Skip to content

chore: add .env support with gitignore protection#3283

Merged
PierreBrisorgueil merged 3 commits intomasterfrom
chore/env-support
Mar 19, 2026
Merged

chore: add .env support with gitignore protection#3283
PierreBrisorgueil merged 3 commits intomasterfrom
chore/env-support

Conversation

@PierreBrisorgueil
Copy link
Contributor

@PierreBrisorgueil PierreBrisorgueil commented Mar 19, 2026
edited by coderabbitai bot
Loading

Summary

  • Add .env and .env.* to .gitignore to prevent accidental secret commits (.env.example excluded)
  • Create .env.example with all DEVKIT_NODE_stripe_* billing variables as documentation
  • Update start and dev scripts to use Node 22's --env-file=.env for automatic env loading

Test plan

  • .env with real values is NOT tracked by git
  • .env.example IS tracked by git
  • All 264 unit tests pass
  • Manual: npm start loads env vars from .env correctly

Summary by CodeRabbit

  • Chores
    • Added an example environment configuration with Stripe Billing placeholders (API keys, webhook signing secret, and pricing IDs) for easy setup.
    • Updated ignore rules to keep real environment/secret files out of version control while retaining the example template.
    • Enabled conditional loading of environment variables during application startup for both production and development runs.

@PierreBrisorgueil
chore: add .env support with gitignore protection
ce54b72 
Add .env/.env.* to gitignore to prevent secret leaks, provide
.env.example with all billing env vars, and use Node 22 --env-file
flag in start/dev scripts for automatic loading.
Copilot AI review requested due to automatic review settings March 19, 2026 10:28
@coderabbitai
Copy link

coderabbitai bot commented Mar 19, 2026
edited
Loading

Warning

Rate limit exceeded

@PierreBrisorgueil has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 17 minutes and 35 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: eba42fde-0940-4952-b1a5-2356399e1c04

📥 Commits

Reviewing files that changed from the base of the PR and between 2f1de7d and 37b736a.

📒 Files selected for processing (1)
  • package.json

Walkthrough

Adds an example environment file with Stripe Billing variable placeholders, updates .gitignore to ignore real env files while keeping the example, and modifies package.json scripts to optionally load .env at runtime via Node's --env-file-if-exists flag.

Changes

Cohort / File(s) Summary
Environment template & ignore rules
.env.example, .gitignore		 Adds .env.example with Stripe secret, webhook secret, and multiple price ID placeholders; updates .gitignore to ignore .env* while un-ignoring .env.example.
Runtime script updates
package.json		 Modifies start and dev scripts to include --env-file-if-exists=.env so Node will load .env when present (keeps previous behavior otherwise).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Description check ❓ Inconclusive The description covers the core summary but lacks most required sections from the template (Scope, full Validation checklist, and Guardrails details). Complete the Scope section (modules impacted, cross-module impact, risk level), full Validation checklist, and Guardrails section to align with the repository template.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and concisely summarizes the main changes: adding .env support while protecting secrets via gitignore.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch chore/env-support
📝 Coding Plan
  • Generate coding plan for human review comments

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copilot AI reviewed Mar 19, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds first-class local environment file support while protecting secrets from being committed, and documents the required Stripe billing environment variables.

Changes:

  • Update start / dev scripts to load environment variables from .env via Node’s --env-file.
  • Add .env / .env.* to .gitignore while explicitly allowing .env.example.
  • Add .env.example documenting Stripe billing-related DEVKIT_NODE_* variables.

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.

File Description
package.json Load env vars from .env automatically for start and dev.
.gitignore Prevent accidental commits of .env files while keeping .env.example tracked.
.env.example Provide documented placeholders for Stripe billing configuration.

coderabbitai[bot]
coderabbitai bot requested changes Mar 19, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@package.json`:
- Around line 26-27: The package.json scripts "start" and "dev" hard-fail when
.env is missing because they use --env-file=.env; change both scripts to use
--env-file-if-exists=.env so Node 22 will load the file only if present (i.e.,
update the "start" and "dev" script values to replace --env-file=.env with
--env-file-if-exists=.env).
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 26e6c83a-5af3-4797-8a55-436f97ccb49c

📥 Commits

Reviewing files that changed from the base of the PR and between 197768c and ce54b72.

📒 Files selected for processing (3)
  • .env.example
  • .gitignore
  • package.json

@PierreBrisorgueil
fix(chore): keep start/dev scripts without .env, add separate billing…
37b736a 
… scripts

start/dev remain unchanged so the app works without Stripe.
start:billing/dev:billing load .env for Stripe testing.
@PierreBrisorgueil PierreBrisorgueil merged commit 8b69820 into master Mar 19, 2026
3 checks passed
@PierreBrisorgueil PierreBrisorgueil deleted the chore/env-support branch March 19, 2026 10:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@PierreBrisorgueil