feat: Add .env.example file for easier developer setup

[Rehan959]

Description
Adds a .env.example file to streamline developer onboarding. New developers can now simply copy the template file to .env and fill in their credentials, eliminating the need to reference documentation repeatedly. This improves setup efficiency and reduces configuration errors.

Type of Change

• New feature (non-breaking change which adds functionality)
  Checklist

• My code follows the project's style guidelines

• I have performed a self-review of my own code

• I have commented my code, particularly in hard-to-understand areas

• I have made corresponding changes to the documentation

• My changes generate no new warnings

• I have added tests that prove my fix is effective or that my feature works

• New and existing unit tests pass locally with my changes

• Any dependent changes have been merged and published in downstream modules

Related Issues
Closes #139

Summary by CodeRabbit

• Chores
  • Added an environment configuration template for the API with required variables for database and authentication.
  • Included optional defaults (port, CORS origins, environment) and a GitHub integration placeholder with guidance for token setup.
  • Added explanatory comments to help with local and deployment configuration.

[vercel]

@Rehan959 is attempting to deploy a commit to the AJEET PRATAP SINGH's projects Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

Walkthrough

A new apps/api/.env.example file was added containing template environment variables: required entries DATABASE_URL and JWT_SECRET, optional defaults (PORT, CORS_ORIGINS, NODE_ENV), and a GitHub token placeholder with explanatory comments for developer setup.

Changes

Cohort / File(s)	Summary
Environment configuration template apps/api/.env.example	Added new .env.example providing required env vars (DATABASE_URL, JWT_SECRET), optional defaults (PORT, CORS_ORIGINS, NODE_ENV), and a GitHub integration token placeholder with inline usage guidance.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Verify required env vars are present and named consistently with app config
• Ensure placeholder values are non-sensitive and comments clearly explain usage

Poem

🐇 I nibble on keys and tidy the plot,
A little .env to help devs get caught.
Copy, paste, fill—no mysteries to comb,
Fresh rabbits hop in and find a warm home.

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding a .env.example file to improve developer setup experience.
Linked Issues check	✅ Passed	The pull request fully addresses issue #139 by adding a .env.example file with required variables and setup guidance as specified.
Out of Scope Changes check	✅ Passed	All changes are scoped to adding the .env.example template file, directly aligned with the linked issue requirements.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cla-assistant]

All committers have signed the CLA.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

apps/api/.env.example (3)

5-8: Fix key ordering to match linter expectations.

dotenv-linter flags that CORS_ORIGINS and NODE_ENV should be ordered before PORT. While this doesn't affect functionality, consistent ordering improves maintainability and avoids linter warnings.

Apply this diff to reorder the optional keys:

  # Optional (good defaults shown)
- PORT=8080
  CORS_ORIGINS=http://localhost:3000
  NODE_ENV=development
+ PORT=8080

---

2-3: Inconsistent quoting style may confuse developers.

Lines 2–3 use quotes ("..."), while lines 6–8 do not. This inconsistency can lead developers to misunderstand when quotes are required. Adopt a consistent convention throughout the file and document it briefly (e.g., in a comment at the top).

Recommendation: Either quote all values or quote only those containing special characters (spaces, =, etc.). If DATABASE_URL contains = and ?, quoting is justified; clarify this in a comment.

Example (quote values that need it, add clarifying comment):

+ # Note: Quote values containing special characters (=, ?, &, spaces, etc.)
  # Required
  DATABASE_URL="postgresql://USER:PASSWORD@localhost:5432/your_database_name?schema=public"
  JWT_SECRET=replace-with-a-strong-random-secret
  
  # Optional (good defaults shown)
  PORT=8080
  CORS_ORIGINS=http://localhost:3000
  NODE_ENV=development

Also applies to: 6-8

---

11-11: Clarify "classic token" terminology for new developers.

The term "classic token" may not be familiar to all developers. Consider linking to the GitHub documentation directly or being more explicit about the token type and its purpose within the application.

- # Generate a classic token with "public_repo" access at https://github.com/settings/tokens
+ # Generate a personal access token (classic) with "public_repo" scope at https://github.com/settings/tokens

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 12eb954 and 44a1dcd.

