diff --git a/.env b/.env
deleted file mode 100644
index 43e6c81..0000000
--- a/.env
+++ /dev/null
@@ -1,9 +0,0 @@
-# Project-level dev environment vars. Source before working in the repo:
-#   set -a; . ./.env; set +a
-# (or use direnv / your editor's .env loader)
-#
-# Don't put secrets here — this file is committed. Personal overrides go in
-# .env.local, which is gitignored.
-
-# Stop Python from writing __pycache__/ trees in the working tree.
-PYTHONDONTWRITEBYTECODE=1
diff --git a/.gitignore b/.gitignore
index 8b0fee9..9b1dfa8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,11 +12,9 @@ build/
 .venv/
 venv/
 
-# Personal env overrides — the tracked .env carries shared dev-convenience
-# vars (PYTHONDONTWRITEBYTECODE etc.); .env.local is for per-developer extras
-# and stays out of git. Don't put secrets in either; floodgate has no secret
-# config.
-.env.local
+# Local env files — never commit. Even if floodgate has no required secrets,
+# treating dotenv files as private prevents accidental leaks.
+.env*
 
 # Test caches and coverage artefacts
 .pytest_cache/
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index f2460d5..a7e5b79 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -28,10 +28,8 @@ Every PR and push to `main` runs five jobs in sequence:
 ### Running locally
 
 ```bash
-# Source the project .env once per shell to pick up dev-convenience vars
-# (currently just PYTHONDONTWRITEBYTECODE=1 to keep __pycache__ out of the
-# working tree). direnv users can skip this — direnv loads it automatically.
-set -a; . ./.env; set +a
+# Optional: keep __pycache__ out of the working tree.
+export PYTHONDONTWRITEBYTECODE=1
 
 # Unit tests (fast, no Docker needed). Protobuf-dependent tests skip
 # automatically if you haven't generated stubs yet.