security - Code & Context AI Newsletter

security

What local encrypted dotenvs protect, and when to move up

A plain threat model for local encrypted dotenvs in the age of stronger AI security models and active supply-chain secret theft: what improves, what does not, and when to move up.

A step-by-step migration flow from plaintext dotenv file to validated encrypted dotenv file.

security

How to migrate one repo from plaintext dotenv files to SOPS + age

A practical one-repo migration path for moving plaintext dotenvs to SOPS + age now that AI-assisted vulnerability research and supply-chain secret theft make local plaintext secrets a worse default.

Plaintext dotenv values becoming encrypted repo files on a macOS developer desk.

security

Why I built a local encrypted dotenv workflow for macOS

Stronger AI security models and recent supply-chain attacks make plaintext local env files feel like the wrong default. This is a small macOS workflow for encrypted dotenvs with SOPS, age, and Keychain.