Skip to content

πŸ”΄ CRITICAL: Live Stripe secret key (sk_live) exposed in examples/.env.basicΒ #140

Description

@muhamedfazalps

🚨 Exposed Credentials Found

The file examples/.env.basic in this repository contains a live Stripe secret key that should never be committed to Git.

What was found:

  • Stripe LIVE secret key (sk_live_...) β€” Can be used to make charges, refunds, and access payment data
  • This is a LIVE key, not a test key

Why this is dangerous:

Anyone with this Stripe live key can process payments, issue refunds, and access sensitive payment information on your Stripe account.

Recommended actions:

  1. IMMEDIATELY revoke this key from the Stripe Dashboard
  2. Remove the file from Git history using git filter-branch
  3. Add *.env* to your .gitignore
  4. Never commit API keys to Git

β˜• https://buymeacoffee.com/vibecode

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions