Find Plaintext Secrets Hiding in Your .env Files

This is a companion to my earlier post, A Small Hardening Trick for .env.local : dotenvx + OS Keychain , where I described a pattern for encrypting local secrets with dotenvx and storing the decryption key in the OS keychain. That post was about fixing the problem. This one is about finding it first. The problem with "just gitignore it" If you have been developing locally for a while, you probably have .env files scattered across dozens of project directories. Some are recent, some are from projects you have not touched in months. Some contain harmless config. Some contain database URLs, API keys, and auth secrets in plaintext. The trouble is that you do not always know which is which, especially once you have 10 or 20 repos checked out under ~/code . And if a supply chain attack or a compromised tool scans your filesystem, it does not care whether you remember what is in those files. I wanted a quick way to answer one question: where on my machine are plaintext secrets sitting in .env

Find Plaintext Secrets Hiding in Your .env Files

Related Articles

Amazon Spring Sale live blog 2026: Real-time updates on the best deals

Honda cancels the two electric vehicles it was developing with Sony

Introducing ipxlat: a stateless IPv4/IPv6 translation device

Tuning Chaos Vehicle Configurations in Unreal Engine

Samsung's budget phones are outpacing its flagships, and it's becoming harder to ignore

Related Articles

News
Amazon Spring Sale live blog 2026: Real-time updates on the best deals
ZDNet • 10m ago

News
Honda cancels the two electric vehicles it was developing with Sony
Ars Technica • 18m ago

News
Introducing ipxlat: a stateless IPv4/IPv6 translation device
Lobsters • 23m ago

News
Tuning Chaos Vehicle Configurations in Unreal Engine
Medium Programming • 1h ago

News
Samsung's budget phones are outpacing its flagships, and it's becoming harder to ignore
ZDNet • 1h ago