Skip to content
Critique/docs
Reference

Environment Variables

Operator reference for Critique deployment env vars — core stack, v4.0 change control flags, and v4.1 connections secrets.

This page lists deployment environment variables for self-hosted or Vercel operators. End users configure OpenRouter, agents, and Linear in the product UI — not via env.

The canonical template is .env.example in the repository. Copy it for local development and mirror the same names in production secrets.

Required for a working deployment

VariablePurpose
DATABASE_URLPostgreSQL connection for Prisma
BETTER_AUTH_SECRETSession signing (openssl rand -base64 32)
BETTER_AUTH_URLPublic origin for auth callbacks (local: http://localhost:3000)
NEXT_PUBLIC_APP_URLPublic site URL (links, metadata, MCP base)
GITHUB_APP_ID, GITHUB_APP_PRIVATE_KEY, GITHUB_WEBHOOK_SECRETGitHub App reviews and webhooks
QSTASH_TOKEN, QSTASH_CURRENT_SIGNING_KEY, QSTASH_NEXT_SIGNING_KEYAsync review and worker queue
OPENROUTER_API_KEYManaged review/chat when users do not use BYOK

OAuth sign-in is optional but typical: GITHUB_CLIENT_ID / GITHUB_CLIENT_SECRET, VERCEL_CLIENT_ID / VERCEL_CLIENT_SECRET.

Secrets and connections (v4.1+)

VariableRequired whenPurpose
CRITIQUE_SECRETS_ENCRYPTION_KEYUsers save any encrypted secret32-byte key, base64-encoded. Encrypts: OpenRouter/Crof/BYOA keys, repository secrets, app connections (Linear, …), and stores hashes for crt_ API keys

Generate:

node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"

Rotation

If you rotate CRITIQUE_SECRETS_ENCRYPTION_KEY without re-encrypting existing rows, saved secrets will not decrypt. Have users re-save keys from Settings and Connections after rotation.

No additional env vars are required for the connections platform v1 beyond this key. Linear, MCP, and REST v1 use the same encryption path as BYOK.

Optional URL overrides (unchanged from earlier releases):

VariableDefault
OPENROUTER_BASE_URLhttps://openrouter.ai/api/v1
CROF_BASE_URLhttps://crof.ai/v1

AI change control platform (v4.0)

All flags below default to true when unset (v4 change control is on out of the box). Set any flag to false to turn off that slice during rollout or debugging.

VariableEnables
CRITIQUE_CHANGE_PASSPORT_ENABLEDChange Passport as PR system of record
CRITIQUE_RISK_SCORING_ENABLEDRisk scoring on passports
CRITIQUE_EVIDENCE_CONTRACT_ENABLEDEvidence contract fields and gates
CRITIQUE_MERGE_POLICY_ENABLEDMerge policy evaluation (advisory)
CRITIQUE_MERGE_POLICY_ENFORCEMENT_ENABLEDEnforced merge policy (requires merge policy enabled)
CRITIQUE_REMEDY_PROOF_ENABLEDRemedy proof artifacts on passports
CRITIQUE_FINDING_MEMORY_ENABLEDFinding memory promotion paths
CRITIQUE_INCIDENT_FEEDBACK_ENABLEDIncident → policy feedback loop

Incident webhook secrets (v4.0)

Used by /api/integrations/incidents/:provider when verifying inbound webhooks:

VariableProvider
CRITIQUE_INCIDENT_WEBHOOK_SECRETGeneric shared secret (where supported)
CRITIQUE_LINEAR_WEBHOOK_SECRETLinear
CRITIQUE_SENTRY_WEBHOOK_SECRETSentry
CRITIQUE_JIRA_WEBHOOK_SECRETJira
CRITIQUE_VERCEL_WEBHOOK_SECRETVercel

Leave unset to disable provider-specific verification for that route.

Product behavior for change control is documented in Change control.

Chat documentation tools (optional)

VariablePurpose
FIRECRAWL_API_KEYsearchDocs / fetchDocPage in chat
CONTEXT7_API_KEYsearchLibraryDocs version-aware library docs

If unset, those chat tools return a clear “not configured” message.

Review, Remedy, and embeddings (common)

See .env.example for the full list. Frequently tuned:

VariableNotes
CRITIQUE_REVIEW_PROVIDER, CRITIQUE_REVIEW_MODELDefault review model routing
CRITIQUE_REMEDY_EXECUTION, CRITIQUE_REMEDY_MODEL_IDRemedy sandbox execution
CRITIQUE_CODE_EMBEDDING_MODELRepository embedding model
CRITIQUE_BETA_MODEProduct beta gates

What users configure in the UI (not env)

User actionUI locationOperator prerequisite
OpenRouter / Crof BYOKSettingsCRITIQUE_SECRETS_ENCRYPTION_KEY
Cursor / Anthropic / OpenAI BYOASettingsSame
Linear connectionSettings → ConnectionsSame
Critique API key (crt_…)Connections → API keysSame
Repository secretsDashboard → AutomationSame

Quick checklist by release

Shipping v4.0 change control

  1. Run database migrations (prisma migrate deploy).
  2. Set incident webhook secrets if using Control Board ingest.
  3. Flags are on by default — no env required. To disable a feature, set its flag to false and redeploy.

Shipping v4.1 connections / MCP

  1. Run migrations including user_connection and critique_api_key.
  2. Set CRITIQUE_SECRETS_ENCRYPTION_KEY before exposing Connections in production.
  3. Smoke-test: save Linear key → chat searchIssuesAndRoadmap; create crt_ key → GET /api/v1/passports and MCP tools/list.

Chat Tools

What Critique Chat can look up, inspect, and do on your behalf — with confirmation for writes.

Memory & Context System

How Critique remembers repository context for chat, reviews, and optional promoted learnings.

On this page

Required for a working deploymentSecrets and connections (v4.1+)AI change control platform (v4.0)Incident webhook secrets (v4.0)Chat documentation tools (optional)Review, Remedy, and embeddings (common)What users configure in the UI (not env)Quick checklist by releaseRelated