openzeppelin-contracts VS dotenv

Lets look the events of Open Zeppelin’s ERC20 token contract:

ERC-777 is difficult to implement properly, due to its susceptibility to different forms of attack(opens in a new tab). It is recommended to use ERC-20 instead. This page remains as a historical archive.

This depends if you're writing a contract from scratch or using existing code. If you're making something new, then yes (recommend not to use THE most recent available, always better to go with tried and tested). For existing projects, never try to override the solidity version. This may be a pain with "@" imports - ideally everyone should specify the library version (e.g. https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v2.5.1/contracts/token/ERC20/ERC20.sol).

We will put our Emailjs environment variables in a dotenv (.env) file. To read more about the purpose of this file click here.

Add .env to your .gitignore file to prevent it from being committed. Here's an example file with it already added. You may also use dotenv for advanced configuration and it will automatically load environment variables from a .env file into process.env.

dotenv: Designed to load environment variables from a .env file into the process.env environment

Like Doppler, Infisical uses environment variable injection. Similar to the Dotenv package for Node, when used in Node, it injects them at run time into the process object of the running app so they're not readable by any other processes or users. They can still be revealed by a crash dump or logging, so that is a caveat to consider in your code and build scripts.

We'll be working with databases' ids and different info that should be secured so I would advise you to create a .env file to store said info. We'll do this by installing dotenv into our project and use it accordingly:

dotenv - For reading our API keys from the environment

As an avid dotenv user I wanted to thank their maintainers for keeping the project alive for 10 years (wow). A perfect exemplary of dedication to Open Source.

Sensitive data like database URLs, API keys, and passwords should never be hardcoded in your application code. Instead, use environment variables accessed at runtime to keep this information secret. Popular dotenv libraries like dotenv make this easy for Node.js apps.