I have a file with sensitive information that is used to authenticate requests to AWS. Is it possible to compile my code with the file included, but make it hidden to everyone else?
You cannot, many were annoyed when replit removed this; in short, you cannot in console apps. If you want to make a secret, you can use the secrets tab that can be accessed but not viewed by any user
Thanks for letting me know
Some repls, like those using the HTML, CSS and JS template, will not have the secrets tabs that @bigminiboss mentioned.
So for those repls, the only way to âhideâ files is putting your file in the .config folder as a config file. It wonât show up if âShow hidden filesâ is turned off (but most people wonât care about config files so itâs about just as good as secrets files :))
try to obfuscate maybe?
Welcome to the replit ask forums!!
Obfuscation is a good thought, but with deobfuscators around it may not guarantee the protection.
You can use secrets
as mentioned above; if youâre using authentication on frontend, itâs already a bad idea. You should make a backend for authentication and most of them already support secrets
so there shouldnât be any problem using it.
If youâre not working on a website and/or are on a template which doesnât support secrets
, either find a workaround with templates that do support secrets
or if you donât intend to publish the repl than you can make your repl private using cycles
. Otherwise you mustânt use it, for your own safety.
You can learn more about secret variables
here.
And no, trust me relying on .config
for hiding important information is a bad idea, donât do it.
The way the .config
file is hidden is by adding it to the list of hidden files in the hidden
list in the .replit
file (which is automatically done on all of Replitâs templates). You can add other files to this list to hide them in the same way.
.replit
:
# ...
hidden = [".config", "some text file.txt", "some folder", "another folder/another file.txt"]
# ...
yea, that is a really bad idea. you could use databases like supabase and store your file there with authentication.
Simply create your own obfuscation method that is still executable; Iâve seen people create the most hideous random obfuscation methods that arenât even executable.
Python Flask repls have a secrets tab, and can be used for websites. Flask is a way for Python to host and interact with HTML sites, which can use CSS and JS.
I believe that only hides them in the workspace editor.
It does on the cover page too (at least sometimes, it doesnât always seem to be very consistent), but you can just click show hidden files.
No. There is not exactly a way. But you can use secrets or encode some text.
Just obfuscate, as Iâve said between two and three times; you could, however, develop your own obfuscation technique because, if you employ a well-known obf, thereâs a significant possibility that a deobfuscator already exists for that obf method choice.