This is by far the simplest solution. It’s easier to understand and setup than t... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		saturn-five 10 months ago \| parent \| context \| favorite \| on: Ask HN: What tools should I use to manage secrets ... This is by far the simplest solution. It’s easier to understand and setup than the other solutions mentioned. It simply encrypts the value portion of the variable so its safe to commit the entire env file. The only draw back is developers could still potentially commit private keys the repo or commit the decrypted env file. If you’re working with env variables that don’t require updates often it’s a decent solution.

scottmotte 10 months ago [–]

> developers could still potentially commit private keys the repo or commit the decrypted env file

to prevent this, use:

$ dotenvx ext precommit --install

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact