.env.local Now

The .env.local file is a simple but powerful tool for managing the "personality" of your development environment. It keeps your secrets safe, allows for individual customization, and integrates seamlessly with modern build tools.

# SENSITIVE: Keep this private! STRIPE_SECRET_KEY=sk_test_51Mz... # PUBLIC: Accessible by the browser NEXT_PUBLIC_ANALYTICS_ID=UA-123456789 Use code with caution.

If you realize you’ve committed your .env.local , deleting it from the folder isn't enough; it's still in your Git history. You will need to rotate your API keys immediately. .env.local

When a new teammate joins, they simply run cp .env.example .env.local and fill in their own credentials.

The best practice is to create a file. This file contains the keys but not the actual values. Example .env.example : STRIPE_SECRET_KEY= NEXT_PUBLIC_ANALYTICS_ID= DATABASE_URL= Use code with caution. STRIPE_SECRET_KEY=sk_test_51Mz

This prevents .env.local , .env.development.local , and others from being tracked by Git.

Do not use spaces around the = sign. KEY = VALUE will often break the parser. Use KEY=VALUE . Summary You will need to rotate your API keys immediately

While it looks like a simple text file, it plays a critical role in keeping your application secure and your development workflow smooth.