Introducing secrets overview to Lovable: a single view of secrets across every project in your workspace. You can sort by age, filter by project, and find the ones that shouldn't still be there. It's the latest addition to our Security Center, which provides a comprehensive view across all your projects, including dependency issues, database misconfigurations, and code analysis. Scanning and fixing issues in the Security Center doesn't consume any credits.
É preciso aplicar sistema de verificação de falhas como o que existe no ZAP ou ao menos uma parceria de integração com players consolidados de pentest. Aqui no Brasil estamos sofrendo com desenvolvedores e profissionais de cyber que ficam onda todo fazendo scan dos aplicativos desenvolvidos com vibe coding e tentando ganhar com consultoria dedicada. O que era uma vantagem do Lovable acaba se transformando num tormento para nos.
Visibility before vulnerability. This is the right order of operations. Well played.
Great to see security getting this level of visibility. A centralized view of secrets across projects makes it much easier to stay proactive and reduce risk especially as workspaces scale.
Security features like this rarely make headlines, yet they quietly define how trustworthy a platform becomes over time. The strongest systems are usually the ones that make complexity visible and manageable instead of hiding it. Building confidence in the background layers is what ultimately allows innovation to move faster on the surface.
This is great! But still not accessible for PRO users. I think that security-related features are the must for all plans, even from your business perspective. The PRO users can't move to more advanced plans without being able to make their current projects secure and ensuring this Lovable's capability for growing projects
Looking forward to the day security center is part of pro plan. Security should be in everyone’s best interest
This is one of those features that looks small — but changes behavior. When sensitive data becomes easier to manage, people stop avoiding use cases they should’ve built earlier. Less friction → more experimentation → better products. The real impact won’t be the feature itself, but what people finally feel safe enough to build with it.
Love how many new features you guys have been adding to Lovable! By far my favorite web development tool thus far!
This is fantastic. The “no credits” part is the right call too. Not locking safety behind a paywall is very customer first move. Security checks shouldn’t feel like a tax on shipping. I really appreciate Lovables approach to serving its users. Great update
Sorting by age is what makes this actually useful. I do manual secret audits across my projects every few months and always find stale Supabase service role keys in stuff I abandoned months ago. One question — does this catch secrets hardcoded directly in generated source files, or only env-var-style secrets? That first case is the sneakier failure mode with AI-generated code.