no-top-level-env
Rule catalog ID: R013
Targeted pattern scopeโ
GitHub Actions workflow YAML files that declare env at the top level.
What this rule reportsโ
This rule reports workflows that define a top-level env block.
Why this rule existsโ
Top-level environment variables affect every job and can hide which parts of a workflow actually depend on a variable. Narrower scoping keeps workflow behavior easier to audit.
โ Incorrectโ
env:
NODE_ENV: production
โ Correctโ
jobs:
build:
name: Build
runs-on: ubuntu-latest
env:
NODE_ENV: production
Additional examplesโ
For larger repositories, this rule is often enabled together with one of the published presets so violations are caught in pull requests before workflow changes are merged.
ESLint flat config exampleโ
import githubActions from "eslint-plugin-github-actions-2";
export default [
{
files: ["**/*.{yml,yaml}"],
plugins: {
"github-actions": githubActions,
},
rules: {
"github-actions/no-top-level-env": "error",
},
},
];
When not to use itโ
You can disable this rule when its policy does not match your repository standards, or when equivalent enforcement is already handled by another policy tool.