Blog
We had a great time live streaming with GitHub Open Source Friday. You can watch the full stream here.
September has flown by! Here are some of the highlights.
New @import Decorator
You can now import schema and values from other .env files using the new @import decorator. This is useful for sharing common variables across a monorepo, pulling values from local files outside of your repo, and breaking up very large schemas. For now, you can only import local files, but soon we’ll support remote imports and publish schemas for the env vars injected by popular platforms.
See our @import guide for more details.
Other Improvements & Bug Fixes
- We’ve improved our leak detection to work in more situations.
- We’ve fixed a bug with URL data type validation.
- The env-spec parser now supports
\r\nnewlines. - We formalized our Security policy and added private reporting for responsible disclosure.
As always, you can find the full details in the release notes.
New GitHub Discussions
We’ve had some great discussions on GitHub this month. Join the conversation:
Social Buzz
- Nick Taylor gave a great overview of how Varlock can help with deployment pitfalls.
- 1Password launched local env files as a destination for their new Environments and varlock supports it out of the box!
- Phil gave a talk at React Toronto about securing secrets in Next.js. Stream it here.