-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Passwords in source ? #271
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I came across this article and I noticed that you have your database password hardcoded in the source. If this is being used in production, it should be changed. Even if it isn't, I think it's a good idea to remove the environment variables altogether from the source and pass them as a file that's not in source code and is shipped using a secure method.
I would be happy to contribute the change. Please let me know if this project is still alive
The text was updated successfully, but these errors were encountered: