env.dev

Developer Guides

75 in-depth guides on environment variables, Docker, security, and more. Start with the featured picks below, or search and filter to find what you need.

Featured

The guides developers land on most — start here if you're new.

Environment Variables

The .env File: A Complete Guide to Environment Variables

Everything about .env files: syntax rules, parser quirks, language examples (Node, Python, Go, Docker), best practices, and the gotchas that bite.

Environment Variables

Docker Compose Environment Variables: The Complete Guide

Use environment variables in Docker Compose: .env auto-load, env_file, --env-file, multi-environment patterns, substitution, and secrets.

Environment Variables

The Complete .env File Syntax Reference

.env file syntax reference: quoting, comments, multiline values, variable expansion, and the parser differences across Node.js, Python, Ruby, Go, and Docker.

AI & Automation

AI Dark Factory Playbook: From Autocomplete to Autonomous

Six-level AI dark factory playbook from manual coding (Level 0) to fully autonomous code (Level 5). Concrete actions for agentic coding, real-world numbers, no hype.

Environment Variables

Environment Variables in Rust: std::env, dotenvy & envy

Read env vars in Rust with std::env::var, load .env files via dotenvy, and deserialize typed config with envy. Plus the Rust 2024 unsafe-set_var change.

Protocols & APIs

OpenGraph Image Sizes 2026: Per-Platform Cheat Sheet

Recommended OpenGraph image sizes per platform in 2026: universal safe size, aspect ratios, file size limits, and how each platform crops on mobile.

Recently updated

Newest edits and ships — refreshed versions, new releases, and brand-new guides.

Node.js Env Variables: process.env, dotenv & --env-file

How to use environment variables in Node.js: process.env, dotenv, the Node 20.6+ --env-file flag, NODE_ENV, type-safe validation with zod.

Fix 'NODE_NO_WARNINGS is not recognized' on Windows

On Windows, NODE_NO_WARNINGS=1 node app.js fails because cmd parses the inline env var as a command. Fix it with set, PowerShell's $env:, cross-env, or Node's --disable-warning flag.

Gemini API Environment Variables: Keys & Vertex AI

GEMINI_API_KEY and GOOGLE_API_KEY both auto-load in the google-genai SDK; GOOGLE_API_KEY wins if both are set. Vertex AI needs project + location, not a key. Legacy SDKs hit EOL 2025-11-30.

OpenTofu in 2026: Open-Source Terraform Fork Explained

OpenTofu 1.11 is the Linux Foundation fork of Terraform 1.5 under MPL 2.0, with built-in state encryption, ephemeral values, and a drop-in tofu CLI. Migration, version timeline, and OpenTofu-vs-Terraform compared.

Pulumi vs Terraform vs OpenTofu: Getting Started 2026

Pulumi 3.236 writes cloud infra in TypeScript, Python, Go, or C# under Apache 2.0. Side-by-side with Terraform and OpenTofu, install in 60 seconds, plus a first AWS S3 stack walkthrough and the state-backend matrix.

Local LLMs for Coding in 2026: Models, Hardware, Runtimes

Local LLMs for coding in 2026: Qwen2.5-Coder 32B at 73.7 Aider, Ollama vs llama.cpp vs LM Studio, and how to point Cursor or Continue at localhost.

Browse by category

Environment Variables(23)

Next.js Environment Variables: Complete Guide

How Next.js handles environment variables: .env file load order, NEXT_PUBLIC_ prefix, server vs client access, and common production errors.

Node.js Env Variables: process.env, dotenv & --env-file

How to use environment variables in Node.js: process.env, dotenv, the Node 20.6+ --env-file flag, NODE_ENV, type-safe validation with zod.

Fix 'NODE_NO_WARNINGS is not recognized' on Windows

On Windows, NODE_NO_WARNINGS=1 node app.js fails because cmd parses the inline env var as a command. Fix it with set, PowerShell's $env:, cross-env, or Node's --disable-warning flag.

