Team member can get real value from encrypted secrets on the free plan

[Wei18]

Checks

• [X] I have searched github.com/withfig/fig/issues and there are no duplicates of my issue
• [X] I have run fig doctor in the affected terminal session
• [X] I have run fig restart and replicated the issue again

Operating system

macOS 13.2.1 (22D68)

Expected behaviour

echo $TEST_SECRET should not display real value

Actual behaviour

real value.

Steps to reproduce

Create the secret value e.g. key TEST_SECRET value hello, Let a team member run echo $TEST_SECRET or see in Dotfiles.

Environment

fig-details:
  - 2.16.0
hardware-info:
  - model: 
  - model-id: 
  - chip-id: Apple M2
  - cores: 8
  - mem: 24.00 GB
os-info:
  - macOS 13.2.1 (22D68)
environment:
  - shell: /bin/zsh
  - terminal: terminal
  - cwd: /Users/ZW
  - exe-path: /Users/ZW/.fig/bin/fig
  - install-method: unknown
  - env-vars:
    - FIGTERM_SESSION_ID: 1a82b29a-334a-42a8-8cfb-402ab255cac7
    - FIG_SET_PARENT_CHECK: 1
    - FIG_TERM: 2.16.0
    - PATH: /Users/ZW/.antigen/bundles/paulirish/git-open:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Users/ZW/.fig/bin:/Users/ZW/.local/bin:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/lib:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/plugins/git:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/plugins/command-not-found:/Users/ZW/.antigen/bundles/zsh-users/zsh-autosuggestions:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/plugins/vi-mode:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/plugins/osx:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/plugins/sublime:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/plugins/jsontools:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/plugins/colored-man-pages:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/plugins/history:/Users/ZW/.antigen/bundles/robbyrussell/oh-my-zsh/plugins/z:/Users/ZW/.antigen/bundles/paulirish/git-open:/Users/ZW/.antigen/bundles/zsh-users/zsh-syntax-highlighting:/Users/ZW/.gem/bin
    - SHELL: /bin/zsh
    - TERM: xterm-256color
    - __CFBundleIdentifier: com.apple.Terminal
    - FIG_PID: 24508
    - FIG_SET_PARENT: 1a82b29a-334a-42a8-8cfb-402ab255cac7

[mschrage]

This is the expected behavior. The secrets are encrypted at rest and in transit, but need to be accessible on the client.