Do .env values need quotes?

Only when they contain spaces, special characters or you want to control interpolation. Unquoted values run to the end of the line (or an inline comment) with surrounding whitespace trimmed. Double quotes preserve spaces and allow escape sequences and $VAR interpolation; single quotes are fully literal.

What is the difference between single and double quotes?

Double-quoted values support backslash escapes like newline and tab and expand $VAR or ${VAR} references. Single-quoted values are literal: nothing is escaped or interpolated, which makes them ideal for secrets that contain a dollar sign or backslash.

What does the export prefix do?

Writing export KEY=value lets the same file be sourced directly by a shell. Dotenv loaders strip the export keyword and treat the line as a normal assignment, so it is purely for shell compatibility.

How are comments handled?

A line beginning with a hash (optionally after leading whitespace) is a comment and is ignored. Most loaders also treat a hash after an unquoted value as the start of an inline comment, so quote any value that legitimately contains a hash.

Why does my variable interpolation not expand?

Interpolation of $VAR or ${VAR} only happens in unquoted or double-quoted values, and only in loaders that support it. Single-quoted values never interpolate. If a value with a dollar sign is being mangled, switch it to single quotes.

.env File Syntax Reference

Email me this result

Get this tool's output sent to your inbox, plus one useful tool a week. No spam, unsubscribe any time.

The .env file format

A .env file stores configuration as one KEY=value assignment per line, loaded into a process’s environment at startup. The format looks trivial, but quoting, comments and interpolation differ subtly between loaders. This reference documents the rules and includes a live linter that classifies every line you paste.

How it works

Each non-blank, non-comment line is split at the first = into a key and a value. The key should be UPPER_SNAKE_CASE and may not start with a digit:

# a comment line
API_KEY="sk_live_123"      # double quotes preserve and can interpolate
SECRET='raw$value'          # single quotes are fully literal
DB_URL=$HOST/db             # $VAR expands in many loaders
export PORT=3000            # export prefix is stripped by the loader
EMPTY=                      # assigns an empty string

The linter applies exactly this logic: blank and # lines are ignored, a valid key/value reports whether the value is quoted, empty or unquoted, and a line with no = (and not a comment) is flagged as an error.

Tips and notes

Single-quote any secret containing $ so it is not treated as interpolation.
Behaviour varies across Node dotenv, python-dotenv and docker-compose — test in your loader.
Never commit a real .env; ship a .env.example with placeholder values instead.
Keep keys UPPER_SNAKE_CASE and avoid spaces around = for the widest compatibility.