Environment Variable
A named value injected into an application at runtime, used to configure behaviour and inject secrets without committing them to code.
In detail
Environment variables are key-value pairs that the operating system or hosting platform makes available to a running process. They are the standard way to configure an application differently in development, staging and production, and the standard way to inject secrets like API keys, database passwords and signing keys without including those values in source code. Vercel, AWS, Azure, Google Cloud and most other platforms have first-class environment variable support with encryption at rest.
Why it matters for Australian business
For Australian businesses the practical rule is that no production secret should ever live in a file on a developer's workstation or in the source code repository. Real values live in the hosting platform's encrypted environment configuration. Vibe-coded apps frequently violate this rule because AI generators sometimes hardcode API keys directly into client-side code, which then leaks publicly. We audit for this on every engagement.