Ultimmately I think the answer is because it's configuration, not code.
If I want to rotate my api key for a given service, should that require a full re-deploy of the website? In a static build like Bridgetown then yes, you are going to have to basically re-deploy the website and that is likely a tivial task, but in more complex environments that might be more difficult.
For me, I think that seperation of code and config represents something of a best practice, which I wanted to emulate in Bridgetown.
Keen to here your take. Would you argue for just slamming the api key in the html and being done with it?
yes, separation makes perfect sense, and should be considered as default certainly. i've seen too many frontend projects - usually by single developer - that leave configuration all over the place, ad hoc inserts, etc. it's very frustrating to take over a project like that and grep the code for config locations.
my angle was more geared towards the security aspect, as the key is public anyway.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Ultimmately I think the answer is because it's configuration, not code.
If I want to rotate my api key for a given service, should that require a full re-deploy of the website? In a static build like Bridgetown then yes, you are going to have to basically re-deploy the website and that is likely a tivial task, but in more complex environments that might be more difficult.
For me, I think that seperation of code and config represents something of a best practice, which I wanted to emulate in Bridgetown.
Keen to here your take. Would you argue for just slamming the api key in the html and being done with it?
yes, separation makes perfect sense, and should be considered as default certainly. i've seen too many frontend projects - usually by single developer - that leave configuration all over the place, ad hoc inserts, etc. it's very frustrating to take over a project like that and grep the code for config locations.
my angle was more geared towards the security aspect, as the key is public anyway.