Skip to content

Commit d619a27

Browse files
josegomez-devjosegomez-dev
committed
fix(security): sanitize environment files and update gitignore
1 parent efd76b7 commit d619a27

File tree

2 files changed

+18
-15
lines changed

2 files changed

+18
-15
lines changed

.gitignore

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10,12 +10,14 @@ out/
1010
build/
1111
dist/
1212

13-
# Environment variables
13+
# Environment variables - CRITICAL SECURITY
1414
.env
15-
.env.local
16-
.env.development.local
17-
.env.test.local
18-
.env.production.local
15+
.env.*
16+
!.env.example
17+
env.local
18+
env.production
19+
env.development
20+
env.test
1921

2022
# TypeScript
2123
*.tsbuildinfo

env.example

Lines changed: 11 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -53,8 +53,8 @@ NEXT_PUBLIC_DEBUG_MODE=false
5353

5454
# JWT and session secrets (server-side only)
5555
# Generate with: openssl rand -base64 32
56-
JWT_SECRET=jwt_n3XuS
57-
SESSION_SECRET=session_n3XuS
56+
JWT_SECRET=your_jwt_secret_here_generate_with_openssl_rand_base64_32
57+
SESSION_SECRET=your_session_secret_here_generate_with_openssl_rand_base64_32
5858

5959
# ============================================================================
6060
# FEATURE FLAGS
@@ -94,13 +94,14 @@ NEXT_PUBLIC_FRAME_OPTIONS_ENABLED=true
9494
# ============================================================================
9595

9696
# Firebase project configuration
97-
NEXT_PUBLIC_FIREBASE_API_KEY=AIzaSyCVq9jAmW912-4SClPuip6bbPy5fnWE7no
98-
NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=nexus-55966.firebaseapp.com
99-
NEXT_PUBLIC_FIREBASE_PROJECT_ID=nexus-55966
100-
NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=nexus-55966.firebasestorage.app
101-
NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=48419163339
102-
NEXT_PUBLIC_FIREBASE_APP_ID=1:48419163339:web:637eadbce2dadb24605f4e
103-
NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID=G-80T26CG9PM
97+
# Get these values from your Firebase Console > Project Settings > General
98+
NEXT_PUBLIC_FIREBASE_API_KEY=your_firebase_api_key_here
99+
NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=your-project-id.firebaseapp.com
100+
NEXT_PUBLIC_FIREBASE_PROJECT_ID=your-project-id
101+
NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=your-project-id.firebasestorage.app
102+
NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=your_messaging_sender_id
103+
NEXT_PUBLIC_FIREBASE_APP_ID=your_firebase_app_id
104+
NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID=your_measurement_id
104105

105106
# Firebase emulator configuration (development only)
106107
FIREBASE_USE_EMULATOR=false
@@ -114,7 +115,7 @@ FIREBASE_AUTH_EMULATOR_HOST=localhost:9099
114115
NEXT_PUBLIC_ANALYTICS_ENABLED=false
115116
NEXT_PUBLIC_ANALYTICS_ID=nexus-55966
116117
NEXT_PUBLIC_ERROR_REPORTING_ENABLED=true
117-
NEXT_PUBLIC_ERROR_REPORTING_API_KEY=fS7lRrskKyoJwOg2QAaGdjFNz4ua1YXH
118+
NEXT_PUBLIC_ERROR_REPORTING_API_KEY=your_error_reporting_api_key_here
118119

119120
# ============================================================================
120121
# AI ASSISTANT CONFIGURATION

0 commit comments

Comments
 (0)