crookedneighbor
commented
5 years ago No, as you'd only ever be using the sdk in the context of sandbox or production. If someone has gotten access to your server and setting your environment to something other than those values, you have much bigger problems :)
That said, this code path is largely deprecated, and we'll see if we can remove it from the next major version.
With .dev becoming a publicly available TLD as of February 2019, is this instance of
auth.venmo.deva potential security issue?https://github.com/braintree/braintree_php/blob/49ba5ac81e8c04bb3ffe8888b320616168bc8597/lib/Braintree/Configuration.php#L620