I am working on a python program that runs as an svn post-commit hook.

Question

0

Asked: May 22, 20262026-05-22T00:59:55+00:00 2026-05-22T00:59:55+00:00

I am working on a python program that runs as an svn post-commit hook.

0

I am working on a python program that runs as an svn post-commit hook. It posts your commit message to Twitter.

It works great, but I just realized something. My CONSUMER_SECRET and CONSUMER_KEY are right there in the source code. That’s probably a bad thing.

I’m new to python, and I was actually just converting someone else’s program to oAuth from basic HTTP auth. I am using tweepy to post to twitter.

So, how can I securely save my consumer oAuth keys so that people cannot view them?

EDIT: Is it possible to save my keys somewhere where my app can read them, but users can’t? I want everyone using this hook to be using my app, so on their tweets it says “via MyApp”.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-22T00:59:56+00:00

Editorial Team

2026-05-22T00:59:56+00:00Added an answer on May 22, 2026 at 12:59 am

Keep such things in a settings file that you do not commit to your versioning system or code repository in any way. Rather provide a template for the file with documentation on how to populate it with the needed settings (such as their application credentials).

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am working on a python program that runs as an svn post-commit hook.

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply