From b0db70a24cad7ba963e904d2433144f90710964e Mon Sep 17 00:00:00 2001
From: Gandalf <gandalf@storm.pl>
Date: Tue, 23 Dec 2025 11:56:54 +0100
Subject: [PATCH] fix: Replace dummy plausible secrets with clear placeholders

The RocketChat config fallback values looked like real credentials,
triggering false positives from security scanners. Replace with
obviously-invalid placeholders matching the style used in .env.testing.
---
 packages/ui/config/site.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/ui/config/site.ts b/packages/ui/config/site.ts
index 358f2345a..8d5f9e7ac 100644
--- a/packages/ui/config/site.ts
+++ b/packages/ui/config/site.ts
@@ -50,8 +50,8 @@ export const siteConfig = {
   openhiveChatAllowNonStrictLogin: env('OPENHIVE_CHAT_ALLOW_NON_STRICT_LOGIN')
     && env('OPENHIVE_CHAT_ALLOW_NON_STRICT_LOGIN') === 'yes' ? true : false,
   openhiveChatIframeCreateUsers: process.env[`${SERVER_VAR_PREFIX}OPENHIVE_CHAT_IFRAME_CREATE_USERS`] || 'no',
-  openhiveChatAdminUserId: process.env[`${SERVER_VAR_PREFIX}OPENHIVE_CHAT_ADMIN_USER_ID`] || 'DaMHvraiQbNBxi7W5',
-  openhiveChatAdminUserToken: process.env[`${SERVER_VAR_PREFIX}OPENHIVE_CHAT_ADMIN_USER_TOKEN`] || 'VZhTOE20q3Xe9xTgA9QqjbQAYxYEhAfkUZpAm7xrQgd',
+  openhiveChatAdminUserId: process.env[`${SERVER_VAR_PREFIX}OPENHIVE_CHAT_ADMIN_USER_ID`] || 'your-admin-user-id',
+  openhiveChatAdminUserToken: process.env[`${SERVER_VAR_PREFIX}OPENHIVE_CHAT_ADMIN_USER_TOKEN`] || 'your-admin-user-token',
 };
 
 export type SiteConfig = typeof siteConfig;
-- 
GitLab