You can, for being helpful, check in a text file with a bogus key and check that-in. In your case you can create a key.conf text file with the actual key, let the program use that file and let it be ignored by version control. You can check-in a sample configuration with placeholders but have the actual configuration local in your machine. the program/application searches for a configuration file and reads values from it. You can also do this by implementing configuration text files, i.e. So if the program is distributed as a binary then having the key hard-coded does not make it particularly maintainable. The downside with this strategy is that the key is hardcoded. I've seen a lot of open source projects do this such as MediaWiki with it's LocalSettings.php. Placeholders in code - as was suggested - which is most sane and easiest to do in dynamic programming languages as the code is easy to change (without needing to compile). There are several configuration strategies you can take in order to do so: Placeholders in code (hardcoded values) Especially if the project is open source you really shouldn't. The basic idea is that you do NOT check-in confidential values in the code or in the compiled binary.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |