alt Hacker NewsFunny how the headline tries to spin this as an env vars issue.
By far the biggest issue is being able to access the production environment of millions of customers from a Google Workspace. Only a handful of Vercel employees should be able to do that with 2FA if not 3FA.
No one should be, why are the enverionmant variables not encrypted itself and the encryption key is stored with your oauth provider ?