My application requires a private key, which I’d very much like to keep hidden. I include that key in my
.env file, but when opening the project from an incognito window (where I would expect to see all files except
.data, correct?) I see a somewhat corrupted version of
.env, and the sensitive content is very much still there.
In case it’s related to the content, I have:
# API key. API_KEY="<<< SECRET STUFF HERE >>>" # Private key. PRIVATE_KEY=$(cat <<'END_HEREDOC' <<< SECRET STUFF HERE >>> END_HEREDOC )
When opening the project in incognito, the
.env file is there, the
$(cat <<'END_HEREDOC' text is missing, and the private key itself is visible.
Here’s a link, where I’ve removed the parts I’m concerned about: