Syntax - Tasty Web Development Treats

985: Stop putting secrets in .env

Listen Later

Scott and Wes are joined by Phil Miller and Theo Ephraim to talk about Varlock, a new approach to environment variables that adds schemas, validation, and security to the humble .env file. They dig into the risks of traditional env workflows, how schema-driven configs improve DX, and how tools like Varlock help manage secrets safely across frameworks, CI, and AI-powered workflows.

Show Notes
  • 00:00 Welcome to Syntax!
  • 03:15 The Risks of .env Files
  • 04:58 Introducing Varlock: A Unified Solution
  • 06:56 Schema-Driven Environment Variables
  • 11:47 Integrating with Various Frameworks
  • 14:08 Brought to you by Sentry.io
  • 14:32 Cross-Language Compatibility
  • 17:50 Best Practices for Environment Variables
  • 21:11 Security Features of Varlock
  • 25:02 AI Integration and Environment Variables
  • 29:12 Introduction to Varlock and GitHub Actions
  • 32:45 Secrets Management and Best Practices
  • 36:09 The Future of Varlock and Open Source
  • 38:36 Sick Picks + Shameless Plugs
    Sick Picks
    • Phil: Bela.io
    • Theo: Wonder Man
      • Shameless Plugs
      • Phil: nauticalartifacts
      • Theo: howtostore.food
        • Hit us up on Socials!

        Syntax: X Instagram Tiktok LinkedIn Threads

        Wes: X Instagram Tiktok LinkedIn Threads

        Scott: X Instagram Tiktok LinkedIn Threads

        Randy: X Instagram YouTube Threads

        ...more
        View all episodesView all episodes
        Download on the App Store
        Syntax - Tasty Web Development TreatsBy Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers
        • 4.9
        • 4.9
        • 4.9
        • 4.9
        • 4.9

        4.9

        977 ratings

        More shows like Syntax - Tasty Web Development Treats

        View all
        Software Engineering Radio - the podcast for professional software developers by team@se-radio.net (SE-Radio Team)

        Software Engineering Radio - the podcast for professional software developers

        273 Listeners

        Hanselminutes with Scott Hanselman by Scott Hanselman

        Hanselminutes with Scott Hanselman

        382 Listeners

        The Changelog: Software Development, Open Source by Changelog Media

        The Changelog: Software Development, Open Source

        288 Listeners

        Software Engineering Daily by Software Engineering Daily

        Software Engineering Daily

        628 Listeners

        Talk Python To Me by Michael Kennedy

        Talk Python To Me

        583 Listeners

        Soft Skills Engineering by Jamison Dance and Dave Smith

        Soft Skills Engineering

        287 Listeners

        Thoughtworks Technology Podcast by Thoughtworks

        Thoughtworks Technology Podcast

        44 Listeners

        Python Bytes by Michael Kennedy and Brian Okken

        Python Bytes

        214 Listeners

        The freeCodeCamp Podcast by freeCodeCamp.org

        The freeCodeCamp Podcast

        485 Listeners

        CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

        CoRecursive: Coding Stories

        190 Listeners

        Practical AI by Practical AI LLC

        Practical AI

        211 Listeners

        The Stack Overflow Podcast by The Stack Overflow Podcast

        The Stack Overflow Podcast

        62 Listeners

        The Real Python Podcast by Real Python

        The Real Python Podcast

        140 Listeners

        PodRocket by LogRocket

        PodRocket

        61 Listeners

        Oxide and Friends by Oxide Computer Company

        Oxide and Friends

        68 Listeners