Skip to content

frontend: environment config & secure secrets for deployments #131

New issue
New issue
Open
Open
frontend: environment config & secure secrets for deployments#131
Labels
Semver:patchRepresents bug fixes in subversionsType:Mediumjunior developers talks
@ayushkrtiwari

Description

@ayushkrtiwari
ayushkrtiwari
opened on Nov 13, 2025

Goal

Centralize configuration and ensure secrets are never baked into bundles.

Tasks

  • Add config loader that uses process.env.* and falls back to runtime-config for static hosting.
  • Ensure any API keys are used server-side only; frontend uses short-lived tokens via auth endpoints.
  • Document how to set env vars for local, staging, prod (example vercel and docker instructions).
  • Add a CI secret scanning check that fails on accidental commit of .env files.

Acceptance criteria

  • No secrets are present in built frontend bundles; environment instructions present in README.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Semver:patchRepresents bug fixes in subversionsType:Mediumjunior developers talks

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions