fix: let Next.js auto-import .env instead of manual dotenv setup

[hariombalhara]

What does this PR do?

Replaces the manual dotenv configuration in apps/web/next.config.ts with Next.js's built-in .env auto-loading by adding a symlink at apps/web/.env → ../../.env.

Changes:

• Removes dotenv import and dotenvConfig({ path: "../../.env" }) call from next.config.ts
• Adds a symlink apps/web/.env pointing to the root .env so Next.js picks it up automatically
• Adds explicit import process from "node:process" since process is no longer a side effect of the dotenv import

Mandatory Tasks (DO NOT REMOVE)

• I have self-reviewed the code (A decent size PR without self-review might be rejected).
• I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. N/A
• I confirm automated tests are in place that prove my fix is effective or that my feature works.

How should this be tested?

1. Ensure root .env has environment variables set (e.g. NEXT_PUBLIC_WEBAPP_URL)
2. Run yarn dev from apps/web — verify env vars are loaded correctly and the app starts without errors
3. Run yarn build for apps/web — verify the build succeeds and env vars are resolved at build time

Human Review Checklist

• Verify the .env symlink is not excluded by .gitignore (it's tracked in this diff, but worth confirming)
• Confirm env vars are available when next.config.ts is evaluated (Next.js loads .env before config)
• Check that CI/CD and Docker environments handle symlinks correctly
• Consider whether the dotenv dependency can now be removed from apps/web/package.json

Checklist

• My code follows the style guidelines of this project
• I have checked if my changes generate no new warnings
• My PR is small and focused

---

Link to Devin run: https://app.devin.ai/sessions/f4da0c62277b4a07a0593011548de70d
Requested by: @hariombalhara

[github-actions]

Hey there and thank you for opening this pull request! 👋🏼

We require pull request titles to follow the Conventional Commits specification and it looks like your proposed title needs to be adjusted.

Details:

No release type found in pull request title "Let next.js auto import .env". Add a prefix to indicate what kind of release this pull request corresponds to. For reference, see https://www.conventionalcommits.org/

Available types:
 - feat: A new feature
 - fix: A bug fix
 - docs: Documentation only changes
 - style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)
 - refactor: A code change that neither fixes a bug nor adds a feature
 - perf: A code change that improves performance
 - test: Adding missing tests or correcting existing tests
 - build: Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)
 - ci: Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)
 - chore: Other changes that don't modify src or test files
 - revert: Reverts a previous commit

[cubic-dev-ai]

No issues found across 2 files

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 3 additional findings.

[devin-ai-integration]

Devin Review found 1 new potential issue.

View 6 additional findings in Devin Review.

[devin-ai-integration]

🔴 Symlink breaks environment variable loading on Windows (default Git settings)

On Windows, Git's core.symlinks defaults to false. When cloning this repo, Git will check out apps/web/.env as a plain text file containing the literal string ../../.env, rather than creating a real filesystem symlink. Next.js will then attempt to parse this plain text file as a .env file, find no valid KEY=VALUE pairs (dotenv skips lines without =), and load zero environment variables.

Root Cause and Impact

The previous code at apps/web/next.config.ts explicitly called dotenvConfig({ path: "../../.env" }), which resolved the file path correctly on all platforms. The new approach relies on a symlink (apps/web/.env -> ../../.env) that Next.js picks up automatically, but this symlink only works as intended on systems where Git creates real symlinks (macOS, Linux, or Windows with core.symlinks=true).

On a standard Windows setup:

1. apps/web/.env is a regular file containing the text ../../.env
2. Next.js reads this file via its built-in @next/env loader before evaluating next.config.ts
3. The dotenv parser sees ../../.env — a line with no = — and skips it
4. No env vars are populated into process.env
5. The app immediately crashes at apps/web/next.config.ts:48:

   if (!process.env.NEXTAUTH_SECRET) throw new Error("Please set NEXTAUTH_SECRET");
   

Impact: Any developer on Windows with default Git settings cannot run yarn dev or yarn build for apps/web. The app crashes on startup with "Please set NEXTAUTH_SECRET" even though the root .env file is correctly configured.

Prompt for agents

The symlink approach (apps/web/.env -> ../../.env) does not work on Windows where Git defaults to core.symlinks=false. Consider one of these alternatives:

1. Restore the explicit dotenv loading in apps/web/next.config.ts (revert the change):
   - Re-add `import { config as dotenvConfig } from "dotenv";` 
   - Re-add `dotenvConfig({ path: "../../.env" });` before any process.env access
   - The `import process from "node:process"` can stay or be removed (process is a global in Node.js)

2. Use a cross-platform file copy/generation script instead of a symlink:
   - Add a pre-dev/pre-build script that copies ../../.env to apps/web/.env
   - Keep apps/web/.env in .gitignore (as it already is)

3. If keeping the symlink approach, document that Windows users must either:
   - Enable Developer Mode and set `git config --global core.symlinks true` before cloning
   - Or manually copy the root .env file to apps/web/.env

---

Was this helpful? React with 👍 or 👎 to provide feedback.