Show HN: Env files aren't meant for storing secrets
github.comI think .env files are fine for non-sensitive config but they’re a terrible place to store real secrets once you have a couple of engineers, machines, or a single engineer with multiple concurrent projects.
But I've worked for big and small tech and have seen this happen: 1. .env files are plaintext credential dumps 2. teams share .env files via slack and eventually drifts 3. accidental .env commit
I built envmap, a small cli tool that manages and injects your environment key values locally + with support for aws + vault + 1pass backends as source of truth. I use this and deleted my .env, .env.example, .env.production(I'm the worst).
Would appreciate any feedback + contributions!