I got this message from Twilio:
We have detected that your Twilio API credentials have been compromised. It is urgent that you take immediate action to secure your account as this poses a security risk and could lead to unauthorized activity or excessive charges.
is there a different way to hide this besides creating a .env file?
I am on my work computer right now, and I don't want to mess with the environment here.
Did you push the project to GitHub, including the config.js file? That would have caused the Twilio and GitHub monitoring systems to spot it and send you that email.
If you have hidden credentials like this before using .env files then the secret really is that .env files are likely to appear in your .gitignore file and never get committed to your repo. You can add config.js to the project's .gitignore file for this project, or, better for the future, update this project to use environment variables and dotenv (or similar).
This is both my first nodeJS and API project.
I got this message from Twilio:
We have detected that your Twilio API credentials have been compromised. It is urgent that you take immediate action to secure your account as this poses a security risk and could lead to unauthorized activity or excessive charges.
is there a different way to hide this besides creating a .env file?
I am on my work computer right now, and I don't want to mess with the environment here.
Thanks
Did you push the project to GitHub, including the config.js file? That would have caused the Twilio and GitHub monitoring systems to spot it and send you that email.
Hopefully you have already logged in and updated your auth token.
If you have hidden credentials like this before using
.env
files then the secret really is that.env
files are likely to appear in your.gitignore
file and never get committed to your repo. You can addconfig.js
to the project's.gitignore
file for this project, or, better for the future, update this project to use environment variables and dotenv (or similar).Let me know if I can help any further.
I'm not sure why you got that error... I didn't 🤔