985: Stop putting secrets in .env - podcast episode cover

985: Stop putting secrets in .env

Syntax - Tasty Web Development Treats
Mar 09, 202647 min
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Scott and Wes are joined by Phil Miller and Theo Ephraim to talk about Varlock, a new approach to environment variables that adds schemas, validation, and security to the humble .env file. They dig into the risks of traditional env workflows, how schema-driven configs improve DX, and how tools like Varlock help manage secrets safely across frameworks, CI, and AI-powered workflows.

Show Notes
  • 00:00 Welcome to Syntax!
  • 03:15 The Risks of .env Files
  • 04:58 Introducing Varlock: A Unified Solution
  • 06:56 Schema-Driven Environment Variables
  • 11:47 Integrating with Various Frameworks
  • 14:08 Brought to you by Sentry.io
  • 14:32 Cross-Language Compatibility
  • 17:50 Best Practices for Environment Variables
  • 21:11 Security Features of Varlock
  • 25:02 AI Integration and Environment Variables
  • 29:12 Introduction to Varlock and GitHub Actions
  • 32:45 Secrets Management and Best Practices
  • 36:09 The Future of Varlock and Open Source
  • 38:36 Sick Picks + Shameless Plugs
Sick Picks Shameless Plugs Hit us up on Socials!

Syntax: X Instagram Tiktok LinkedIn Threads

Wes: X Instagram Tiktok LinkedIn Threads

Scott: X Instagram Tiktok LinkedIn Threads

Randy: X Instagram YouTube Threads

For the best experience, listen in Metacast app for iOS or Android