Node.js: What you might be tempted to do

This documentation is part of the Managing secrets guide. You can view the complete guide here: How to manage secrets with Node.js.

👋 Welcome to the Stackhero documentation!

Stackhero offers a ready-to-use Node.js cloud solution that provides a host of benefits, including:

  • Deploy your application in seconds with a simple git push.
  • Use your own domain name and benefit from the automatic configuration of HTTPS certificates for enhanced security.
  • Enjoy peace of mind with automatic backups, one-click updates, and straightforward, transparent, and predictable pricing.
  • Get optimal performance and robust security thanks to a private and dedicated VM.

Save time and simplify your life: it only takes 5 minutes to try Stackhero's Node.js cloud hosting solution!

Initially, you might consider writing your credentials directly in your code, like this:

// Connecting to a PostgreSQL database
const pg = new Client({
  host: '<XXXXXX>.stackhero-network.com',
  user: 'admin',
  password: 'myPassword',
  database: 'admin'
});

However, this method is not secure. Your secrets could end up in your Git repository, making them accessible to anyone with access to the code. Even if you believe you are the only one with access, it is a bit like leaving a Post-it note with your passwords on your monitor and hoping nobody notices. This can eventually lead to serious security issues.

Moreover, hard-coding your secrets makes it more difficult to manage different environments, such as development and production.