Skip to content

Preparado para usar DB de Render desde local#5

Open
gonzalo-olmedo wants to merge 3 commits intoWeb-Developers2-0:devegonzalofrom
gonzalo-olmedo:devegonzalo
Open

Preparado para usar DB de Render desde local#5
gonzalo-olmedo wants to merge 3 commits intoWeb-Developers2-0:devegonzalofrom
gonzalo-olmedo:devegonzalo

Conversation

@gonzalo-olmedo
Copy link
Contributor

@gonzalo-olmedo gonzalo-olmedo commented Sep 21, 2025

No description provided.

Copilot AI review requested due to automatic review settings December 10, 2025 00:08
Copilot AI reviewed Dec 10, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR improves security by removing a committed .env file containing sensitive database credentials from the repository and adding it to .gitignore to prevent future commits. The title indicates preparation for using Render's database from a local environment.

Key changes:

  • Removed the .env file containing exposed PostgreSQL credentials for Render database
  • Added .env to .gitignore to prevent future credential exposure

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.

File Description
.gitignore Added .env to ignore list to prevent committing environment variables
.env Removed file containing sensitive database credentials (SECRET_KEY, PostgreSQL credentials)
Comments suppressed due to low confidence (2)

.env:1

  • The database credentials (including password br6nZJQDRX7CGiEj5nXjLIPwxJV9zKTB) that were previously committed to this repository remain in the git history. Anyone with access to the repository can still retrieve these credentials from past commits.

Critical action required: The database password should be rotated immediately on the Render platform, as the old credentials are permanently exposed in the git history. Consider using git filter-branch or BFG Repo-Cleaner to remove sensitive data from git history if this is a public repository.
.env:1

  • The removed .env previously contained hardcoded secrets, including SECRET_KEY, database user, password, and full DATABASE_URL, which exposes production credentials to anyone with repository access. Although this PR deletes the file and adds .env to .gitignore, the leaked secrets remain in git history and should be treated as compromised; rotate the Django SECRET_KEY, database password, and any other exposed credentials and ensure they are provisioned via a secure secret management mechanism instead of committing them to source control. Going forward, keep .env-style files untracked and use environment variables or a secrets manager (e.g., Render environment settings) to supply these values.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gonzalo-olmedo