If you realize you’ve committed your .env.local , deleting it from the folder isn't enough; it's still in your Git history. You will need to rotate your API keys immediately.
In the root directory of your project, create a new file named exactly .env.local . .env.local
The .env.local file is a specific "flavor" of these environment files. Its primary characteristics are: If you realize you’ve committed your
This is the most important step. Ensure your .gitignore file includes the following line: .env*.local Use code with caution. This prevents
This prevents .env.local , .env.development.local , and others from being tracked by Git.
# SENSITIVE: Keep this private! STRIPE_SECRET_KEY=sk_test_51Mz... # PUBLIC: Accessible by the browser NEXT_PUBLIC_ANALYTICS_ID=UA-123456789 Use code with caution.
Forgetting to add NEXT_PUBLIC_ or VITE_ can lead to frustrating "undefined" errors when trying to access variables in your React/Vue components.