I used to do this. Now I just have a mysecrets.py file (which is not in the repo obviously) and just type "from mysecrets import *" at the top of settings.py. The problem I had with .env is with debug mode. Say someone on your team accidentally deploys in prod with DEBUG=True. If an end-user hits a python exception for some reason, the environment variables all appear on the Django debug screen. In contrast, regular python variables in settings.py are obfuscated by Django. Have you noticed this? Does it concern you?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I used to do this. Now I just have a mysecrets.py file (which is not in the repo obviously) and just type "from mysecrets import *" at the top of settings.py. The problem I had with .env is with debug mode. Say someone on your team accidentally deploys in prod with DEBUG=True. If an end-user hits a python exception for some reason, the environment variables all appear on the Django debug screen. In contrast, regular python variables in settings.py are obfuscated by Django. Have you noticed this? Does it concern you?