I have a file with sensitive information that is used to authenticate requests to AWS. Is it possible to compile my code with the file included, but make it hidden to everyone else?
You cannot, many were annoyed when replit removed this; in short, you cannot in console apps. If you want to make a secret, you can use the secrets tab that can be accessed but not viewed by any user
Thanks for letting me know
Some repls, like those using the HTML, CSS and JS template, will not have the secrets tabs that @bigminiboss mentioned.
So for those repls, the only way to ‘hide’ files is putting your file in the .config folder as a config file. It won’t show up if “Show hidden files” is turned off (but most people won’t care about config files so it’s about just as good as secrets files :))
try to obfuscate maybe?
Welcome to the replit ask forums!!
Obfuscation is a good thought, but with deobfuscators around it may not guarantee the protection.
You can use
secrets as mentioned above; if you’re using authentication on frontend, it’s already a bad idea. You should make a backend for authentication and most of them already support
secrets so there shouldn’t be any problem using it.
If you’re not working on a website and/or are on a template which doesn’t support
secrets, either find a workaround with templates that do support
secrets or if you don’t intend to publish the repl than you can make your repl private using
cycles. Otherwise you must’nt use it, for your own safety.
You can learn more about
secret variables here.
And no, trust me relying on
.configfor hiding important information is a bad idea, don’t do it.
The way the
.config file is hidden is by adding it to the list of hidden files in the
hidden list in the
.replit file (which is automatically done on all of Replit’s templates). You can add other files to this list to hide them in the same way.
# ... hidden = [".config", "some text file.txt", "some folder", "another folder/another file.txt"] # ...
yea, that is a really bad idea. you could use databases like supabase and store your file there with authentication.
Simply create your own obfuscation method that is still executable; I’ve seen people create the most hideous random obfuscation methods that aren’t even executable.
Python Flask repls have a secrets tab, and can be used for websites. Flask is a way for Python to host and interact with HTML sites, which can use CSS and JS.
I believe that only hides them in the workspace editor.
It does on the cover page too (at least sometimes, it doesn’t always seem to be very consistent), but you can just click show hidden files.
No. There is not exactly a way. But you can use secrets or encode some text.
Just obfuscate, as I’ve said between two and three times; you could, however, develop your own obfuscation technique because, if you employ a well-known obf, there’s a significant possibility that a deobfuscator already exists for that obf method choice.