Another thing we do that isn't perfectly secure is store oauth tokens in localStorage
The reasons to not use environment variables weren't super compelling. I'm coding ground-up support for envvars in Ditto, because it caused nostr:npub1ycnhgr56efxcpvhu7q0er9gqjqttpwhgqgjfgjaj7gpfea5g6xhq4zgshs a lot of pain trying to deploy Rebased in k8s as-is.
Discussion
nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 nostr:npub1ycnhgr56efxcpvhu7q0er9gqjqttpwhgqgjfgjaj7gpfea5g6xhq4zgshs I’m on my phone and don’t have access to disgust.gif, but rest assured if I was at my desktop that’s what you’d be seeing.