so, uh… can you ELI5 this for those of us that don’t know anything?
Comment on Trump team leaks AI plans in public GitHub repository
titey@jlai.lu 10 months ago
DB_PASS=“postgres” 😬😬😬
Crozekiel@lemmy.zip 10 months ago
forgeddit@sopuli.xyz 10 months ago
The person you replied to doesn’t know what they’re talking about. It’s just an example password used for running a local empty DB for development and has nothing to do with production or even test databases.
You can see this in the readme: archive.softwareheritage.org/browse/…/directory/?…
See my longer previous comment if you want to know more. And again, not defending this project, but this whole comment chain was just misinformation.
lepinkainen@lemmy.world 10 months ago
It’s like having your password set to “password”
crookfingerjake@lemmy.world 10 months ago
The type of database they are using is called “postgres”, which is also it’s password.
SocialMediaRefugee@lemmy.world 10 months ago
They should’ve used “1234”
faythofdragons@slrpnk.net 10 months ago
That’s the combo on my luggage!
joyjoy@lemmy.zip 10 months ago
I will assume this is just the password they use in development. But they should probably be using pglite.
ohshit604@sh.itjust.works 10 months ago
Postgres, SQLite, etc are tools for database management, things like user data, application data and so on are collected here.
Take Reddit’s Karma system or Upvotes/Downvotes for example, they’re stored in a database and however Reddit wants to utilize that data Postgres makes it easy to call upon it.
I’m sure others can give more detailed responses.
theherk@lemmy.world 10 months ago
Interesting that you chose Reddit as an example. They have a fascinating origin story with respect to data mart. Early Reddit had just two tables: Thing and Data, where Thing was metadata about types and Data was a three column table with: type, id, and value.
Wrap your head around that. All of Reddit, two tables. A database couldn’t be less normalized (final boss of normal forms) and they did it in an rdb. So horrific it’s actually kind of cool.
ohshit604@sh.itjust.works 10 months ago
Interesting that you chose Reddit as an example.
I was in a rush! Honestly it was the quickest thing I could come up with on the spot, plus database tools are something I lack a lot of knowledge about so I really couldn’t go in depth even if I wanted to.
Appreciate the history behind Reddit’s database!
Jakeroxs@sh.itjust.works 10 months ago
Is this real lmao
ArtVandelay@lemmy.world 10 months ago
Unfortunately no, it seems. Somebody at least had the bare minimum sense to let GitHub generate the .gitignore for them, which includes most common environment files. github.com/gsa-tts-archived/ai.gov/…/.gitignore
forgeddit@sopuli.xyz 10 months ago
It’s from another repo and literally just an example env for an empty local docker DB: archive.softwareheritage.org/browse/…/directory/?…
Nobilmantis@feddit.it 10 months ago
I mean it is called “.env_example” afterall… Probably a env file to use for testing, no?
forgeddit@sopuli.xyz 10 months ago
I’m really shocked by the confidence people have here with clearly zero knowledge.
“.env_example” is literally just the example/template which is only updated if new “config” items are needed and it doesn’t contain actual secrets.
Developers copy “.env”/prod and “.env_local” files, which are used for the specific environments. These are in .gitignore so that they’re not accidentally pushed to .git.
For production the “.env” is generated during deployment from secrets in a locked up environment. (I mean they COULD fuck this up, but there’s no evidence of this AFAIK)
The example postgres password is simply a “hello world” type password that is often used when running a local docker image of the DB so you can get a full dev environment running in a couple minutes, as mentioned in the readme.md: github.com/gsa-tts-archived/ai-gov-api
It’s not even a testing environment, it’s a temporary local/dev DB just so you can test your code.
I am NOT defending this project, but holy shit this thread is full of misinformation and I had to correct this.