jYWxob3N0

Missing Key Check

Free

Compares your .env against .env.example — surfaces every key your teammates have that you don't. Catch onboarding gaps before they break your local build.

  • Auto-detects .env.example in the project root
  • Shows missing keys with their placeholder values from example
  • One-click to add a missing key with empty value
  • Runs on every panel open and on file save
Comparing .env ↔ .env.example
DB_HOST✓ present
DB_PORT✓ present
JWT_SECRET✓ present
OPENAI_API_KEY✗ MISSING
REDIS_URL✗ MISSING
SENTRY_DSN✗ MISSING

3 keys missing from your .env — click to add

20-Level Undo History

Free

Every add, edit, delete, group rename, and bulk import is reversible. Accidentally wiped your staging config during a paste? One click brings it back.

  • 20 undo steps per panel session
  • Tracks: add, edit, delete, import, sort, rename
  • Undo is visual — shows what changed and when
  • Works independently of VS Code's file-level undo
Undo history
Deleted DB_PASSWORDjust now
Edited STRIPE_KEY1 min ago
Added REDIS_URL3 min ago
Imported 12 variables5 min ago
Renamed group AUTH → SECURITY8 min ago

Multi-Environment Support

Free

Opens every .env variant in your project — .env, .env.local, .env.staging, .env.production — and lets you switch between them with a single click.

  • Auto-discovers all .env.* files in the project
  • Switch files without closing or reopening the panel
  • Each file keeps its own group structure and undo stack
  • Works with monorepos — scans all workspace folders
Files in project
.env (development)12 vars
.env.local4 vars
.env.staging14 vars
.env.production14 vars
.env.test8 vars

More free features

7 more tools included at no cost

Copy to Clipboard

Free

Copy any value with one click — masked or revealed. The raw value is always copied, never the ●●●● placeholder.

Sort A–Z Toggle

Free

Sort all variables alphabetically across groups, or restore original file order. Useful when scanning a large .env quickly.

Create New .env Files

Free

Scaffold a new .env file from the panel — picks up the right name (.env.staging, etc.) and opens it immediately.

File Watcher (Auto-reload)

Free

Edit the raw .env file in a text editor and the panel updates instantly. No manual refresh, no stale state.

Diff Two .env Files

Free

Side-by-side comparison of any two .env variants. Shows added, removed, and changed keys at a glance.

Validation & Type Hints

Free

Warns on common issues: empty required keys, invalid URLs, port numbers out of range, and non-boolean flags.

Jump to Line

Free

Click any variable in the panel to jump directly to its line in the raw .env file in the VS Code editor.

Pro — $8 / month

Team & cloud features
for serious projects

Everything in Free, plus encryption, cloud sync, team vaults, rotation alerts, audit logs, and external provider sync.

Cloud Sync

Pro

Your variables are encrypted with AES-256-GCM on your device, then pushed to a personal vault. Pull on any machine — laptop, desktop, remote VM — and your secrets follow.

  • Encryption happens locally — the server only ever sees ciphertext
  • Master key stored in VS Code's native secret storage (OS keychain)
  • Pull on any machine with your Pro account — instant sync
  • Works across VS Code, Cursor, and any VS Code fork
1Your secrets (on device)Never leaves unencrypted
DB_PASS=super_secret_123
AES-256-GCM encryptionKey in VS Code Secrets
Encrypting locally…
2Encrypted blob (uploaded)Server cannot decrypt this
U2FsdGVkX1+abc...Dkl9XQ==

Server sees only encrypted blobs — your master key never leaves your machine.

Team Vault

Pro

Share a vault ID with teammates. Everyone on the team pulls the same encrypted variable set. No more 'can you send me your .env?' over Slack.

  • One vault ID shared with the whole team — each person pulls with their own key
  • Role-based access: Owner can revoke individual team members
  • New teammates onboard in seconds — install extension, enter vault ID, pull
  • Mutations are versioned — you can see who changed what
Team vault · myapp-production
G
Gowtham (you)OwnerSynced
A
Alex KimMemberSynced
S
Sarah ChenMemberSynced
N
New teammatePendingInvited
☁ 14 variables · last push 2 minutes ago · 3 members synced

Secret Rotation Alerts

Pro

Secrets older than 90 days get flagged directly in the panel and can trigger a Slack webhook. Stay ahead of audits, compliance reviews, and credential leaks before they happen.

  • 90-day rotation reminder — configurable per variable or globally
  • Slack webhook integration for team-wide rotation nudges
  • Alert shows which keys are stale and by how many days
  • One-click to mark a secret as rotated after updating it
Rotation status
STRIPE_KEY12 days old
JWT_SECRET44 days old
OPENAI_API_KEY91 days old
DATABASE_URL104 days old
GOOGLE_CLIENT_SECRET138 days old
3 secrets need rotation · Slack alert sent 2 hours ago

Full Audit Log

Pro

Complete history of who changed what variable, what the old value was, and exactly when. Essential for security audits, debugging incidents, and compliance reviews.

  • Logs: add, edit, delete, import, sync, rotation
  • Shows actor (user email), timestamp, old value hash, new value hash
  • Exportable as CSV or JSON for compliance reports
  • Retained for 12 months per vault
Audit log · last 24h
gowthamrotatedSTRIPE_KEY09:14
alexaddedNEW_FEATURE_FLAG08:52
saraheditedDATABASE_URL07:33
gowthamdeletedOLD_API_KEYYesterday
aleximported12 variablesYesterday

External Provider Sync

Pro

Pull directly from AWS Secrets Manager, Doppler, or Infisical into your .env. Single source of truth — no manual copying, no stale local configs.

  • AWS Secrets Manager — pull entire secret namespaces
  • Doppler — sync from any project and config
  • Infisical — pull from any project environment
  • Manual or scheduled auto-pull on VS Code open
Connected providers
🏭AWS Secrets ManagerConnected
us-east-1 · 24 secrets · last sync 4m ago
🌊DopplerConnected
production · 14 secrets · last sync 4m ago
🔐InfisicalDisconnected

Ready to stop editing
.env files by hand?

Install free in 30 seconds from the VS Code Marketplace.

Install FreeGet Pro · $8/mo