Hey! I fully understand. But this is what the article means.
"sensitive data mean any data you shouldn't share with any one such as api keys, secret-ids, firebase config keys,etc...."
The example use "API_KEY" env variable. But even env variable value will be use instead of process.env when your files are bundled.
console.log(process.env.MY_PRIVATE_ENV) will become console.log("the value of the variable at compile time") in the js file. Nothing change, private are still in your bundled files. You still "share" the api key.
Hey Lyrod, I understand u.
env files don't fully isolate the private keys from the code
its job to reduce the percentage of reaching the private keys from your github code
but not fully private as u mentioned
i think we need some package to encrypt them or use them from the server in some how
if u found any way can do it plz share it with me
thank u so much for making it clear for me
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
This does not change anything, private key is still in bundled js files. There is no right solution I know
Hello Lyrod,
plz make sure that
1- you did add the env files in git-ignore file
2- re-start your project serve
Hey! I fully understand. But this is what the article means.
"sensitive data mean any data you shouldn't share with any one such as api keys, secret-ids, firebase config keys,etc...."
The example use "API_KEY" env variable. But even env variable value will be use instead of process.env when your files are bundled.
console.log(process.env.MY_PRIVATE_ENV) will become console.log("the value of the variable at compile time") in the js file. Nothing change, private are still in your bundled files. You still "share" the api key.
Hey Lyrod, I understand u.
env files don't fully isolate the private keys from the code
its job to reduce the percentage of reaching the private keys from your github code
but not fully private as u mentioned
i think we need some package to encrypt them or use them from the server in some how
if u found any way can do it plz share it with me
thank u so much for making it clear for me