Skip to content

fix(docker): don't leak FA Pro token into build logs#149

Merged
NathanFlurry merged 1 commit into
mainfrom
fix-docker-token-leak
Jun 29, 2026
Merged

fix(docker): don't leak FA Pro token into build logs#149
NathanFlurry merged 1 commit into
mainfrom
fix-docker-token-leak

Conversation

@NathanFlurry

@NathanFlurry NathanFlurry commented Jun 29, 2026

Copy link
Copy Markdown
Member

Same as agentos: the website Dockerfile exported FONTAWESOME_PACKAGE_TOKEN in a RUN, printing the token into Railway build logs (and tripping BuildKit SecretsUsedInArgOrEnv). The ARG is already in the RUN env, so the icons generate reads it directly. Verified: Docker build passes (32 pages, image) with 0 token occurrences in the log.

🤖 Generated with Claude Code

@NathanFlurry @claude
fix(docker): don't leak FA Pro token into build logs
b26e5ff 
The ARG is already in the RUN environment, so the icons generate reads
FONTAWESOME_PACKAGE_TOKEN directly instead of exporting it (which printed the
token into Railway build logs). Build behaviour unchanged.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@railway-app railway-app Bot temporarily deployed to secure-exec / secure-exec-pr-149 June 29, 2026 05:10 Destroyed
@railway-app railway-app Bot temporarily deployed to rivet-frontend / secure-exec-pr-149 June 29, 2026 05:10 Destroyed
@NathanFlurry NathanFlurry merged commit 862387b into main Jun 29, 2026
2 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@NathanFlurry