The current SECRETS_SCAN_SMART_DETECTION_OMIT_VALUES approach is clunky. It requires copying raw secret values into another env variable. That feels error-prone and ironic for a security feature.
A BETTER SOLUTION (PROPOSED FEATURE) would be a simple checkbox next to each environment variable in the Site Settings UI. Let users mark specific variables as “expected in build output”. No duplicating values. No comma-separated strings. Just a clean toggle per variable.