molbiodiv / fennec

Functional Exploration of Natural Networks and Ecological Communities
MIT License
6 stars 3 forks source link

The client secret is a leaked in the blob file #216

Closed yevh closed 3 years ago

yevh commented 3 years ago

Hi there,

I found that client secret is a leaked in the parameters.yml:

https://github.com/molbiodiv/fennec/blob/master/docker/fennec/parameters.yml

Be secure!

iimog commented 3 years ago

Thanks a lot @yevh I made sure that this secret is not actually used by any of my running instances and replaced the value with a dummy value to prevent people from using this value. Thanks again for reporting!