That looks like an overly complicated solution to a problem that doesn’t exist. Synching stuff that is in git? Why not just use… git?
Also npm… and the example has an env var named “DB_PASS” in it. You never put passwords in version control.
It is generally considered a bad idea to use envs for passing secrets in general since envs for process n are available to other processes which have access and permission.
Exactly, you never check passwords into version control.
So what happens when you need to share those values with other team members?
The github example is not to put a .env file into a repo but to add the secrets to github’s native secret manager, which is what products like actions use to read envs.
Oh wow.
That looks like an overly complicated solution to a problem that doesn’t exist. Synching stuff that is in git? Why not just use… git? Also npm… and the example has an env var named “DB_PASS” in it. You never put passwords in version control.
It is generally considered a bad idea to use envs for passing secrets in general since envs for process n are available to other processes which have access and permission.
Exactly, you never check passwords into version control. So what happens when you need to share those values with other team members? The github example is not to put a .env file into a repo but to add the secrets to github’s native secret manager, which is what products like actions use to read envs.