Summary
backend/db_utils.py has database credentials (host, user, password, port) hardcoded as default values in the DB_CONFIG dict. These should be read exclusively from environment variables, with no fallback defaults.
What to do
-
Rotate the DB password in Supabase — the current password has been stored in cleartext in the repo history for months. Even after removing it from code, it remains in git history. Change it in Supabase first, then update:
- Your local
.env
- GitHub Actions secrets (
DB_PASSWORD)
- Any production environment variables (Render, etc.)
-
Remove the hardcoded defaults from db_utils.py:
# Before (insecure)
DB_CONFIG = {
'host': os.environ.get('DB_HOST', 'aws-1-us-east-2.pooler.supabase.com'),
'password': os.environ.get('DB_PASSWORD', 'jovpeW-pukgu0-nifron'),
...
}
# After (secure)
DB_CONFIG = {
'host': os.environ['DB_HOST'],
'password': os.environ['DB_PASSWORD'],
...
}
-
Verify that all environments (local dev, GitHub Actions, production) have the variables set before deploying.
Why
Hardcoded credentials in source code are a security risk. Even in a private repo, credentials in git history are effectively permanent.
Summary
backend/db_utils.pyhas database credentials (host, user, password, port) hardcoded as default values in theDB_CONFIGdict. These should be read exclusively from environment variables, with no fallback defaults.What to do
Rotate the DB password in Supabase — the current password has been stored in cleartext in the repo history for months. Even after removing it from code, it remains in git history. Change it in Supabase first, then update:
.envDB_PASSWORD)Remove the hardcoded defaults from
db_utils.py:Verify that all environments (local dev, GitHub Actions, production) have the variables set before deploying.
Why
Hardcoded credentials in source code are a security risk. Even in a private repo, credentials in git history are effectively permanent.