README

genyaa/laravel-safe-config overrides Laravel's default config:cache command so selected environment variables are not being written as to file values into the cached config file.

Installation

You can install the package via composer:

composer require genyaa/laravel-safe-config

Create a safe-config.php file in the root of your Laravel project:

php artisan safe-config:install

If the file already exists and you want to replace it, use:

php artisan safe-config:install --force

This file should return a list of environment variable names that must remain secret after config caching:

return [
	'APP_KEY',
	'DB_PASSWORD',
	// ...
];

Usage

Once the package service provider is loaded, Laravel resolves config:cache through this package.

php artisan config:cache

Any environment variable listed in your root safe-config.php file will be emitted into the cached config file as a runtime getenv() lookup.

For example:

return [
	'APP_KEY',
	'DB_PASSWORD',
	// ...
];

During config:cache, the package automatically discovers which config values depend on each listed environment variable by probing fresh configuration snapshots. Those cached config values are then not permanently frozen at cache-build time. When the cache file is loaded, Laravel will read them through getenv(), and if getenv() returns false, the cache falls back to the value that existed when config:cache was run.

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Credits

License

The MIT License (MIT). Please see License File for more information.