Doing much better than your .env file

<p>Six months ago, I advocated for everyone to stop using .env files in favor of approaches using secret management platforms. Since then, I&rsquo;ve learned and experienced much more about how to manage environment variables effectively. In this article, I argue again for why we should reduce the practice of storing all environment variables in a&nbsp;<code>.env</code>&nbsp;file and move to a more sophisticated approach for managing them in local development.</p> <p>Before you roast me, I want to make clear that&nbsp;<strong>my position is not that you have to ditch the .env file entirely</strong>. I&rsquo;m asserting that&nbsp;<strong>your application&rsquo;s environment variables should not be stored directly in a .env file</strong>. This doesn&rsquo;t mean, however, that you can&rsquo;t store a token in it that pulls in the rest of your environment variables at runtime.</p> <p>I also, by the way, want to make clear that this article is intended for&nbsp;<strong>software development teams</strong>&nbsp;and not security and devops teams that already have this figured out; this article is also not intended for solo developers who can feel free to use&nbsp;<code>.env</code>&nbsp;files.</p> <p><a href="https://medium.com/@tony.infisical/the-death-of-the-env-file-6d65bfc6ac5e">Read More</a></p>