985: Stop putting secrets in .env - Syntax

What this episode covers

Scott and Wes are joined by Phil Miller and Theo Ephraim to talk about Varlock, a new approach to environment variables that adds schemas, validation, and security to the humble .env file. They dig into the risks of traditional env workflows, how schema-driven configs improve DX, and how tools like Varlock help manage secrets safely across frameworks, CI, and AI-powered workflows. Show Notes 00:00 Welcome to Syntax! 03:15 The Risks of .env Files 04:58 Introducing Varlock: A Unified Solution 06:56 Schema-Driven Environment Variables 11:47 Integrating with Various Frameworks 14:08 Brought to you by Sentry.io 14:32 Cross-Language Compatibility 17:50 Best Practices for Environment Variables 21:11 Security Features of Varlock 25:02 AI Integration and Environment Variables 29:12 Introduction to Varlock and GitHub Actions 32:45 Secrets Management and Best Practices 36:09 The Future of Varlock and Open Source 38:36 Sick Picks + Shameless Plugs Sick Picks Phil: Bela.io Theo: Wonder Man Shameless Plugs Phil: nauticalartifacts Theo: howtostore.food Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Share this episode

Similar Episodes

No similar episodes found.

Similar Podcasts

Kaizen Blueprint Aldo Chandra "Kaizen" is a Japanese term for continuous improvement. This podcast provides a blueprint to learn about health, wealth, relationships and everything else in between. Through our podcast, we strive to inspire, educate, and motivate our audience to cultivate a mindset of lifelong learning, productivity, and personal development. By sharing insights, strategies, and practical tips, we aim to guide listeners on their journey towards realizing their fullest potential, fostering success, and creating lasting positive change. Chewing the Fat with WorkForge WorkForge Bite-Sized Conversations for Building a Stronger Workforce Welcome to Chewing the Fat, a podcast delving deep into the world of food manufacturing. Dive into real conversations around critical topics like staffing, retention, onboarding, and career development in this essential industry. Subscribe now to gain insights from your peers, subject matter experts and more on the biggest issues facing food manufacturers today: -Hiring and retaining employees -Addressing the challenges of the Silver Tsunami -Improving time to productivity of new employees -Engaging employees from hire to retire And more... Tune in to Chewing the Fat, a WorkForge podcast, and join the conversation on how to build and sustain a resilient, high-performing workforce in food manufacturing. Darknet Discussions Darknet Discussions Welcome to "Darknet Discussions," the podcast that gets into the shadows of the internet to bring you the most intriguing, enlightening, and sometimes unsettling stories from the dark web. Hosted by seasoned darknet aficionados, each episode of "Darknet Discussions" explores the intricate dynamics of darknet markets, cybersecurity threats, and the digital underworld. Join us as we interview experts, discuss the latest trends in cybercrime, and shed light on the technologies that operate beneath the surface of everyday internet use. Also, we occasionally go off on a tangent about something completely unrelated. The Protocol CoinDesk Dive deep into the blockchain realm with The Protocol Podcast, where we unravel the intricate technologies powering cryptocurrencies like Bitcoin and Ethereum. Join us on a journey through the labyrinthine layers of blockchain innovation, as tech-savvy developers sculpt the future of finance and the decentralized web. Led by CoinDesk's adept journalists, we dissect the freshest news and project revelations, demystifying the mechanics and significance of it all for those hungry to grasp the inner workings of this dynamic and rapidly evolving industry.Meet your hosts: Brad Keoun, Sam Kessler, and Margaux Nijkerk…and tune in, techies!

Frequently Asked Questions

How long is this episode of Syntax - Tasty Web Development Treats?

This episode is 47 minutes long.

When was this Syntax - Tasty Web Development Treats episode published?

This episode was published on March 9, 2026.

What is this episode about?

Scott and Wes are joined by Phil Miller and Theo Ephraim to talk about Varlock, a new approach to environment variables that adds schemas, validation, and security to the humble .env file. They dig into the risks of traditional env workflows, how...

Can I download this Syntax - Tasty Web Development Treats episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.