ENV Blocker 🔒
Protect your sensitive environment variables from accidental exposure.
ENV Blocker is a VS Code extension that prevents .env files from being opened without explicit confirmation. Perfect for protecting API keys, passwords, and other sensitive credentials from accidental screen sharing or unauthorized access.
✨ Features
- 🛡️ Automatic Blocking: All
.env files are blocked and require confirmation before opening
- 🎯 Smart Detection: Automatically detects
.env, .env.local, .env.production, and any .env.* variants
- ✅ Exception Support:
.env.example files open freely without confirmation
- 🔄 Session Memory: Files you've confirmed stay open during your VS Code session
- 🎨 Beautiful UI: Modern, animated confirmation dialog with keyboard shortcuts
- ⚡ Status Bar Control: Quick toggle on/off directly from the status bar
- 💾 Persistent Settings: Your enable/disable preference is saved across sessions
- 🚀 Zero Configuration: Works out of the box, no setup required
📸 Screenshots
Confirmation Dialog
When you try to open a .env file, a beautiful dialog appears asking for confirmation:
- Yes, Open - Opens the file and remembers your choice for this session
- Cancel - Closes the file and keeps it protected
Status Bar
Quick access to toggle the extension on/off from the status bar.
🚀 Installation
From VS Code Marketplace
- Open VS Code
- Press
Ctrl+P (or Cmd+P on macOS)
- Type:
ext install env-blocker
- Press Enter
Manual Installation
- Download the
.vsix file from Releases
- Open VS Code
- Go to Extensions (
Ctrl+Shift+X)
- Click
... (More Actions) → Install from VSIX...
- Select the downloaded
.vsix file
📖 Usage
Basic Usage
Try to open any .env file
- A confirmation dialog will appear automatically
- Choose "Yes, Open" to view the file
- Choose "Cancel" to keep it closed
Session Memory
- Once you confirm a file, it stays accessible during your current VS Code session
- Close and reopen VS Code to reset permissions (for security)
Status Bar Control
- Click the status bar item (🔒 ENV Blocker: ON/OFF) to toggle protection
- Green = Protection active
- Orange = Protection disabled
Keyboard Shortcuts (in Dialog)
Enter - Confirm and open fileEscape - Cancel and close file
🎮 Commands
Access these commands via Ctrl+Shift+P (or Cmd+Shift+P on macOS):
| Command |
Description |
ENV Blocker: Enable |
Turn on .env file protection |
ENV Blocker: Disable |
Turn off .env file protection |
ENV Blocker: Toggle |
Switch between enabled/disabled |
ENV Blocker: Reset Permissions |
Clear all remembered file permissions |
ENV Blocker: Show Status |
Display current status and statistics |
⚙️ How It Works
Protected Files
ENV Blocker will block these files:
- ✅
.env
- ✅
.env.local
- ✅
.env.development
- ✅
.env.production
- ✅
.env.staging
- ✅
.env.test
- ✅ Any
.env.* variant
Exempted Files
These files open normally without confirmation:
- ❌
.env.example
- ❌ Any file not matching
.env pattern
Security Features
- Immediate Close: When a
.env file is detected, it's immediately closed before the content is rendered
- Session-based Memory: Allowed files are forgotten when VS Code restarts
- Multiple File Protection: If you try to open multiple
.env files while a dialog is open, new files are closed and you're redirected to complete the current confirmation
- Startup Protection: Files already open when VS Code starts are also protected
🔧 Configuration
ENV Blocker works out of the box with no configuration needed. All settings are managed through commands.
Default Behavior
- Protection is enabled by default
- File permissions reset on VS Code restart
- Status bar item is always visible
Customization
Currently, ENV Blocker doesn't support custom patterns or exceptions beyond .env.example. If you need additional customization, please open an issue on GitHub.
🤔 Why ENV Blocker?
Common Scenarios
Screen Sharing Accidents
- Accidentally showing API keys during presentations
- Streaming/recording with sensitive data visible
- Pair programming with external developers
Security Best Practices
- Extra layer of protection for sensitive files
- Conscious decision before viewing credentials
- Reduces accidental git commits (by making you think twice)
Team Environments
- Junior developers learning about security
- Shared workspaces or computers
- Training environments
🆚 Comparison
| Feature |
ENV Blocker |
Manual Caution |
Other Extensions |
| Automatic Protection |
✅ |
❌ |
⚠️ Varies |
| Beautiful UI |
✅ |
❌ |
⚠️ Varies |
| Zero Config |
✅ |
✅ |
❌ |
| Session Memory |
✅ |
❌ |
⚠️ Varies |
| Easy Toggle |
✅ |
❌ |
⚠️ Varies |
| Status Bar Control |
✅ |
❌ |
❌ |
🐛 Troubleshooting
Extension Not Working?
Check if enabled
- Look at the status bar: should show 🔒 ENV Blocker: ON
- Run command:
ENV Blocker: Show Status
File still opens without dialog?
- Make sure the file ends with
.env or .env.*
- Check if the file was previously allowed (reset with
ENV Blocker: Reset Permissions)
Dialog appears twice?
- This shouldn't happen. Please report as a bug with reproduction steps
Known Limitations
- Cannot prevent file viewing if opened via command line (e.g.,
code .env)
- Cannot prevent file viewing in diff/compare mode
- Preview pane may briefly show content before closing (unavoidable VS Code limitation)
🤝 Contributing
Contributions are welcome! Here's how you can help:
Bug Reports
- Open an issue on GitHub Issues
- Include VS Code version, extension version, and reproduction steps
Feature Requests
- Check existing issues first
- Describe the use case and expected behavior
Pull Requests
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature
- Commit your changes:
git commit -m 'Add amazing feature'
- Push to the branch:
git push origin feature/amazing-feature
- Open a Pull Request
Development Setup
# Clone the repository
git clone https://github.com/marifsiddiqi/env-blocker.git
cd env-blocker
# Install dependencies
npm install
# Open in VS Code
code .
# Press F5 to run extension in debug mode
📝 Changelog
[0.0.1 - 0.0.3] - 2025-10-26
Added
- Initial release
- Basic .env file blocking functionality
- Confirmation dialog with modern UI
- Status bar integration
- Enable/Disable commands
- Reset permissions command
- Session-based file memory
- Startup file protection
.env.example exemption- Keyboard shortcuts (Enter/Escape)
📄 License
This project is licensed under the MIT License - see the LICENSE file for details.
🙏 Acknowledgments
- Inspired by the need for better security practices in development
- Built with ❤️ for the VS Code community
- Thanks to all contributors and users
📞 Support
⭐ Show Your Support
If ENV Blocker helps protect your sensitive data, please consider:
- ⭐ Starring the repository on GitHub
- 📝 Writing a review on the VS Code Marketplace
- 🐦 Sharing with your developer friends
Made with 🔒 by marifsiddiqi
GitHub •
Marketplace •
Report Bug •
Request Feature
