Secrets and Type Safety
Handle sensitive values without leaking them into types.
Secrets Deserve Special Care
API keys, passwords, and tokens are config too, but leaking them in logs or error messages is dangerous. Type safety can help keep secret values from being accidentally exposed.
The Accidental Logging Problem
A plain string secret can be logged anywhere by accident, for example via console.log(config) or an error dump that serializes the whole config object.
const config = { dbPassword: "hunter2" };
console.log(config); // leaks the passwordAll lessons in this course
- Typing Environment Variables
- Schema-Validated Config
- Config Layering and Defaults
- Secrets and Type Safety