GITHUB_SECRET stored in unsafe place in .env at Get Set for our Back End Development Projects challenge #8854
Labels
other: decayed
Stale issues that need follow up from commentators. Were closed for inactivity
Challenge Name
https://www.freecodecamp.com/challenges/get-set-for-our-back-end-development-projects
Issue Description
GITHUB_SECRET stored in .env file at cloud9 workspace.
The workspace is set to public as shown in step 2 / 14.
Any one with a cloud9 account can have access to the GITHUB_SECRET.
This against Github document https://developer.github.com/guides/basics-of-authentication/
"The Client Secret should not be shared!"
Screenshot
Demonstrate access as a guest to the .env file at workspace shown in the challenge https://ide.c9.io/happycoder42/test.
The text was updated successfully, but these errors were encountered: