Use secret key base from env (!80) · Merge requests · CoFE / comm-cofe-reference

Ghost User requested to merge use-secret-base-from-env into develop Sep 28, 2020

We should be using a value from the environment instead of a hardcoded value that's going to be readable once the project is open-sourced. This is a potential attack vector.

The env value might need to be changed to avoid problems.

Related to https://git.fpfis.eu/future-of-europe/dife-decidim-fluxcd/-/merge_requests/6

Edited Sep 28, 2020 by Ghost User

Use secret key base from env

Merge request reports