Discussion

see #16263

As a long-time direnv user, I think it is best that the current checked-in .envrc file is deleted, or moved to .envrc.example or similar. Direnv was not designed to have its .envrc file checked in, as it is primarily intended for local environment overrides, and loading secondary files from .envrc causes a standing security issue, namely that secondary files are not hashed or checked for changes before sourcing.

I have already had my local .envrc clobbered by this change, and I don't currently have a way to restore my local environment overrides in a way that doesn't leave me with a standing diff.

Related discussions:

• https://lobste.rs/s/nm5lho/stop_putting_nix_setup_your_checked_envrc
• Remove .envrc NixOS/nixpkgs#325793
• Load .envrc.local, .envrc.dist direnv/direnv#556

Add a 👍 reaction to issues you find important.