Leaked ClientID linkedin in sourcecode.

DESCRIPTION
Secrets should never be checked into source code. Ideally, they should be injected into the runtime and then the values should be picked from there.

Examples of secrets are SSH keys, API keys and secrets (AWS or Stripe APIs, for example), database credentials etc.

BAD PRACTICE
In the sample Python code below, the secrets have been hardcoded:

key = "12345azan+/ryGUuk"
RECOMMENDED
Ideally, this should be picked from the environment, like:

key = os.getenv("SECRET_KEY")



Leaked "LinkedIn Client ID" detected in source: "IoLogoLinkedin"
[src/config/icon.config.js](https://github.com/philipjonsen/thornode-network/blob/main/src/config/icon.config.js#L108-L108)

export const SocialFacebookIcon = IoLogoFacebook; // Social Facebook icon
export const SocialTwitterIcon = IoLogoTwitter; // Social Twitter icon
export const SocialGooglePlusIcon = IoLogoGoogleplus; // Social Google Plus icon
export const SocialLinkedinIcon = IoLogoLinkedin; // Social Linkedin icon
export const SocialDribbbleIcon = IoLogoDribbble; // Social Dribbble icon


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Leaked ClientID linkedin in sourcecode. #16

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Leaked ClientID linkedin in sourcecode. #16

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions