The current approach of having to supply usernames and password as CLI flags is insecure. On a Linux system (not sure about other platforms), CLI args are visible to all processes running on the host kernel. On the other hand, environment variables are only visible to the user who ran the process.

The ability to specify registry credentials as environment variables should be a positive impact for users. It will allow them to more securely handle login credentials.

Yes, just use the existing command line flags.