Is there advice for when to use #biff/secret over #biff/env ? My understanding is that both take their values from the config.env file.
> My understanding is that both take their values from the config.env file.
That's correct. The only difference is values from #biff/secret get wrapped in a function so you to do e.g. ((:biff/secret ctx) :foo/api-key) instead of just (:foo/api-key ctx). The advantage is that if you accidentally log the entire ctx map, or serialize it in a web page (e.g. I accidentally did something like [:div ctx ...] once), or otherwise expose the contexts of ctx publicly, the values from #biff/secret won't be visible.
So it's mostly for API keys and other things that you wouldn't want to be public.
Thanks, very helpful.