Dotenvx

3K posts

Dotenvx banner
Dotenvx

Dotenvx

@dotenvx

A secure dotenv–from the creator of `dotenv`. @motdotla

LA & SF Katılım Mart 2022
13 Takip Edilen965 Takipçiler
Dotenvx
Dotenvx@dotenvx·
@miqcie For your convenience to discover undiscovered .env files you might want to clean up and move their secrets into a password manager or Dotenvx Armor.
English
0
0
0
8
Dotenvx
Dotenvx@dotenvx·
Feature Improved: `dotenvx ls` Get status output and metadata of directories traversed as you list out all your .env files on your machine (or in an app directory). Optionally pass --json for json output.
Scott Motte@motdotla

Can you call yourself a real developer if you don't have thousands of .env files? Introducing improvements to `dotenvx ls`. $ dotenvx ls Find all .env files on your machine. Then do something with them. Hell, give it to Codex or Claude to run for you! Just tell it to use dotenvx's newest ls command with the json flag.

English
1
0
0
185
Dotenvx
Dotenvx@dotenvx·
@HotAisle @ImLunaHey Interesting. I think we now enable that if you use this: #cloudflare-workers" target="_blank" rel="nofollow noopener">dotenvx.com/docs/platforms… combined with `dotenvx native up`.
English
0
0
0
14
Hot Aisle
Hot Aisle@HotAisle·
@dotenvx @ImLunaHey another thing... i use wrangler a lot... and they have a new -vars command. i feel like storing the data as json in keychain and then passing it to vars through osx secrets cli, would be an interesting way to solve this problem.
English
1
0
1
23
luna
luna@ImLunaHey·
hot take: using .env files for secrets is wrong and we should move away from this.
English
253
33
1.4K
316.5K
Hot Aisle
Hot Aisle@HotAisle·
@dotenvx @ImLunaHey Hey Mot, this is helpful. For native up, is it storing individual rows in the keychain or just the entire file?
English
1
0
1
30
Dotenvx
Dotenvx@dotenvx·
Working on this problem. We recently added 3 new parent commands to better manage the private key: $ dotenvx lock up $ dotenvx native up $ dotenvx armor up - lock passphrase protects the .env.keys file (simple, good for individual) - native removes the .env.keys file and moves it into your native os secret store (macOS keychain) - armor moves your private keys off device with various (and growing) levels of permissions (good for more complex team requirements)
English
2
0
2
25
Hot Aisle
Hot Aisle@HotAisle·
@ImLunaHey correct. i've been mentioning my annoyance with this for a while now. sops doesn't cut it. @dotenvx is the closest, but i'm still annoyed by how complicated it is.
English
4
0
13
9.5K
Dotenvx
Dotenvx@dotenvx·
Thank you everyone for your support. - In June dotenvx reached 30 million monthly installs. - Dotenvx 2.0 was released - dotenvx/next-env for Next.js was released - Powershell support fully added - Convenient dx _PLAIN values supported - Improved monorepo support and more conveniences Stay tuned. More coming - especially for Armored Keys. $ dotenvx armor up
Dotenvx tweet media
English
0
0
2
158
Dotenvx
Dotenvx@dotenvx·
Encrypt your .env files $ dotenvx encrypt Your agents are begging you.
English
0
0
16
2.3K
Dotenvx
Dotenvx@dotenvx·
@Mikeapedia1 thank you for the follow good sir. May you wield the sharp knife of dotenvx. ⛨
English
0
0
1
32
Dotenvx
Dotenvx@dotenvx·
@hirataro_89 We are working on this final problem with Armored Keys.
Dotenvx tweet mediaDotenvx tweet media
English
1
0
0
29
ゆうたろう|コーダーの"できた"を広げる伴走者
「いや .env 使ってるなら大丈夫じゃないの?」 そう思ってたんですが、 アーカイブ拝見して考え改めました🥹 どれだけ防いでいても プロンプトに混入するリスクはあるから、 とりあえず最低ラインのdotenvxを早速導入。 1Passwordも活用して、 dotenvx encrypt で暗号化 ↓ 復号鍵を 1Password に保管 ↓ .env.keys はディスクから削除 ↓ 起動コマンドを op run -- dotenvx run -- に変更 やったことはこれだけ。 5分もかからず導入できた。 これでローカルに鍵が残らないから AIにコードを渡しても安心できる。 貴重な情報共有ありがとうございます🙌
しまぶー@shimabu_it

アーカイブをアップしているのでよかったらどうぞ! .envをそのまま使っている人は結構リスクです。 dotenvxを使うのは最低ラインで、さらに一歩進めてzero diskでの対策方法などを画面共有しながら使い方まで紹介しています!

日本語
1
0
5
1.1K
Dotenvx
Dotenvx@dotenvx·
primitives. sexy af.
Dotenvx tweet media
Dansk
0
0
1
142
Dotenvx
Dotenvx@dotenvx·
This is a great time to revisit our whitepaper. There is a good solution to this problem and it is not traditional secrets managers which still have a single attack vector. You need to split the attack vector. dotenvx.com/whitepaper.pdf David here knows.
What@Davidid0x

@STP48315 @GreatGoban @cyber_rekk You should be using dotenvx to encrypt your .env files so even if this happens AND it gets past your pre-commit hooks (which I assume you have) AND it gets past your secret scanning GitHub action (which I assume you have) it’s still of very little use to an attacker.

English
0
0
1
187
Dotenvx
Dotenvx@dotenvx·
@DoDataThings thank you for the follow Winston. May you wield sharp knife and sturdy shield of dotenvx well. ⟐◈
English
0
0
1
15
Dotenvx
Dotenvx@dotenvx·
$ dotenvx armor up
English
0
0
0
107
Dotenvx
Dotenvx@dotenvx·
@_LR_ Thank you for the follow. May you wield the sharp knife of dotenvx well!
English
0
0
1
30