In terms of securing access to the service, at the moment I'm planning on the request for the env vars require an API key, which the user could keep in their local .env. The benefit is that there could be one unchanging API key per user, so teams don't need to sync that variable, and the service will do the rest.
In terms of what to do with the env vars after the service pulls them to a user's local, I'm thinking of writing them to a gitignored .env.sync file or something along those lines.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Very often env variables have sensitive information. How are you planning to handle that?
Nice problem to solve, btw.
Thank you!
In terms of securing access to the service, at the moment I'm planning on the request for the env vars require an API key, which the user could keep in their local .env. The benefit is that there could be one unchanging API key per user, so teams don't need to sync that variable, and the service will do the rest.
In terms of what to do with the env vars after the service pulls them to a user's local, I'm thinking of writing them to a gitignored .env.sync file or something along those lines.