by @must_be_ash

Bonus

Essential tips for security, AI communication, and deployment best practices

🔐 .env files – Your app's secret stash

Whenever your app needs a private key (like from OpenAI, MongoDB, Replicate, etc), you don't put it inside your code. You put it in a file called .env or .env.local.

What are environment variables?

Think of it like a vault — this file holds your private keys so no one else can see them.

Example .env file:

MONGODB_URI=your_mongo_link
OPENAI_API_KEY=your_openai_key

Then inside your code, instead of pasting the real key, AI will use:

process.env.OPENAI_API_KEY

This keeps your keys hidden and safe — especially when you publish the app online.

⚠️ Never:

  • Share your .env file
  • Paste your keys in public
  • Commit .env files to GitHub

✅ Always:

  • Use environment variables for secrets
  • Add them to Vercel when you go live
  • Keep .env files in .gitignore

💬 Giving Better Instructions to AI

You already know AI is powerful — but it needs clear direction. Here's how to get better results:

Best Practices

✅ Do This:

  • Break your ideas down into bullet points
  • Tag specific files or paths (e.g. `/app/page.tsx`, not "the homepage")
  • Ask for comments inside the code and logs (to track what's happening)
  • Be honest when something didn't work — say so
  • Ask why something is done — not just what was changed

When AI Gets Stuck

If it's repeating mistakes, say:

Use these phrases:

  • "Avoid previous assumptions. Study the related files and fix the actual issue."
  • "Learn from previous attempts that didn't work and try a different approach."
  • "Don't make assumptions about where the problem is. Carefully analyze the error."

Communication Tips

💡 Remember:

Don't assume the AI remembers everything. Be clear, be specific, and ask why something is done — not just what was changed.

🧯 What To Do When Something Breaks

Step-by-Step Debugging

  1. Copy the error from your browser or terminal
  2. Paste it into your AI — say: "What's causing this error? Here's the message."
  3. If it's not obvious where the issue is, tell AI: "Here's what I was doing before this broke."
  4. Ask it to: "Add console logs so we can see what's happening step-by-step."
  5. Still stuck? "Revert to last working version and try a different approach."

💡 Bonus tip:

Keep a "Last Working Version" checkpoint in GitHub so you can always go back if needed.

🔄 Quick Rollback Prompt:

Use CLI to rollback to my last remote version.
Revert my local files to match remote.

🚫 What Not To Touch

Sometimes curiosity leads to chaos. Here's what you should leave alone unless AI tells you otherwise:

🚫 Don't:

  • Rename folders like app, components, or lib
  • Delete random files just to "clean things up"
  • Change filenames from page.tsx or route.ts — that can break your app
  • Hard-code secret keys — always use .env
  • Move things around without asking where they should go

🤔 When in doubt:

Ask AI: "Is it safe to delete or rename this file?"

🎯 Key Takeaways

Security First

Always use .env files for secrets and never expose API keys in your code.

Communicate Clearly

Be specific with AI, provide context, and don't be afraid to ask for explanations.

Version Control

Regular commits to GitHub are your safety net - use them liberally.

Stay Calm

Errors are normal in development. Follow the debugging steps and you'll get through them.