this post was submitted on 14 Jul 2026
904 points (99.0% liked)

Programmer Humor

32303 readers
2190 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] percent@infosec.pub 5 points 8 hours ago (1 children)

Production creds in .env? ...Why?

[โ€“] theneverfox@pawb.social 1 points 1 hour ago

Better than hard coded... Ideally we use tokens+fingerprint or something to avoid storing the creds directly (if possible), but putting them in environment variables is pretty common

It's not the worst thing, it's very convenient (so people won't go around it) and usually not the weak point in security (although AI being able to easily see it is an interesting twist)