Did you push the project to GitHub, including the config.js file? That would have caused the Twilio and GitHub monitoring systems to spot it and send you that email.
If you have hidden credentials like this before using .env files then the secret really is that .env files are likely to appear in your .gitignore file and never get committed to your repo. You can add config.js to the project's .gitignore file for this project, or, better for the future, update this project to use environment variables and dotenv (or similar).
Let me know if I can help any further.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Did you push the project to GitHub, including the config.js file? That would have caused the Twilio and GitHub monitoring systems to spot it and send you that email.
Hopefully you have already logged in and updated your auth token.
If you have hidden credentials like this before using
.env
files then the secret really is that.env
files are likely to appear in your.gitignore
file and never get committed to your repo. You can addconfig.js
to the project's.gitignore
file for this project, or, better for the future, update this project to use environment variables and dotenv (or similar).Let me know if I can help any further.