$devtoolkit.sh/examples/security/env-file

Manage a .env Environment File

Environment files store secrets and configuration that differ between development, staging, and production. A well-structured .env file has clear variable names, no duplicate keys, and no accidental whitespace in values. The env file editor parses the KEY=VALUE format, highlights duplicates, and lets you add or remove variables safely. Never commit real secrets to version control — use this tool to create a .env.example with placeholder values instead.

Example
NODE_ENV=production
PORT=3000
DATABASE_URL=postgresql://user:password@localhost:5432/mydb
REDIS_URL=redis://localhost:6379
JWT_SECRET=your-secret-key-here
API_KEY=sk-example-key-12345
SMTP_HOST=smtp.example.com
SMTP_PORT=587
[email protected]
NEXT_PUBLIC_API_URL=https://api.example.com
[ open in .env File Editor → ]

FAQ

Should I commit my .env file to git?
Never commit .env files containing real secrets. Add .env to .gitignore and commit a .env.example file with placeholder values to document required variables.
What is the difference between .env and .env.local?
.env is the base file loaded in all environments. .env.local overrides it for local development only and is never committed. Next.js, Vite, and Create React App all follow this convention.
Why do NEXT_PUBLIC_ variables need a prefix?
Next.js only exposes variables prefixed with NEXT_PUBLIC_ to the browser bundle. Variables without this prefix are server-side only, protecting secrets from being shipped to clients.

Related Examples

Decode a JWT Authentication Token

JSON Web Tokens are the standard credential format for REST APIs and OAuth 2.0 f...

Dockerfile for a Node.js Application

A well-structured Node.js Dockerfile uses a multi-stage build to keep the final ...

Prettier Configuration File

Prettier is an opinionated code formatter that removes all debates about style b...

/examples/security/env-filev1.0.0