I have a config for a project with CI/CD variables both global and scoped per environment (using the same key):

config_version: 3
projects_and_groups:
    group/project:
        variables:
            secret1_dev:
                key: SECRET1
                value: secretvalue
                masked: true
                environment_scope: dev
                filter[environment_scope]: dev
            secret1_stage:
                key: SECRET1
                value: verysecretvalue
                masked: true
                environment_scope: stage
                filter[environment_scope]: stage
            common_var:
                key: VAR
                value: value
                masked: false

And every time I execute gitlabform, I see this in verbose mode:

Editing secret1_dev of variables in group/project
Editing secret1_stage of variables in group/project
 * common_var of variables in group/project doesn't need an update

Looking at _needs_update method in gitlabform/processors/abstract_processor.py, I see that it returns True in case there are configuration keys only specified in configuration file. And since variables API never returns filter argument, these variables are always reported as "Edited" even if they are not being edited.
Which is of course not ideal to say the least. It would be great to somehow consider this case and make sure that if value is not being changed for the variable in specific environment_scope, show user doesn't need an update.

Now, while typing this I can't think of a good solution for this, but it would already be good to start this conversation.