📒 Files selected for processing (1)

• apps/api/.env.example (1 hunks)

🧰 Additional context used

🪛 dotenv-linter (4.0.0)

apps/api/.env.example

[warning] 3-3: [QuoteCharacter] The value has quote characters (', ")

(QuoteCharacter)

---

[warning] 7-7: [UnorderedKey] The CORS_ORIGINS key should go before the PORT key

(UnorderedKey)

---

[warning] 8-8: [UnorderedKey] The NODE_ENV key should go before the PORT key

(UnorderedKey)

[coderabbitai]

⚠️ Potential issue | 🟠 Major

⚠️ Reconsider storing GitHub tokens in .env files.

Personal access tokens are sensitive credentials and should never be stored in version-controlled .env files, even as placeholders. If the application requires GitHub token authentication, consider one of these alternatives:

• Remove this from .env.example and document in README that developers set GITHUB_PERSONAL_ACCESS_TOKEN only in their local, gitignored .env file
• Use environment-specific secret management (e.g., CI/CD secrets, HashiCorp Vault)
• Make the feature optional and degrade gracefully if the token is unavailable

If GitHub token functionality is critical for basic setup, clarify this distinction in documentation.

🤖 Prompt for AI Agents

In apps/api/.env.example around lines 10 to 12, the file exposes a GitHub
personal access token placeholder which shouldn’t be committed; remove the
GITHUB_PERSONAL_ACCESS_TOKEN entry from .env.example and instead document in the
README that developers must set GITHUB_PERSONAL_ACCESS_TOKEN in their local,
gitignored .env or via environment/secret management (CI secrets, Vault), and
update application startup to handle missing token gracefully or make the
feature optional so the app degrades when the token is not provided.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (2)

apps/api/.env.example (2)

1-13: Template is incomplete—missing critical environment variables used by the application.

Based on earlier review findings, the following variables referenced in the codebase are missing from this template:

• ENCRYPTION_KEY (used in encryption utilities)
• SLACK_INVITE_URL (app initialization)
• RAZORPAY_KEY_ID, RAZORPAY_KEY_SECRET, RAZORPAY_WEBHOOK_SECRET (payment service)
• ZEPTOMAIL_URL, ZEPTOMAIL_TOKEN, ZEPTOMAIL_FROM_ADDRESS, ZEPTOMAIL_FROM_NAME (email service)

Adding these to .env.example ensures developers have a complete reference during setup and prevents configuration surprises.

---

10-13: Remove GitHub token guidance from version-controlled .env.example file.

Documenting how to generate personal access tokens in a committed template file represents a compliance/security risk. Even though the token itself is commented out, this guidance should not be in version control.

Recommendation:

• Remove lines 10–13 entirely from .env.example
• Document token setup in README.md or a separate CONTRIBUTING.md guide instead
• Ensure the application handles missing GITHUB_PERSONAL_ACCESS_TOKEN gracefully (optional feature or clear error messaging)

-# Optional GitHub integration
-# To enable GitHub queries, set GITHUB_PERSONAL_ACCESS_TOKEN in your local .env file
-# Generate a classic token with "public_repo" access at https://github.com/settings/tokens
-# GITHUB_PERSONAL_ACCESS_TOKEN should NEVER be committed to version control

🧹 Nitpick comments (1)

apps/api/.env.example (1)

5-8: Reorder keys to follow dotenv-linter conventions.

For consistency with standard .env file formatting, place NODE_ENV and CORS_ORIGINS before PORT.

 # Optional (good defaults shown)
-PORT=8080
 CORS_ORIGINS=http://localhost:3000
 NODE_ENV=development
+PORT=8080

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 44a1dcd and 46ae0cd.

📒 Files selected for processing (1)

• apps/api/.env.example (1 hunks)

🧰 Additional context used

🪛 dotenv-linter (4.0.0)

apps/api/.env.example

[warning] 3-3: [QuoteCharacter] The value has quote characters (', ")

(QuoteCharacter)

---

[warning] 7-7: [UnorderedKey] The CORS_ORIGINS key should go before the PORT key

(UnorderedKey)

---

[warning] 8-8: [UnorderedKey] The NODE_ENV key should go before the PORT key

(UnorderedKey)