Environment variables

Environment variables are the highest-precedence way to configure the CLI. They override anything in ~/.config/div/config.json. They're great for:

• One-off invocations (DIV_API_URL=... div deploy) without changing your saved config.
• CI / scripted environments where you don't want to write a config file at all.
• Per-shell or per-direnv setups.

#DIV_API_URL

The API host the CLI sends requests to.

DIV_API_URL=https://div.test div deploy

Same as div config set api-url. The env var wins.

Trailing slashes are tolerated. The URL must parse with new URL(...).

#NODE_TLS_REJECT_UNAUTHORIZED

A standard Node.js variable. When set to '0', Node's fetch (and any other TLS code) accepts self-signed certificates.

The CLI sets this to '0' automatically at startup when insecure: true is in your config — but only if the env var isn't already set, so an explicit value always wins.

# explicit one-off
NODE_TLS_REJECT_UNAUTHORIZED=0 DIV_API_URL=https://div.test div deploy

Setting this disables certificate verification for the entire process, not just Div's requests. Use with care, and only for local dev hosts.

#NODE_EXTRA_CA_CERTS

Another standard Node variable. Points Node at an additional CA certificate bundle, so it can trust Herd's local CA without disabling verification across the board.

NODE_EXTRA_CA_CERTS="$HOME/Library/Application Support/Herd/config/valet/CA/HerdCASelfSigned.pem" \
  DIV_API_URL=https://div.test div deploy

(The Herd CA path varies by version. To find it: find ~/Library/Application\ Support/Herd -name '*.pem'.)

This is the more correct alternative to NODE_TLS_REJECT_UNAUTHORIZED=0 for local dev — verification stays on, but Node trusts your local certificate authority.

#EDITOR

The standard Unix variable. Used implicitly when you do $EDITOR "$(div config path)".

#What the CLI does not read

For the avoidance of doubt:

• HTTP_PROXY / HTTPS_PROXY — Node's built-in fetch doesn't honor these by default. If you need proxy support, run the CLI behind mitmproxy or set up undici's ProxyAgent via NODE_OPTIONS. (This is on the roadmap if it turns out folks need it.)
• DEBUG — there's no debug logging hooked up yet.
• CI — the CLI doesn't change behavior under CI today. (No-op for div deploy would be a sensible default; not implemented.)

#Putting it together for local dev

The simplest setup for a development machine:

div config set api-url https://div.test
div config set insecure true

After that, you can run div deploy plain. No env vars needed.

If you want explicit per-invocation control instead:

NODE_TLS_REJECT_UNAUTHORIZED=0 DIV_API_URL=https://div.test div deploy

Both work. Most people pick one and stick with it.

#See also

• Configuration — the saved-on-disk equivalents.
• div config — the user-facing command for setting them.
• Local development guide — when this all matters in practice.