Klagarge/MSE-CyberSec-DevSecOps
1
0
Fork 0
Code Issues Pull Requests Releases Activity

chore: answer to questions [no ci]

Browse Source
This commit is contained in:
Alec.Schmidt
2025-03-18 10:30:19 +01:00
parent df1db2fd97
commit 9c496e73bb
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/questions-part1.md
View File

@@ -11,3 +11,7 @@
## Q1.2 ## Q1.2
- It's a very bad practice. The secret key will be exposed in the codebase and can be easily accessed by anyone who has access to the codebase. This can lead to security vulnerabilities and compromise the integrity of the application. - It's a very bad practice. The secret key will be exposed in the codebase and can be easily accessed by anyone who has access to the codebase. This can lead to security vulnerabilities and compromise the integrity of the application.
- To fix this, you can use environment variables to store the secret key. - To fix this, you can use environment variables to store the secret key.
## Q1.3
- A linter is a tool to statically analyse code for readability and improving code quality. It is usually executed from a standalone tool.
- It is used to check for errors, vulns, code smells or general issues but also to enforce a coding style over the whole project.