Fixed formatting for .env article

xrissoula · xrissoula · commit 3dc020bdd3bf · 2025-03-05T23:23:41.000-07:00
diff --git a/docs/how-to-guides/companies-and-teams/the-problem-with-env.md b/docs/how-to-guides/companies-and-teams/the-problem-with-env.md
@@ -1,8 +1,8 @@
 ---
-slug: problem-with-env-files-polykey-future  
-title: The Problem with .env Files & Why Polykey Is the Future  
-authors:  
-tags: ['secrets-management', 'security', 'devops', 'cloud', 'software-engineering']  
+title: "The Problem with .env Files & Why Polykey Is the Future"
+date: 2025-03-05
+author: "Christina"
+tags: ["secrets-management", "security", "devops", "cloud", "software-engineering"]
 ---
 
 # The Problem with .env Files & Why Polykey Is the Future  
@@ -14,17 +14,17 @@ They’re plaintext. They’re a pain to share securely. They’re constantly ge
 ## Why .env Files Are a Security Dumpster Fire  
 
 ### One bad git commit and it’s game over  
-Even if you throw `.env` into `.gitignore`, mistakes happen. One `git add -A`, and boom—your secrets are public.  
+Even if you throw `.env` into `.gitignore`, mistakes happen. One `git add -A`, and boom, your secrets are public.  
 
 ### Plaintext storage is a disaster waiting to happen  
 `.env` files sit unencrypted on disk. A malware infection, a rogue employee, or just someone getting access to a developer laptop, and your secrets are wide open.  
 
 ### Sharing secrets shouldn’t be this messy  
 How do most teams share `.env` files?  
 
-- Slack messages  
-- Email attachments  
-- Pasting them into a Google Doc  
+* Slack messages  
+* Email attachments  
+* Pasting them into a Google Doc  
 
 None of this is secure. But it’s still what people do.  
 
@@ -38,18 +38,18 @@ When your team grows, how do you handle secret rotation? How do you make sure ev
 
 Some teams try to move away from `.env` files but just end up in different security nightmares:  
 
-- **Hardcoding secrets in source code** (seriously?)  
-- **Storing them in a database** (better, but still risky)  
-- **Using cloud secret managers** like AWS Secrets Manager or HashiCorp Vault (okay, but you’re still handing your secrets to a third party)  
+- Hardcoding secrets in source code** (seriously?)  
+- Storing them in a database (better, but still risky)  
+- Using cloud secret managers like AWS Secrets Manager or HashiCorp Vault (okay, but you’re still handing your secrets to a third party)  
 
 ## Polykey: A Secure, Decentralized Alternative  
 
 Polykey kills `.env` files entirely. Instead of shoving secrets into plaintext files, it gives you:  
 
-- **Encrypted local vaults** so secrets never sit exposed  
-- **Peer-to-peer secret sharing** so you’re not passing creds over Slack or email  
-- **A zero-trust architecture** that doesn’t rely on any cloud provider  
-- **A CLI-first design** that fits straight into DevOps workflows  
+* Encrypted local vaults so secrets never sit exposed  
+* Peer-to-peer secret sharing** so you’re not passing creds over Slack or email  
+* A zero-trust architecture** that doesn’t rely on any cloud provider  
+* A CLI-first design** that fits straight into DevOps workflows  
 
 ## How It Works  
 
@@ -75,7 +75,7 @@ Instead of dumping creds into `.env`, you:
 
 
 ## Why This Changes Everything
-   * You keep full control over your secrets—no third-party trust required
+   * You keep full control over your secrets. No third-party trust required
    * Enterprises can securely distribute API keys without exposing them to the cloud
    * No single point of failure—secrets stay decentralized and encrypted
 
