top | item 44941542

(no title)

oulipo | 6 months ago

That's why now I've completely eliminated .env secrets from my codebase and I only use 1Password (with the cli) so it loads secrets dynamically as needed. So if I'm running some AI CLI on my codebase it won't try to leak some secrets

discuss

theozero|6 months ago

Getting secrets out of plaintext env files is a fantastic idea, and I hope more people realize how important it is.

Check out https://varlock.dev to add validation, type-safety, and additional security guardrails.