frank/msitarzewski--agency-agents
1
0
Fork 0
mirror of https://github.com/msitarzewski/agency-agents/ synced 2026-06-09 10:13:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: scrub hardcoded test credentials (#477)

Browse Source 
Replace literal passwords in two testing-agent code samples with
environment-variable reads — the secure, idiomatic pattern for each
framework rather than a placeholder string:
- testing-api-tester.md: 'secure_password' -> process.env.TEST_USER_PASSWORD
- testing-performance-benchmarker.md: 'password123' -> __ENV.TEST_USER_PASSWORD (k6)

Removes the weak-credential examples flagged in #477 and models good
secrets hygiene for anyone copying these snippets.

Closes #477

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Michael Sitarzewski
2026-06-06 17:34:04 -05:00
parent f8d94c72c4
commit 77b723ecc5
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
testing/testing-api-tester.md
+1 -1
View File
@@ -74,7 +74,7 @@ describe('User API Comprehensive Testing', () => {
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
email: 'test@example.com',
password: 'secure_password'
password: process.env.TEST_USER_PASSWORD
})
});
const data = await response.json();
testing/testing-performance-benchmarker.md
+1 -1
View File
@@ -90,7 +90,7 @@ export default function () {
// Test critical user journey
const loginResponse = http.post(`${baseUrl}/api/auth/login`, {
email: 'test@example.com',
password: 'password123'
password: __ENV.TEST_USER_PASSWORD
});
check(loginResponse, {