Configuration values stored outside your code that change based on the environment (development, staging, production).
Environment variables are configuration values stored outside your code. They let you change how your app behaves without changing the code itself - perfect for secrets, API keys, and settings that differ between development and production.
Think of environment variables like switches on a machine. Same machine, different settings depending on where it is running.
Hard-coding values is dangerous and inflexible. If you commit secrets to GitHub, they become public. If you need different values for development versus production, you need separate code.
Environment variables solve this by storing configuration outside your code. Secrets stay safe, and you can use different values per environment.
Every programming language provides ways to access environment variables:
Node.js: Access with process.env Python: Use os.getenv Java: Use System.getenv
Manually setting variables is tedious. Use .env files to store variables locally.
Load with libraries like dotenv for Node.js, python-dotenv for Python, or similar packages for other languages.
CRITICAL: Add .env to .gitignore so secrets do not get committed!
No related topics found.
Same code, different variables. Create separate .env files for development and production with different values for database URLs, API keys, and debug flags.
Your app behaves differently based on which environment it runs in.
Always:
Often:
Never:
Never Commit Secrets: Add .env to .gitignore immediately
Use .env.example: Commit a template showing what variables are needed without actual values
Rotate Secrets Regularly: Change API keys and passwords periodically
Limit Access: Only give production secrets to people who need them
Use Secret Management: Services like AWS Secrets Manager, HashiCorp Vault for production
Development: Use .env files
Production:
NODE_ENV: development, production, test - tells app what mode it is in
PORT: What port the server listens on
DATABASE_URL: Connection string for database
LOG_LEVEL: How verbose logging should be
API_BASE_URL: Base URL for external APIs
Print them to verify they are loaded properly. Always check if required variables are set.
Warning: Never log actual secret values in production!
Environment variables are always strings. Convert them to appropriate types like numbers or booleans when needed. Provide sensible defaults for optional variables.
Validate required variables on startup. Fail fast if configuration is wrong to catch problems early.
dotenv: Load .env files (most popular)
envalid: Validate and document environment variables
env-cmd: Run commands with specific .env files
cross-env: Set environment variables cross-platform
Environment variables separate configuration from code. This makes your app more secure, flexible, and easier to deploy across different environments.
Master environment variables early. Every professional application uses them. Set up your .env file, add it to .gitignore, and never hard-code secrets again.
