How do you handle sensitive env vars? If I store sensitive env vars like secret keys in my .zshrc or .bash_profile I don’t really want to check them into source control, but I would like the rest of my profile like aliases etc in there