1 00:00:02,000 --> 00:00:04,000 Now before We explore the expert option 2 00:00:04,000 --> 00:00:08,000 there is something I wanna talk about and highlight 3 00:00:08,000 --> 00:00:12,000 and that is our config file with the environment variables. 4 00:00:12,000 --> 00:00:14,000 We are using that file 5 00:00:14,000 --> 00:00:18,000 for our development and production environment variables. 6 00:00:18,000 --> 00:00:22,000 Now this file is part of our GitHub repository. 7 00:00:22,000 --> 00:00:23,000 Here it is. 8 00:00:23,000 --> 00:00:25,000 And it needs to be so that Versal 9 00:00:25,000 --> 00:00:29,000 is able to read that file after deployment. 10 00:00:29,000 --> 00:00:32,000 The problem with that could be, though, 11 00:00:32,000 --> 00:00:35,000 that this file can be read 12 00:00:35,000 --> 00:00:38,000 by anyone who has access to your repository. 13 00:00:38,000 --> 00:00:41,000 Now, here it's a private repository, 14 00:00:41,000 --> 00:00:42,000 but if you are working in a team 15 00:00:42,000 --> 00:00:47,000 that could still mean that our team members can view it 16 00:00:47,000 --> 00:00:50,000 and this might or might not be a problem. 17 00:00:50,000 --> 00:00:53,000 I just want to make you aware of that. 18 00:00:53,000 --> 00:00:54,000 You should make sure 19 00:00:54,000 --> 00:00:57,000 that you only include this conflict file 20 00:00:57,000 --> 00:00:59,000 in your GitHub repository 21 00:00:59,000 --> 00:01:03,000 if you can rule out that unauthorized personnel 22 00:01:03,000 --> 00:01:07,000 or unauthorized people are able to view that file. 23 00:01:07,000 --> 00:01:10,000 If you can't rule out that that's the case, 24 00:01:10,000 --> 00:01:14,000 you should not include this conflict file here, 25 00:01:14,000 --> 00:01:16,000 and instead, for production, 26 00:01:16,000 --> 00:01:19,000 you should set environment variables 27 00:01:19,000 --> 00:01:24,000 through that environment variables feature Versal offers. 28 00:01:24,000 --> 00:01:27,000 And all hosting providers offer 29 00:01:27,000 --> 00:01:31,000 a built-in environment variables support. 30 00:01:31,000 --> 00:01:34,000 So you wanna use that instead of using the conflict file 31 00:01:34,000 --> 00:01:36,000 for environment variables, 32 00:01:36,000 --> 00:01:38,000 if that file could be read 33 00:01:38,000 --> 00:01:41,000 by people that should not have access 34 00:01:41,000 --> 00:01:43,000 to the data in the file. 35 00:01:43,000 --> 00:01:45,000 Here, for this use case it's okay. 36 00:01:45,000 --> 00:01:49,000 It's my private repository, but still we wanna rule out 37 00:01:49,000 --> 00:01:51,000 that we run into problems here 38 00:01:51,000 --> 00:01:52,000 and hence you should be aware 39 00:01:52,000 --> 00:01:55,000 of this potential security issue.