JSON Credentials Should be Hidden

s.azn · November 25, 2022, 12:54am

JSON Credential files should be able to be hidden on replit. My python program cannot work without there being two json files with sensitive information within the directory of the main python program. However, unfortunately replit does not allow us to hide these files containing extremely sensitive information and therefore the program cannot safely be used on the replit platform. Please add some way for us to use JSON credential files and keep them private. I do not care if main.py or anything else is public, but the 2 JSON credential files containing sensitive information shouldn’t be open on display to anyone viewing the replit.

I have tried inserting the JSON data inside an env variable but it just throws an error because the API expects the name/path of the JSON files. I now have to look for a replit alternative to run my program safely.

not-ethan · November 25, 2022, 12:57am

You can make an object and assign the different values of different keys to all the different secrets. Unfortunately you can just make it automatically work without any code changes.

LuisAFK · December 3, 2022, 9:57am

In the .replit file you have an option to hide files, but they’re still visible if someone clicks on “Show hidden files”, but I just thought I’d mention it

UMARismyname · December 3, 2022, 1:34pm

path of the JSON files

So, store the JSON data in an env, then store it in a memory file in the code

require("fs").writeFileSync("/dev/shm/S.json", process.env.SECRET_KEY_HERE)

Then, pass /dev/shm/S.json as the path