vieter-v
/
vieter
2
1
Fork 5
Code Issues 84 Pull Requests 9 Packages Projects Releases 12 Wiki Activity

Don't inject API key as env var #256

New Issue
Open
opened 2022-06-17 20:21:59 +02:00 by Jef Roosens · 0 comments
Jef Roosens commented 2022-06-17 20:21:59 +02:00
Owner

Injecting the API key using an env var might actually be a security risk, because this means malicious PKGBUILDs could try extracting it. There's no reason to add it as an env var as it can just be substituted in the script before running.

Injecting the API key using an env var might actually be a security risk, because this means malicious PKGBUILDs could try extracting it. There's no reason to add it as an env var as it can just be substituted in the script before running.
Jef Roosens added the
enhancement
 label 2022-06-17 20:21:59 +02:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
renovate/nokogiri-1.x
dev
main
release-0.6.0
renovate/busybox-1.x
renovate/middleman-4.x-lockfile
renovate/webrick-1.x-lockfile
renovate/rouge-4.x
renovate/rouge-3.x-lockfile
renovate/redcarpet-3.x
renovate/middleman-syntax-3.x-lockfile
0.6.0
0.5.0
0.5.0-rc.2
0.5.0-rc.1
0.4.0
0.3.0
0.3.0-rc.1
0.3.0-alpha.2
0.3.0-alpha.1
0.2.0
0.1.0
0.1.0-rc1
Labels
Clear labels   
Roadmap

Tracking issue for a larger task   
V

This issue is blocked by a V issue   
bug

Something is not working   
docs

Something to add to the documentation   
duplicate

This issue or pull request already exists   
enhancement

New feature   
good first issue

A good issue to start out with as a new contributor   
help wanted

Need some help   
idea

Issue for brainstorming a new idea   
invalid

Something is wrong   
question

More information is needed   
wontfix

This won't be fixed
  
Idea

Issue for brainstorming a new idea   
Roadmap

Tracking issue for a larger task   
bug

Something is not working   
duplicate

This issue or pull request already exists   
enhancement

New feature   
help wanted

Need some help   
invalid

Something is wrong   
question

More information is needed   
wontfix

This won't be fixed
No Label
Roadmap
V
bug
docs
duplicate
enhancement
good first issue
help wanted
idea
invalid
question
wontfix
Idea
Roadmap
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: vieter-v/vieter#256
There is no content yet.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?