SECRET_KEY_BASE listed in error message #5271
a variable SECRET_KEY_BASE is listed in the section "Environment variables" of a ...
"Web application could not be started
... error message of the osm website which I just saw (not any more). Value is something like eJ+wiOKsadkdsasAasd+fsfjKLalwe+sd...
https://github.com/rails-api/rails-api/blob/dd6b71bd6e6e241529f541dc92b2076e9d238b28/lib/rails-api/templates/rails/app/config/initializers/secret_token.rb.tt says "Make sure your secret_key_base is kept private if you're sharing your code publicly."
While I do not know if this is raelly a problem for OSM, I rather mention it ... It looks not that nice to expose a variable which is named "secret" to users.
The text was updated successfully, but these errors were encountered:
Okay, fine, thank you! :-)
Would it be (easily) possible to set this variable to 000000_not_used_000000 then? That way it would not look that suspicious (to other people seeing such errors in the future).