Thanks, Ritchie, this is valuable. *> environment variables shouldn't be used to store anything secret*
I was under the impression that it is common practice to include database creds embedded in a DATABASE_URL environment variable, as well as creds/tokens for other third-party services (s3, etc) -- isn't this what the 12 factor app (http://12factor.net/ - Heroku's manifesto) recommends? *> If you're checking any machine-generated data in to a version control system, you're doing it wrong* Some prominent node devs (including mikeal<http://www.futurealoof.com/posts/nodemodules-in-git.html>) encourage checking node_modules into source control. Wouldn't this include machine-generated data, including the .lock-wscript file? Or would that be excluded by a .gitignore rule? -- peter rust -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/19bea222-816b-4c48-85af-385af76510c0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
