A file named "secret_token.rb" looks to me like "ruby code to operate on secret ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

JulianMorrison on Dec 26, 2012 | parent | context | favorite | on: Reminder: secret_token.rb is named so for a reason

A file named "secret_token.rb" looks to me like "ruby code to operate on secret tokens", just like a file called "sha256.rb" would be expected to compute hashes, not contain them.

Should have been called "secret_token.yml". Should live in the config, or even better, a "secret_config" top level directory, not a subdirectory.

jrochkind1 on Dec 27, 2012 [–]

yeah, that might be an improvement, that perhaps should be considered since it's clearly a developer usability problem.

But I think it's not unreasonable to have expected it was clear that ./config/initializers/secret_token.rb was a file to initialize a secret token, that included a secret token in it.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact