Why .env files are a security disaster (and what we do instead)

It happened on a Tuesday. A new hire, trying to get their local environment working, accidentally committed our production API keys to a public GitHub repository. What followed was a blur of adrenaline and panic: we had to completely take down the repo, invalidate dozens of keys, and manually rotate our entire infrastructure one service at a time. It was a hectic, miserable afternoon. But when the dust settled, we realized something important: we couldn't blame the engineer. The real culprit was the .env file itself. We had built a system where security relied entirely on humans remembering to update a .gitignore file. That was the day we declared war on .env files. The Hidden Cost of "DM me the secrets" The GitHub leak was our explosive trigger, but as we audited our workflow, we realized .env files were causing a slow, painful bleed across our entire company. Whenever non-developers—like product designers, PMs, or QA engineers—wanted to preview a project locally, they couldn't just c