- Issue created by @dalin
- π³π±Netherlands heine
I see a third option; to document using overridden config.
- πΊπΈUnited States bluegeek9
The override option is documented.
https://www.drupal.org/docs/extending-drupal/contributed-modules/contrib... β
- Status changed to Needs review
4 months ago 7:13pm 29 August 2024 - π¨π¦Canada dalin Guelph, π¨π¦, π
That still feels a little bit hidden. In this MR I added a link in the field description.
I think secure should be the default. Unless you're an experienced Drupal developer, you're not likely to know about config overrides or the Key module. Using a
key_select
field as the default would be a good idea, IMHO.- Status changed to Closed: works as designed
3 months ago 7:16pm 16 September 2024 Additionally, there is centralized documentation for (not) storing authentication credentials in the configuration system β . "Baking" this methodology into Drupal Core in some way via more inline documentation or some other way is probably the best way forward rather than piecemeal in many contributed modules.
As an example the Symfony Framework has a secrets system, which although maybe not directly applicable to the Drupal configuration system use-case, shows that there are interesting ways to handle secrets.
After I wrote this a colleague pointed me to π± Add a secrets store to Drupal core Active .