https://funinkina.co.in/tags/cli/Recent content in Cli on funinkina's cornerHugoenSat, 16 May 2026 00:09:59 +0530https://funinkina.co.in/projects/deadenv/Sat, 16 May 2026 00:09:59 +0530https://funinkina.co.in/projects/deadenv/<p>Every developer I know has a <code>.env</code> file they shouldn&rsquo;t. Maybe it has a production API key. Maybe it&rsquo;s tracked in git with a <code>.gitignore</code> entry that someone forgot to add. Maybe it&rsquo;s just sitting there, world-readable, on a shared dev machine. We all know it&rsquo;s bad. We keep doing it anyway because there&rsquo;s no real alternative that doesn&rsquo;t add significant friction.</p> <p><code>deadenv</code> is my attempt to fix that. It&rsquo;s a cross-platform CLI tool written in Go that stores secrets in the OS-native keychain: Keychain on macOS, libsecret/GNOME Keyring on Linux, Credential Manager on Windows, and injects them into subprocesses at runtime. Secrets never touch the filesystem in plaintext.</p>