Elgato_dark/angular
1
0
Fork 0
mirror of https://github.com/angular/angular synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

docs: warn against storing secrets in environment files

Browse source 
Add a CRITICAL callout warning that files in `src/environments/`
ship to the client and should not hold secrets like API keys.
This commit is contained in:
Kam 2026-04-20 22:29:17 +03:00 committed by Leon Senft
parent c04c0b977a
commit d27e2c24e1
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
adev/src/content/tools/cli/environments.md
View file

@ -99,6 +99,8 @@ export const environment = {
};
```
CRITICAL: Files in `src/environments/` are bundled into your client-side application and visible to anyone who loads the page. Never store secrets such as API keys here. Use a server-side proxy or a secrets manager instead.
You can add target-specific configuration files, such as `environment.development.ts`.
The following content sets default values for the development build target: