• The_Decryptor@aussie.zone
    link
    fedilink
    English
    arrow-up
    5
    ·
    3 days ago

    .env files are wild to me, environment variables have never been a good way to pass data to applications, let alone secret data.

    So the solution people came up with was to store them in plain text next to the binary, and then have a loader apply them before running the main app.

    • Dave.@aussie.zone
      link
      fedilink
      arrow-up
      3
      ·
      3 days ago

      But they needed those .env files to transplant an entire software stack from the developer’s laptop into production in a reproducible manner! How else were they ever going to get software into prod? By good documentation, broad version requirements, and following the Robustness Principle? Ha! How are you supposed to move fast and break things then?

    • placebo@lemmy.zip
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      3 days ago

      The data isn’t supposed to be secret, I think. We use .env files to store creds required for development, like a connection url for my local database. Production apps don’t use .env files at all.