Topic: Leave personal access token in package.json under dependencies?

yyandyceo free asked 1 year ago


Is it fine to leave my personal access token in package.json file under dependencies like the following and push it onto github? This is an app I'm working on and it is being hosted.

"dependencies": { ... "mdb-react-ui-kit": "git+https://oauth2:ACCESS_TOKEN@git.mdbootstrap.com/mdb/react/mdb5/prd/mdb5-react-ui-kit-pro-essential", ... }

[I tried ssh but couldn't make it work.]


Krzysztof Wilk staff answered 6 months ago


Hi!

I think the best approach is to set this token as an environmental variable (using i.e. dotenv) and use it inside your package.json file :)


Bridget Melvin premium commented 6 months ago

would I include it in the scripts and exclude the installed package from package.json? Is there documentation on how this is accomplished?


Bridget Melvin premium answered 6 months ago


bump ... I have this problem as well. Cannot add git.mdbootstrap.com to known_hosts



Please insert min. 20 characters.

FREE CONSULTATION

Hire our experts to build a dedicated project. We'll analyze your business requirements, for free.

Status

Answered

Specification of the issue

  • User: Free
  • Premium support: No
  • Technology: MDB React
  • MDB Version: MDB5 1.0.0-beta5
  • Device: MBP
  • Browser: Google
  • OS: OSX
  • Provided sample code: No
  • Provided link: No