This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2024-06-11
Channels
- # announcements (3)
- # beginners (68)
- # biff (4)
- # clerk (5)
- # clj-otel (10)
- # clojure (66)
- # clojure-austin (3)
- # clojure-berlin (3)
- # clojure-boston (5)
- # clojure-europe (25)
- # clojure-nl (36)
- # clojure-norway (78)
- # clojure-sweden (9)
- # clojure-uk (5)
- # clojurescript (6)
- # community-development (3)
- # conjure (3)
- # events (4)
- # fulcro (4)
- # gratitude (4)
- # hyperfiddle (22)
- # nrepl (7)
- # off-topic (20)
- # polylith (21)
- # reitit (2)
- # releases (1)
- # shadow-cljs (21)
- # specter (7)
- # tools-deps (3)
- # vim (18)
Is there an equivalent to .env and .env.local (like https://vitejs.dev/guide/env-and-mode) in shadow-cljs? I's like to have a local file, that is ignored by git to overwrite some basic configs (in git)?
you can use https://www.npmjs.com/package/dotenv-cli if you really need this
It is not the environment variables in particular... for example api access keys, you don't want to check these in. Something like --config-merge from a file that is ignored by version control.
You‘re probably right to not have an easy mechanism build in that cause people to put secrets where they do not belong. However have some configurations you can overwrite with a local file (not version controlled) often comes in handy. In that regard the api access key was a bad example and your‘re right that it is better to avoid them by any means in the build process because otherwise they most likely leak somehow.
I'm not against env vars in general. I'm against using env vars that turn into compile time constants. I think that is the wrong approach the handle them.
I'm not debating whether a .env.local file is useful. it absolutely is. just not to "insert" a build time constant.
e.g. if its a node targetted build you should access them as actual env vars AT RUNTIME. not build time. so just js/process.env.API_KEY
if its a browser targetted build IMHO the html should supply runtime config. and fwiw if its browser, then its public anyway so might as well be in the git repo
It’s currently targeting the browser so it has to be a bound at build time (closure define). The current approach/design (prototype for internal use only) is bad because the api key ends up in the deployed js files.
so, the way I handle this is putting things like API keys and other config params into the HTML
but all that being said .. if you like env vars and want to stick with them you can via dotenv-cli above
Thank you very much for your feedback. In guess I will use —config-merge for now until there is a proper back-end and client auth.
how do I import static files at build time? I remember there being a way to do this but can't seem to find the right keywords to google / search slack for