-
-
Notifications
You must be signed in to change notification settings - Fork 477
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Default secret configuration to avoid secret leak #1320
Comments
the test env is also a candidate for exclusion |
We could add a line for the test env. |
Hi,
First issue/contribution here, let me know if I need to change something. :-)
As described in the documentation the
config/secrets/prod/prod.decrypt.private.php
file must not be committed to the repository.The recipe for this works as expected. But assuming we have other environments as
staging
which shouldn't be exposed either (at least to me) the private keys of these environments are not protected by the current configuration.Maybe the
framework-bundle/*/manifest.json
should be updated like so in thegitignore
section:What do you think?
As mentioned in the readme, recipes should not be updated for the previous versions so I was not sure how to propose the PR. Maybe in the
framework-bundle/7.3/manifest.json
? Should I copy the 7.2 structure and update only the proposed part?Let me know, I can provide the PR if you think the change is appropriate.
The text was updated successfully, but these errors were encountered: