Open flohw opened 1 month ago
the test env is also a candidate for exclusion on the other hand, doing nothing is also an option: at some point, people need to tweak their config anyway
We could add a line for the test env. I intended to prevent the risk of secret leak by default, which should be the default regarding safety for me. The new default would prevent the leak of any private key except dev, then the developer is still able to intentionally commit the files if he really wants to.
Hi,
First issue/contribution here, let me know if I need to change something. :-)
As described in the documentation the
config/secrets/prod/prod.decrypt.private.php
file must not be committed to the repository. The recipe for this works as expected. But assuming we have other environments asstaging
which shouldn't be exposed either (at least to me) the private keys of these environments are not protected by the current configuration.Maybe the
framework-bundle/*/manifest.json
should be updated like so in thegitignore
section:What do you think?
As mentioned in the readme, recipes should not be updated for the previous versions so I was not sure how to propose the PR. Maybe in the
framework-bundle/7.3/manifest.json
? Should I copy the 7.2 structure and update only the proposed part?Let me know, I can provide the PR if you think the change is appropriate.