The .env- pattern is a ticking time bomb. It exploits the gap between human logic (" - separates words") and machine logic (" - changes glob matching"). It looks safe, feels organized, but behaves like a backdoor.
4/6 Don't use .env files in production. Use your platform's secret manager (AWS Secrets Manager, Doppler, HashiCorp Vault, or even your hosting UI).
✅ Do this instead:
If you want, I can: