Modern development benefits from explicit hints.
A bad sample file is just a list of KEY= . A great sample file is a work of documentation. Here is the anatomy of a professional .env.sample : .env.sample
A (or .env.example ) is a template file that lists all the environment variables required by an application, without containing their actual secret/real values. Modern development benefits from explicit hints
Within hours, a scraper found the public repository, saw STRIPE_WEBHOOK_SECRET=change_me , and dismissed it. No harm. But embedded in the same file was AWS_ACCESS_KEY_ID=AKIA... (real) and AWS_SECRET_ACCESS_KEY=... (real). They lost $40,000 in 12 hours. a scraper found the public repository
touch .env.sample