Environment Variables
Environment variables are configuration values stored outside your code that change based on the deployment context. They keep secrets like API keys, database URLs, and service credentials separate from source code — preventing accidental exposure and allowing different configurations for development, staging, and production.
Example
Your .env file contains DATABASE_URL, STRIPE_SECRET_KEY, and NEXT_PUBLIC_APP_URL. In development, DATABASE_URL points to localhost. In production, it points to your hosted database. Same code, different configuration.
Environment variables are the standard way to manage configuration and secrets in modern development. Every vibe-coded project that connects to external services needs them.
Why Environment Variables?
Without environment variables:
- API keys get hardcoded in source files
- Different environments require code changes
- Secrets end up in version control
- Team members share credentials insecurely
With environment variables:
- Secrets stay outside the codebase
- Same code runs in any environment
- Each developer has their own configuration
- Deployment platforms inject production values
How They Work
# .env file (never committed)
DATABASE_URL=postgresql://localhost:5432/myapp
OPENAI_API_KEY=sk-...
NEXT_PUBLIC_APP_URL=http://localhost:3000
Your code reads these values at runtime instead of using hardcoded strings.
Common Patterns
.env— Default environment file.env.local— Local overrides (highest priority).env.example— Template showing required variables (safe to commit)
Vibe Coding Tips
- Ask AI to use env vars — "Use environment variables for all credentials"
- Create .env.example — Document what variables are needed
- Check AI output — Verify AI didn't hardcode secrets
- Set up early — Configure env vars before integrating services
Cursor
Emergent — An agentic vibe-coding platform that builds production-ready apps