Hello, I have a feature request that would make my usage of the CLI more secure. When I run convox env, it’s always concerning to see all our passwords and API tokens logged in plain text. I would like to propose that these values get masked automatically if they contain SECRET, TOKEN, etc.,with a new CLI option to reveal masked env vars.
Another idea would be to have a split between config and secrets, and have a separate set of env vars that are considered “secure”. e.g.
convox env set FOO=123
convox secret set API_TOKEN=secret
convox env
FOO=123
API_TOKEN=***********
i.e. The two sets of environment variables that get merged together, where secrets has precedence.
Thanks!