.env.local May 2026

The primary purpose of .env.local files is to allow developers to override or add environment variables locally on their development machine without committing these changes to the version control system. This is particularly useful for:

The .env.local file is a local environment file used to store sensitive or environment-specific variables for your application. It's commonly used in development environments to override or add variables that are not committed to version control.

Because .env.local can override anything, add a validation script at the start of your application. Use libraries like zod to ensure required variables exist. .env.local

import  z  from 'zod';
const envSchema = z.object(
DATABASE_URL: z.string().url(),
API_KEY: z.string().min(1),
);
// This will throw a clear error if .env.local is missing a required key
const env = envSchema.parse(process.env);
 The primary purpose of

The most critical rule of .env.local is that it must be ignored by version control. The most critical rule of

If you accidentally commit .env.local, you defeat its entire purpose. You will expose secrets to the repository and likely overwrite your teammates' local configurations.

Your .gitignore file should explicitly contain:

# local env files
.env.local
.env.*.local

If you are trying to access a variable in the browser, it must have the framework's public prefix (NEXT_PUBLIC_, VITE_, REACT_APP_). Variables in .env.local without these prefixes are only available on the server/Node side.

How .env.local behaves depends entirely on your toolchain. Let’s look at the three most common scenarios.