Dotenv: Difference between revisions

From Helpful
Jump to navigation Jump to search
(Created page with "<!-- .env files are intended as an , that is easy to keep out of source management, that is specifically separate from any code Is it just like a config file? : Absolutely. Is it special in any way? : Not at all. Does it solve secret sprawl? : Nope. Is it still a good habit to put all your secrets in separate place that, out of being a common convention, you can recognize as "don't share this?" : Yup. https://github.com/motdotla/dotenv#readme https://...")
 
mNo edit summary
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{#addbodyclass:tag_tech}}
<!--
<!--


.env files are intended as an ,
(not to be confused with [[direnv]] and its [[.envrc]])
that is easy to keep out of source management,
 
 
'''{{inlinecode|.env}}''' files are intended to keep environment variables that parts of your project should pick up,
that is easy to keep out of source management - that is, it is a name you can know shouldn't be there.
 


that is specifically separate from any code




Line 16: Line 20:
Does it solve [[secret sprawl]]?  
Does it solve [[secret sprawl]]?  
: Nope.
: Nope.
Does it help secrets stay secret?
: Not at all. {{comment|(Hackers will have an ''slightly'' time, because you centralized all the secrets in one easy-to-identify place.)}}




Is it still a good habit to put all your secrets in separate place
Is it still a decent habit?
that, out of being a common convention, you can recognize as "don't share this?"
: Sure.
: Yup.
:: it makes it much easier to not put secrets into code
:: it makes it much easier to not accidentally share it (you can argue it should have been called ''secrets-do-not-share'' but eh...)




Latest revision as of 13:00, 7 May 2024

Retrieved from "https://helpful.knobs-dials.com/index.php?title=Dotenv&oldid=96390"