Problem Statement
What are the best practices for managing environment variables in Next.js applications?
Explanation
Use .env.local for local development secrets that should never be committed to Git, .env.production for production-specific variables, and .env for default values shared across environments, with .gitignore properly configured to exclude secret files.
Prefix browser-accessible variables with NEXT_PUBLIC_ only when absolutely necessary and understand they're visible to anyone, keeping sensitive keys like database credentials, API secrets, and auth tokens as server-only variables without the prefix.
Use environment variable validation on server startup to catch missing or invalid values early, document required variables in a .env.example file for team members, and leverage platforms like Vercel or Railway that provide secure environment variable management with encryption.
Consider using a type-safe approach with zod or similar libraries to validate environment variables at build time, and never hardcode secrets in source code or log them in production.