What Are .env Files? Keeping Secrets Out of Your Code
.env files, .gitignore, the NEXT_PUBLIC_ prefix, and common mistakes
You've probably seen your AI assistant generate code that references process.env.SOMETHING. You've probably also seen it tell you to "create a .env file." But what exactly is happening here, and why does it matter so much?
The Problem .env Files Solve
Here's the core issue: your code needs to know your API keys to function, but your code also gets shared — pushed to GitHub, deployed to servers, copied between machines. If the keys are in the code, they go everywhere the code goes.
The solution is separation. Keep the keys in a separate file that doesn't travel with your code.
That file is the .env file.
How .env Files Work
A .env file is just a text file with key-value pairs:
# .env
STRIPE_SECRET_KEY=sk_live_abc123def456
DATABASE_URL=postgresql://user:passwordThis lesson is part of the Guild Member curriculum. Plans start at $29/mo.