Why? Avoid ( ) committing ( ) your , or other ( ) to by storing them as environment variables. See the example like this accidentally exposing private keys passwords sensitive details by hard-coding in them in your script GitHub There is a story of a person who pushed aws keys to github: pushing API keys to GitHub can be an : Accidentally Expensive/Stressful Lesson https://www.quora.com/My-AWS-account-was-hacked-and-I-have-a-50-000-bill-how-can-I-reduce-the-amount-I-need-to-pay What is Environment Variable? An environment variable is a pair that is stored on the local system where your code/app is being run and is accessible from within your code. KEY=value How? Follow these steps: List all the Environment Variables Default $ printenv 2. For storing our secret data like tokens, API keys, passwords create a file named app-env export API_KEY="ABDJFdfrpf956irjglkfmgi5kgf"export TOKEN="213j29rhdfn94htrfuh94" 3. Source this file into local environment using source command $ source app-env 4. Now we can use these environment variable in our program as for example in : NodeJS Node.js gives you access to the variables defined in your environment in the global object. process.env So we can use process.env object to access our keys var api_key = process.env.API_KEY; 5. and last thing add app-env to .gitignore so this file is ignored to .git app-env This way we can use our keys and tokens in our local environment and be safe from getting these sensitive data exposed to others on Github.

how to use Environment Variables keep your secret keys safe & secure!

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Create a strong, secure and memorable password

Security Is A Practice, Not A One-Time Project

How to Solve Real-Time Auth Without Having to Sacrifice Performance

Exploring and Explaining The New Frontiers of Advanced Prompt Injection

The Best Ways to Write Git Commit Messages: Just Like the Pros

Relearning Packer: 4 Common Myths About Image Automation Debunked

Create a strong, secure and memorable password

Security Is A Practice, Not A One-Time Project

How to Solve Real-Time Auth Without Having to Sacrifice Performance

Exploring and Explaining The New Frontiers of Advanced Prompt Injection

The Best Ways to Write Git Commit Messages: Just Like the Pros

Relearning Packer: 4 Common Myths About Image Automation Debunked

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps