feat(secret): source at runtime

[dargmuesli]

Resolves #297

Quick draft to demonstrate what I intend to achieve. Collaboration welcome.

[codecov[bot]]

Codecov Report

Attention: Patch coverage is 52.94118% with 8 lines in your changes missing coverage. Please review.

Project coverage is 19.43%. Comparing base (c564106) to head (eaca0dc). Report is 77 commits behind head on main.

Files with missing lines	Patch %	Lines
src/runtime/nitro/utils/verify.ts	0.00%	8 Missing :warning:

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #298 +/- ## ========================================== + Coverage 19.26% 19.43% +0.16% ========================================== Files 12 12 Lines 493 494 +1 Branches 23 21 -2 ========================================== + Hits 95 96 +1 Misses 398 398 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[dargmuesli]

Defining the secret key in an environment variable works, it's just that it's a common weakness as described in CWE-526.

Non-Node environments are the reason I thought about alternatives in https://github.com/nuxt-modules/turnstile/issues/297 under "additional info".

[dargmuesli]

Ok, looking at this from today's perspective - I'm grateful to have learned a lot about Nuxt in the past year! - I think this here is not the correct place to implement what I thought of initially. Sourcing secrets from some storage (alternative to environment variables) at runtime and making those available to Nuxt and its modules sounds like a good thing to implement in a separate module, so all existing modules can benefit. I'm closing this here for now. @danielroe if you have any knowledge of work like this already in progress or ideas existing, feel free to ping me so I can join collaboration and find the right place to work on this eventually :raised_hands: