+1 to make some noise.
It is really time consuming that any member of my team and I constantly have to re-enter the keys on all our computers for local development and on every dev, stage and prod environment after every single sync of the database.
+1 again, about time for this issue to be solved.
Just here for my regular biennial bump!
This topic was started in 2014 and I’ve been following it since at least 2016. Every few years there’s been some noise indicating this was being worked on, but here we are in nearly 2020 and it’s still not resolved.
Like many other developers I regularly deploy updates to development, staging and production environments for numerous sites with ACF Pro installed. Each time I run a database migration (via WP Migrate DB Pro) I have to manually reactivate ACF Pro. I have yet to encounter another premium plugin that behaves similarly.
@elliot, I love ACF and owe you a huge debt of gratitude for the time and effort you’ve saved me over the years! That said, this has been a pain point for a long time. Is there any possibility of this making it onto the roadmap for 2020?
+1 (again). @elliot, we chatted a few years ago, and you were interested in doing this and possibly spoke with others (Delicious Brains, Gravity maybe?) in how they do things. Can you at least give us an update whether this is going to happen?
We all love ACF Pro. We just lose countless hours due to this issue that we don’t have with any other pro plugin.
+1 can’t understand why this is marked as solved
+1 we need this!
+1 we need this!
Elliot indicated he continues to be interested in implementing this feature, but needs to do additional research. His primary concern is license keys ending up accidentally checked into public GitHub repositories, a valid concern.
He also said that once he’d made a decision on whether or not to implement this he’d reply directly on this topic.
wp-config.php already contains your database credentials, so I hope people aren’t checking that into public repos, but I guess you never know. ¯\_(ツ)_/¯
In my other (non-WP) applications, I use a .env file for sensitive info that doesn’t get checked into version control. I wish WP supported it natively, but here’s a quick tutorial on how to use it: https://m.dotdev.co/secure-your-wordpress-config-with-dotenv-d939fcb06e24
Easy enough if you control the server and can use Composer, otherwise probably not an option.
While it is probably possible that some wp-config files might go public, it is a risk that premium plugins like Gravity Forms, WP Migrate DB Pro and Admin Columns Pro are willing to take, and have been for quite a while.
Mine own eyes have seen wp-config.php (as well as other sensitive credentials and API keys) checked into public repositories, unfortunately. It would be great if WP supported .env files natively, it’s definitely the proper place for config values. Too bad it’s not an option, it would likely alleviate this concern for many developers.
I don’t see the wp-config concern as enough of a reason to prevent this given how many other plugins and values such as DB credentials are already following that pattern.
It would be great if WP supported .env files natively, it’s definitely the proper place for config values.
Agreed. Until that is part of core, using https://github.com/vlucas/phpdotenv isn’t that much overhead as an included composer package. The roots.io team has a good write-up of how they’ve incorporated into their repo structures, build pipelines, etc. But chances are if wp-config has been committed with values to git, adding a composer dependency may be beyond the same user base :/
You must be logged in to reply to this topic.
Welcome to the Advanced Custom Fields community forum.
Browse through ideas, snippets of code, questions and answers between fellow ACF users
Helping others is a great way to earn karma, gain badges and help ACF development!
© 2020 Advanced Custom Fields. Subscribe