I am just asking this question for clarification, as I am trying to ensure safety inside of my application of my API keys and other environment variables. All env.local declarations have "NEXTPUBLIC<Rest of variable>" so that they are available to my project once I have built my docker image .
Unfortunately I have not been able to get my env.local variables to work inside of my docker container without the "NEXTPUBLIC...." .
Am I causing a security hazard for my application like this, even though I am only using these variables in Serverside data fetching ?
Are you able to find this information inside of the client side loaded javascript files ?