Existing documentation URL(s)
https://developers.cloudflare.com/workers/platform/deploy-buttons/
https://developers.cloudflare.com/workers/configuration/secrets/
What changes are you suggesting?
Request
The Deploy to Cloudflare button documentation should state clearly, near the top, that every uncommented entry in .dev.vars.example is prompted as a required secret and deployed to production, and that template authors should therefore treat that file as an installer prompt rather than a local-dev scratchpad.
Why
.dev.vars.example is conventionally an inert template: nothing reads it directly. Developers copy it to a gitignored .dev.vars and edit the copy. Authors therefore pre-fill it with dev-friendly suggestions (bypass flags, localhost URLs, placeholder keys) expecting a human review-and-edit step between the template and anything that executes. The deploy button removes that step: it promotes the template's values straight into live production secrets. That has caused real misconfigurations, including a shipped auth bypass (DEV_BYPASS_ACCESS=true deployed to production) and localhost URLs baked into deployed apps. Writeup: https://daniel-yang.com/writing/cloudflare-deploy-button-disabled-auth/
Suggested wording (docs snippet)
Heads up: the Deploy button prompts for every uncommented line in your .dev.vars.example and stores each as a Worker secret. Treat this file as your app's setup prompt: keep only the variables a first deploy genuinely needs uncommented, comment out local-dev conveniences and optional integrations, and never include values (like auth-bypass flags or localhost URLs) that would be unsafe in production.
Related
Companion to the feature request for an optional-secrets mechanism in cloudflare/workers-sdk: cloudflare/workers-sdk#14639. Even without that feature, this warning prevents the next occurrence.
Additional information
No response
Existing documentation URL(s)
https://developers.cloudflare.com/workers/platform/deploy-buttons/
https://developers.cloudflare.com/workers/configuration/secrets/
What changes are you suggesting?
Request
The Deploy to Cloudflare button documentation should state clearly, near the top, that every uncommented entry in
.dev.vars.exampleis prompted as a required secret and deployed to production, and that template authors should therefore treat that file as an installer prompt rather than a local-dev scratchpad.Why
.dev.vars.exampleis conventionally an inert template: nothing reads it directly. Developers copy it to a gitignored.dev.varsand edit the copy. Authors therefore pre-fill it with dev-friendly suggestions (bypass flags, localhost URLs, placeholder keys) expecting a human review-and-edit step between the template and anything that executes. The deploy button removes that step: it promotes the template's values straight into live production secrets. That has caused real misconfigurations, including a shipped auth bypass (DEV_BYPASS_ACCESS=truedeployed to production) and localhost URLs baked into deployed apps. Writeup: https://daniel-yang.com/writing/cloudflare-deploy-button-disabled-auth/Suggested wording (docs snippet)
Related
Companion to the feature request for an optional-secrets mechanism in cloudflare/workers-sdk: cloudflare/workers-sdk#14639. Even without that feature, this warning prevents the next occurrence.
Additional information
No response