Re: Is there way to include some sensitive credentials in builds?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Igor Raits wrote:
> I am packaging one nice GUI application (newsflash) that is working
> with API of some services like feedly. Those require some API key, but
> I think it is against their rules to have it included in the plain-text
> format in git. I am curious if there is a way how to get those passed
> during the build. The key can be passed as an environment variable on
> the user's system, but there is no way everybody will be getting their
> own keys and I think this is non-trivial process.

Unfortunately, this whole API key concept is inherently incompatible with 
the concept of Free Software.

The only thing that you can do is to get an API key for Fedora, ship it in 
dist-git no matter what the service's TOS say, and hope they won't ban the 
key. (Most services actually don't, because they know that their rules are 
not realistically enforcible to the letter for Free Software.) If they do 
ban the key, there is not much we can do unfortunately.

        Kevin Kofler
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux