They are private. Many people store env secrets (db conn strings, etc.) in .bashrc. It's meant to be a private place in your home folder for private things.
They are really only private if you design it that way. There are numerous ways you could have access to those private parts of your bashrc, but still make the actual bashrc public.
That's coming from my kubernetes background though, and handling secrets this way is not something that people are always accustomed to.
