docs: nudge users into using partially encrypted config files#1005
docs: nudge users into using partially encrypted config files#1005aduh95 merged 3 commits intonodejs:mainfrom
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #1005 +/- ##
==========================================
- Coverage 80.65% 80.58% -0.08%
==========================================
Files 39 39
Lines 4746 4754 +8
==========================================
+ Hits 3828 3831 +3
- Misses 918 923 +5 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
README.md
Outdated
|
|
||
| Note: you could use `ncu-config` to configure these variables, but it's not | ||
| recommended to leave your tokens in your command line history. | ||
| Note: Encryption is available only if you have `gpg` setup on your machine. If |
There was a problem hiding this comment.
I think we should just split it into two different instructions with the encryption one prioritized as "Recommended". It's going to catch people off guard to recommend -x first only to come back with a note saying they should setup gpg first - that sounds like a pre-requisite that should be mentioned before we suggest the -x flag (and also, what if you don't have gpg set up? The doc provides no suggestions, and it is not great to leave new contributors guessing what they should do in that case when they are new to all this and are just trying to set it up).
There was a problem hiding this comment.
I've added "With encryption"/"Without encryption" variants, PTAL
|
Ping @nodejs/node-core-utils for reviews |
3 participants
With #1004 landed, it probably makes little sense for users to encrypt their entire config file, and instead only encrypt tokens. This PR updates the doc to remove mention of full config file encryption, and present token encryption as the default / recommended way for storing them.