David Kimura PRO said over 6 years ago on Encrypted Credentials in Rails 5.2 :
In this situation, the developers must have access to the master key which would expose production secrets to more people than necessary. This of course depends on the layout of the R&D team. If it is a solo developer working on a personal project then the exposure is obviously limited. However, in a larger setting, often the developers will not have access nor the secrets to the production environment.