| ▲ | zwnow 14 hours ago |
| .env files are a thing in tons of codebases |
|
| ▲ | iwontberude 13 hours ago | parent | next [-] |
| but thats at runtime, secrets are going to be deployed in a secure manner after the code is released |
| |
| ▲ | zwnow 13 hours ago | parent [-] | | .env files are used to develop as well, for some things like PayPal u dont have to change the credentials, you just enable sandbox mode. If I had some LLM attached to my codebase, it would be able to read those credentials from the .env file. This has nothing to do with deployment. I never talked about deployment. | | |
| ▲ | Carrok 13 hours ago | parent [-] | | If you have your PayPal creds in your repository, you are doing it wrong. | | |
|
|
|
| ▲ | mkozlows 13 hours ago | parent | prev [-] |
| If your secrets are in your repo, you've probably already leaked them. |
