Leave personal access token in package.json under dependenci


Topic: Leave personal access token in package.json under dependencies?

yyandyceo asked 4 years ago

Is it fine to leave my personal access token in package.json file under dependencies like the following and push it onto github? This is an app I'm working on and it is being hosted.

"dependencies": { ... "mdb-react-ui-kit": "git+https://oauth2:ACCESS_TOKEN@git.mdbootstrap.com/mdb/react/mdb5/prd/mdb5-react-ui-kit-pro-essential", ... }

[I tried ssh but couldn't make it work.]


Bridget Melvin pro premium answered 2 years ago

bump ... I have this problem as well. Cannot add git.mdbootstrap.com to known_hosts


Krzysztof Wilk staff answered 2 years ago

Hi!

I think the best approach is to set this token as an environmental variable (using i.e. dotenv) and use it inside your package.json file :)


Bridget Melvin pro premium commented 2 years ago

would I include it in the scripts and exclude the installed package from package.json? Is there documentation on how this is accomplished?


Please insert min. 20 characters.

FREE CONSULTATION

Hire our experts to build a dedicated project. We'll analyze your business requirements, for free.

Status

Answered

Specification of the issue
  • User: Free
  • Premium support: No
  • Technology: MDB React
  • MDB Version: MDB5 1.0.0-beta5
  • Device: MBP
  • Browser: Google
  • OS: OSX
  • Provided sample code: No
  • Provided link: No