Dotenv: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
mNo edit summary |
||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{#addbodyclass:tag_tech}} | |||
<!-- | <!-- | ||
(not to be confused with [[.envrc]]) | (not to be confused with [[direnv]] and its [[.envrc]]) | ||
.env files are intended | '''{{inlinecode|.env}}''' files are intended to keep environment variables that parts of your project should pick up, | ||
that is easy to keep out of source management, | that is easy to keep out of source management - that is, it is a name you can know shouldn't be there. | ||
Line 19: | Line 20: | ||
Does it solve [[secret sprawl]]? | Does it solve [[secret sprawl]]? | ||
: Nope. | : Nope. | ||
Does it help secrets stay secret? | |||
: Not at all. {{comment|(Hackers will have an ''slightly'' time, because you centralized all the secrets in one easy-to-identify place.)}} | |||
Is it still a | Is it still a decent habit? | ||
: Sure. | |||
:: it makes it much easier to not put secrets into code | |||
:: it makes it much easier to not accidentally share it (you can argue it should have been called ''secrets-do-not-share'' but eh...) | |||
Latest revision as of 13:00, 7 May 2024