Closed dargmuesli closed 1 week ago
Attention: Patch coverage is 52.94118%
with 8 lines
in your changes missing coverage. Please review.
Project coverage is 19.43%. Comparing base (
c564106
) to head (eaca0dc
). Report is 77 commits behind head on main.
Files with missing lines | Patch % | Lines |
---|---|---|
src/runtime/nitro/utils/verify.ts | 0.00% | 8 Missing :warning: |
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Defining the secret key in an environment variable works, it's just that it's a common weakness as described in CWE-526.
Non-Node environments are the reason I thought about alternatives in https://github.com/nuxt-modules/turnstile/issues/297 under "additional info".
Ok, looking at this from today's perspective - I'm grateful to have learned a lot about Nuxt in the past year! - I think this here is not the correct place to implement what I thought of initially. Sourcing secrets from some storage (alternative to environment variables) at runtime and making those available to Nuxt and its modules sounds like a good thing to implement in a separate module, so all existing modules can benefit. I'm closing this here for now. @danielroe if you have any knowledge of work like this already in progress or ideas existing, feel free to ping me so I can join collaboration and find the right place to work on this eventually :raised_hands:
Resolves #297
Quick draft to demonstrate what I intend to achieve. Collaboration welcome.