Created
January 10, 2026 23:01
-
-
Save davidystephenson/7da64c20dca4f31c612791823ece124a to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Issues | |
| ## Serious Security Concern | |
| 1. Private variables are exposed in .env.example | |
| 1. MONDGODB_URI (db password) | |
| 2. JWT_SECRET | |
| 3. AWS_SECRET_ACCESS_KEY_ID | |
| 4. STRIPE_SECRET_KEY / STRIPE_WEBHOOK_SECRET | |
| 5. SENDGRID_API_KEY | |
| 6. SUPER_ADMIN_PASSWORD | |
| ## Long Term Concerns | |
| 1. Overtooling/Overengineering: some tools are more complicated than necessary | |
| 1. AWS (Render/Raleway) | |
| 2. Docker (NPM) | |
| 3. NestJS (Express/NextJS) | |
| 4. Redis (MongoDB) | |
| 2. Abandoned/deprecated/outdated | |
| 1. Create React App aka CRA [SEO] | |
| 1. Vite: easy switch, but still no SEO | |
| 2. NextJS: moderately difficult switch, but then SEO will work |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment