From b23d3feaee44879cfb422d5781ba61ce81fcd295 Mon Sep 17 00:00:00 2001
From: Jared Zwick <52264361+jaredzwick@users.noreply.github.com>
Date: Thu, 14 May 2026 14:28:58 -0400
Subject: [PATCH] fix: provide 32-char dev defaults in .env.example so
 BetterAuth boots

---
 .env.example | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/.env.example b/.env.example
index 444cba1..8d159b6 100644
--- a/.env.example
+++ b/.env.example
@@ -1,16 +1,19 @@
+# Dev-only defaults — fine for local. Rotate before deploying anywhere real.
+
 # Used to encrypt JWT tokens
-PAYLOAD_SECRET=YOUR_SECRET_HERE
+PAYLOAD_SECRET=dev_payload_secret_change_me_32_chars_min
 
 # Used to configure CORS, format links and more. No trailing slash
 NEXT_PUBLIC_SERVER_URL=http://localhost:3000
 
 # Secret used to authenticate cron jobs
-CRON_SECRET=YOUR_CRON_SECRET_HERE
+CRON_SECRET=dev_cron_secret_change_me_32_chars_minimum
 
 # Used to validate preview requests
-PREVIEW_SECRET=YOUR_SECRET_HERE
+PREVIEW_SECRET=dev_preview_secret_change_me_32_chars_min
 
-BETTER_AUTH_SECRET=YOUR_SECRET_HERE
+# Required by BetterAuth — must be at least 32 chars
+BETTER_AUTH_SECRET=dev_better_auth_secret_change_me_32_chars
 
 BETTER_AUTH_URL=http://localhost:3000