Y
Hacker News
new
|
ask
|
show
|
jobs
by
shoeffner
384 days ago
I use pass to manage such things separately. This allows to script around hard-coded secrets:
export MY_TOKEN="$(pass token | head -n 1)"
1 comments
lillecarl
383 days ago
I take care to wrap my commands in functions that export only for that scope. If you have exported variables in your bashrc it'll be shared with everything you spawn through your shell, including evil NPM packages.
link