Gemini API Environment Variables: Keys & Vertex AI

GEMINI_API_KEY and GOOGLE_API_KEY both auto-load in the google-genai SDK; GOOGLE_API_KEY wins if both are set. Vertex AI needs project + location, not a key. Legacy SDKs hit EOL 2025-11-30.

Go Environment Variables: os.Getenv, godotenv & Viper

How to read, set, and manage environment variables in Go. Covers os.Getenv, os.LookupEnv, godotenv, Viper, envconfig, build-time variables, and testing.

Docker Env Variables: ENV, ARG & Runtime

How to use environment variables in Docker: ENV vs ARG in Dockerfile, docker run -e, --env-file, multi-stage builds, BuildKit secrets, and best practices.

Vercel Environment Variables: Dashboard, CLI & Edge

How to configure environment variables on Vercel. Covers the dashboard, CLI (vercel env pull), system variables, per-environment settings, and Edge function access.

The Complete .env File Syntax Reference

.env file syntax reference: quoting, comments, multiline values, variable expansion, and the parser differences across Node.js, Python, Ruby, Go, and Docker.

Kubernetes Env Variables: ConfigMaps, Secrets & Pod Spec

How to configure environment variables in Kubernetes: inline env, ConfigMaps, Secrets, the downward API, and best practices for managing configuration at scale.

AWS Lambda Env Vars: Console, CLI, SAM & CDK

How to set and manage environment variables in AWS Lambda. Covers the console, CLI, SAM templates, CDK, Terraform, KMS encryption, and Secrets Manager integration.

Python Env Variables: os.environ, dotenv & Pydantic

How to read, set, and manage environment variables in Python. Covers os.environ, python-dotenv, Pydantic Settings v2, and Django/Flask configuration patterns.

How to Share .env Files With Your Team Securely

Share .env files securely with send.env.dev — end-to-end encrypted, burn-on-first-read links, EU-hosted, zero dependencies. Plus 1Password, Doppler, Vault.

dotenv Not Loading? Step-by-Step Debugging Guide

Fix environment variables not loading from .env files. Covers Node.js, Python, Docker, file path issues, syntax errors, load order, and production gotchas.

Docker Compose Environment Variables: The Complete Guide

Use environment variables in Docker Compose: .env auto-load, env_file, --env-file, multi-environment patterns, substitution, and secrets.

The .env File: A Complete Guide to Environment Variables

Everything about .env files: syntax rules, parser quirks, language examples (Node, Python, Go, Docker), best practices, and the gotchas that bite.

Python Virtual Environments: venv, uv, Poetry & pyenv

Manage Python environments with venv, pip, pyenv, Poetry, and conda. Learn requirements.txt, pyproject.toml, and environment best practices.

Environment Variables in Rust: std::env, dotenvy & envy

Read env vars in Rust with std::env::var, load .env files via dotenvy, and deserialize typed config with envy. Plus the Rust 2024 unsafe-set_var change.

Environment Variables in Java: System.getenv & Spring Boot

Read env vars in Java with System.getenv() (immutable from inside the JVM) and bind them to typed config via Spring Boot relaxed binding. Plus dotenv-java for non-Spring apps.

Environment Variables in Ruby: ENV, dotenv & Rails Credentials

Read env vars in Ruby with ENV.fetch, load .env files with the dotenv gem (the original of every dotenv port), and pick between dotenv-rails and Rails encrypted credentials.

Environment Variables in PHP: getenv, $_ENV & phpdotenv

Three ways PHP reads env vars (getenv, $_ENV, $_SERVER) and when each is reliable. Plus vlucas/phpdotenv, Laravel's env() vs config(), and the FPM thread-safety gotcha.

Environment Variables in C# / .NET: IConfiguration & __ Mapping

In ASP.NET Core, prefer IConfiguration over Environment.GetEnvironmentVariable. Double underscores map to colons (ConnectionStrings__Default → ConnectionStrings:Default).

Environment Variable Best Practices (2026)

How to manage env vars without leaking secrets: SCREAMING_SNAKE_CASE naming, .env files in .gitignore from day one, validation at startup, typed config objects, and rotation.

Env Var Tips: Docker, CI/CD, Kubernetes & direnv

Tactical env-var patterns: --mount=type=secret beats ARG, GitHub / GitLab / Jenkins idioms, ConfigMaps vs Secrets in Kubernetes, direnv for local dev, build-time vs runtime split.

Constants(7)

Constants in JavaScript & TypeScript: const & as const

JS const blocks reassignment, not mutation. Real immutability comes from Object.freeze (ES5) or — better — TypeScript's as const assertion (TS 3.4, 2019) with zero runtime cost.

Constants in Python: typing.Final, Enum & SCREAMING_SNAKE

Python has no const keyword. Constants follow SCREAMING_SNAKE_CASE per PEP 8, typing.Final adds mypy enforcement, and enum or MappingProxyType lock closed sets.

Constants in Go: const, iota & Type-Safe Enumerations

Go const is compile-time only — no address, inlined at every use. Untyped constants adopt their use-site type; iota generates enum sequences and bitmasks.

Constants in Rust: const, static, const fn & LazyLock

Rust splits constants: const inlines at every use site; static has a fixed address. const fn runs at build time; LazyLock (1.80) gives thread-safe global state.

Constants in Java: static final, Enums & List.of

Java constants are static final fields. Compile-time inlining breaks consumers when library values change. List.of/Map.of/Set.of (Java 9+) are truly immutable.

Constants Best Practices: Naming, Immutability & Magic Numbers

Universal rules for good constants: SCREAMING_SNAKE_CASE with unit suffixes, real immutability per language, single source of truth, no magic numbers. Effective Java Item 22.

Constants Tips: Tree Shaking, Branded Types & Test Fixtures

Compile-time vs runtime constants, bundler tree shaking and dead-code elimination, constant folding, TypeScript branded types, derived config, and constants in tests.

DevOps & Infrastructure(15)

jq: Filter and Transform JSON From the Command Line

jq is the C-based JSON processor (1.8.1, 2025) that filters, reshapes, and pipes JSON inside shell scripts. Real-world recipes for kubectl, GitHub API, and AWS CLI.

tmux: Sessions, Panes, .tmux.conf, and Neovim Integration

tmux is the BSD-licensed terminal multiplexer (3.6a, 2026) that survives SSH drops and reboots. Sessions, panes, .tmux.conf, scripting, and the Neovim handshake.

Docker on Windows 2026: Desktop, WSL2, Rancher, Podman

Docker on Windows runs four ways in 2026: Docker Desktop, Docker Engine in WSL2, Rancher Desktop, or Podman Desktop. Licensing, performance, and how to pick.

GitHub Actions: Secrets vs Environment Variables

When to use repository secrets, environment secrets, and configuration variables in GitHub Actions. Includes workflow examples for Node.js, Python, and Docker.

Terraform Variables: tfvars vs Env Vars vs Blocks

Compare all three approaches to Terraform variables with code examples. Variable blocks, .tfvars files, TF_VAR_ environment variables, precedence, sensitive values, and validation.

OpenTofu in 2026: Open-Source Terraform Fork Explained

OpenTofu 1.11 is the Linux Foundation fork of Terraform 1.5 under MPL 2.0, with built-in state encryption, ephemeral values, and a drop-in tofu CLI. Migration, version timeline, and OpenTofu-vs-Terraform compared.

Pulumi vs Terraform vs OpenTofu: Getting Started 2026

Pulumi 3.236 writes cloud infra in TypeScript, Python, Go, or C# under Apache 2.0. Side-by-side with Terraform and OpenTofu, install in 60 seconds, plus a first AWS S3 stack walkthrough and the state-backend matrix.

GitHub Actions: The Complete CI/CD Guide for Developers

Master GitHub Actions CI/CD: workflow syntax, triggers, matrix builds, reusable workflows, composite actions, caching, secrets, security hardening, and performance optimization.

Git for Beginners: Visual Guide to Version Control

Learn Git from scratch: cloning, branching, committing, pushing, pull requests, handling conflicts, and using VS Code and GitHub Desktop. A beginner-friendly visual guide to version control.

Dev Containers: Guide to Containerized Development

Dev Containers from devcontainer.json to Features, lifecycle scripts, Docker Compose, the CLI, performance tuning, security, and the gotchas.

Cron Expression Syntax: A Complete Guide

Cron expression syntax explained: 5- and 6-field formats, special characters (* , - / L W #), common schedules, and platform-specific differences.

Docker Networking: Bridge, Host, Overlay & Compose

Docker networking deep dive: bridge, host, overlay, macvlan drivers, port mapping, embedded DNS at 127.0.0.11, Compose isolated networks, and debugging.

Linux File Permissions: chmod, chown, umask & ACLs

Linux file permissions reference: chmod octal/symbolic, chown, umask, SUID/SGID/sticky bits, POSIX ACLs (setfacl/getfacl), and Linux capabilities.

Nginx Configuration: Server Blocks, Proxy & SSL

Production Nginx config: server blocks, reverse proxy, SSL/TLS termination with Let's Encrypt, upstream load balancing, proxy caching, and rate limiting.

Git Branching Strategies: GitFlow, Trunk-Based & GitHub Flow

Compare Git branching strategies: GitFlow, trunk-based development, GitHub Flow, and release branches. Choose the right workflow for your team.

Security & Auth(6)

Env Variables Security: Secrets, Leaks & Best Practices

Why environment variables are not truly secure and what to do about it: secret rotation, leak detection, client-side risk, and secrets managers.

JWT Best Practices: Storage, Algorithms & Revocation

Security best practices for JSON Web Tokens: algorithm selection, storage, expiration, refresh patterns, revocation, and common vulnerabilities.

CORS: The Complete Guide to Cross-Origin Resource Sharing

Everything you need to know about CORS: headers, preflight requests, credentialed requests, debugging techniques, third-party scripts (Google Ads, Cloudflare, PostHog), and framework setup for Next.js and TanStack Start.

What is a JWT? A Developer Guide to JSON Web Tokens

Learn how JSON Web Tokens work — header, payload, and signature structure, typical auth use cases, common pitfalls, and best practices for secure usage.

SSH Keys: Complete Guide to Generation and Usage

Generate Ed25519 SSH keys, configure ssh-agent and ~/.ssh/config, set up tunnels and ProxyJump, and harden sshd_config for production servers.

HTTPS and TLS Explained: Certificates, Handshake & HSTS

Understand HTTPS, TLS certificates, the TLS handshake, cipher suites, Let's Encrypt, and HSTS for secure web communication.

Protocols & APIs(13)

OpenGraph Image Not Showing: 8 Causes and Fixes

Why your og:image is not rendering on Facebook, LinkedIn, Slack, Discord, or iMessage — caching, absolute URLs, size limits, hotlink protection, and robots.txt blocks.

OpenGraph Image Sizes 2026: Per-Platform Cheat Sheet

Recommended OpenGraph image sizes per platform in 2026: universal safe size, aspect ratios, file size limits, and how each platform crops on mobile.

GraphQL: Developer Guide to Queries, Schemas & APIs

Master GraphQL from scratch: schema design with SDL, queries, mutations, subscriptions, resolvers, the N+1 problem with DataLoader, cursor-based pagination, error handling, security hardening, and the Apollo/Relay ecosystem.

WebSockets: Guide to Real-Time Communication

Master WebSockets: the RFC 6455 protocol, handshake, browser API, server implementations in Node.js, Python, and Go, reconnection strategies, heartbeats, security best practices, pub/sub patterns, and scaling in production.

Server-Sent Events: SSE vs WebSockets Guide

Master Server-Sent Events (SSE): wire format, EventSource API, Node.js TypeScript implementation, auto-reconnection, HTTP/2 multiplexing, and a detailed comparison with WebSockets.

Unix Timestamps Explained

What Unix epoch time is, why it is used, how the Y2K38 problem threatens 32-bit systems, and how to generate and convert timestamps across languages.

Base64 Encoding Explained

Understand Base64 encoding end-to-end: how the algorithm maps bytes to 64 characters, when to use it, what padding means, and why it inflates size by 33%.

TypeScript Generics: A Complete Guide

Master TypeScript generics with practical examples — type parameters, constraints, utility types (Partial, Pick, Omit), mapped and conditional types.

REST API Best Practices: Design Guide

REST API design conventions used by Stripe, GitHub, and Google: URI naming, versioning, cursor pagination, error envelopes, status codes, auth, and HATEOAS.

DNS Explained: Record Types, Resolution & Common Issues

Understand DNS record types, resolution process, caching, TTL values, and how to debug common DNS misconfigurations.

Open Graph Protocol: Complete Social Sharing Guide (2026)

How to use Open Graph meta tags in 2026: required fields, image sizes for Facebook/LinkedIn/X/Slack, Twitter Cards, dynamic OG images, debugging, caching, and measurable SEO impact.

Regex Patterns Cookbook: Common Patterns with Explanations

A cookbook of common regex patterns for email, URL, IP address, phone number, and date validation with detailed explanations.

Rate Limiting: Token Bucket, Sliding Window & More

Implement rate limiting with token bucket, sliding window, fixed window, and Redis-based strategies. Code examples, edge patterns, and API gateways.

Databases(1)

PostgreSQL vs MongoDB: Why Postgres Wins

PostgreSQL vs MongoDB compared head-to-head: when to choose which, why Postgres wins for 95% of projects, JSONB vs documents, and free hosting tiers.

Editors(2)

Neovim Lua: Env Variables, vim.api & init.lua

Pass environment variables to vim.fn.jobstart with the env option, master the vim.* namespace (vim.fn, vim.api, vim.opt), and build a clean init.lua with autocommands, keymaps, vim.system, and vim.uv async I/O.

Neovim: A Developer Guide to the Modern Vim

Master Neovim: modes, motions, text objects, registers, built-in LSP, Tree-sitter, Lua configuration, lazy.nvim plugins, and macros.

AI & Automation(8)

Local LLMs for Coding in 2026: Models, Hardware, Runtimes

Local LLMs for coding in 2026: Qwen2.5-Coder 32B at 73.7 Aider, Ollama vs llama.cpp vs LM Studio, and how to point Cursor or Continue at localhost.

How to Build an MCP Server: TypeScript & Python (2026)

Build a Model Context Protocol server in TypeScript or Python in 2026: SDK quickstart, transports (stdio vs Streamable HTTP), security, and client setup.

AI Dark Factory Part 5: Security & Governance

Secure an AI dark factory with harness engineering: defense in depth, OS sandboxing, secrets, supply chain lockdown, audit trails, OWASP Agentic Top 10, agentic coding settings.json.

AI Dark Factory Part 4: Scaling Agentic Coding

Scale your AI dark factory: git worktrees, Agent Teams, model routing, prompt caching, budget gates, observability, and agentic coding economics that work.

AI Dark Factory Part 3: Spec-Driven Development

Spec-driven agentic coding for an AI dark factory: write precise specs, run holdout scenarios as quality gates, build an evaluation pipeline, and auto-merge with confidence.

AI Dark Factory Part 2: Agent Setup & AGENTS.md

Set up your AI dark factory agent: install Claude Code, write a production-grade AGENTS.md, decompose agentic coding tasks, and build feedback loops that learn.

AI Dark Factory: Autonomous Coding Explained

AI dark factory: autonomous coding where agents write, test, and ship without human review. Coined by Dan Shapiro, Glowforge, January 2026.

AI Dark Factory Playbook: From Autocomplete to Autonomous

Six-level AI dark factory playbook from manual coding (Level 0) to fully autonomous code (Level 5). Concrete actions for agentic coding, real-world numbers, no hype.