BTW, how would you store the infisical token? If you go with hardcoding it, you just published all your secrets. And if you use .env file, infisical would be yet another dependency to manage!
It depends on the environment. If you're referring to local development, then I'd store it in a .env file.
You're right that the Infisical Token could be leaked like the environment variables. However, you're forgetting that Infisical helps you always fetch the right set of environment variables to your application whereas if you stored your environment variables directly in a .env file then they may be out-of-sync.
It turns out this becomes even more useful when you have more environments from local development to CI/CD and production. With Infisical, you get to manage your environment variables centrally and know that the right variables will go to the right environment including local development.
This centralization and solution to the problem known as "secret sprawl" is the basis for the entire industry of secret management :)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
BTW, how would you store the infisical token? If you go with hardcoding it, you just published all your secrets. And if you use .env file, infisical would be yet another dependency to manage!
One way to store the token securely in a Docker or Kubernetes environment is to use secrets.
Then I don't see a need for infisical in the first place!
It depends on the environment. If you're referring to local development, then I'd store it in a .env file.
You're right that the Infisical Token could be leaked like the environment variables. However, you're forgetting that Infisical helps you always fetch the right set of environment variables to your application whereas if you stored your environment variables directly in a .env file then they may be out-of-sync.
It turns out this becomes even more useful when you have more environments from local development to CI/CD and production. With Infisical, you get to manage your environment variables centrally and know that the right variables will go to the right environment including local development.
This centralization and solution to the problem known as "secret sprawl" is the basis for the entire industry of secret management :)