.env is divulging secrets, but only when remixing, despite this explicit mention that it clears out the secrets upon remix:
Only invited collaborators are able to see the contents of your .env file. So anonymous viewers or logged-in users who haven’t been invited to your project can’t see them. When remixing an app the values are cleared so they’re not copied across.
They are not visible in the root project anonymously: https://glitch.com/edit/#!/smartthings-rules-manager?path=.env:6:50
This is concerning, as we just sent out an email campaign driving developers to our Glitch example. Is this a bug in Glitch, or have we done something improperly resulting in this?