706
Trump team leaks AI plans in public GitHub repository
(www.theregister.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 16 Jun 2025
706 points (100.0% liked)
Technology
71623 readers
3216 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
DB_PASS="postgres" 😬😬😬
I mean it is called ".env_example" afterall... Probably a env file to use for testing, no?
I'm really shocked by the confidence people have here with clearly zero knowledge.
".env_example" is literally just the example/template which is only updated if new "config" items are needed and it doesn't contain actual secrets.
Developers copy ".env"/prod and ".env_local" files, which are used for the specific environments. These are in .gitignore so that they're not accidentally pushed to .git.
For production the ".env" is generated during deployment from secrets in a locked up environment. (I mean they COULD fuck this up, but there's no evidence of this AFAIK)
The example postgres password is simply a "hello world" type password that is often used when running a local docker image of the DB so you can get a full dev environment running in a couple minutes, as mentioned in the readme.md: https://github.com/gsa-tts-archived/ai-gov-api
It's not even a testing environment, it's a temporary local/dev DB just so you can test your code.
I am NOT defending this project, but holy shit this thread is full of misinformation and I had to correct this.
so, uh... can you ELI5 this for those of us that don't know anything?
The type of database they are using is called "postgres", which is also it's password.
I will assume this is just the password they use in development. But they should probably be using pglite.
Postgres, SQLite, etc are tools for database management, things like user data, application data and so on are collected here.
Edit: the
DB_PASS=“postgres”is the default password when setting up a Postgres database.Take Reddit’s Karma system or Upvotes/Downvotes for example, they’re stored in a database and however Reddit wants to utilize that data Postgres makes it easy to call upon it.
I’m sure others can give more detailed responses, I’m typing this out in a rush.
The person you replied to doesn't know what they're talking about. It's just an example password used for running a local empty DB for development and has nothing to do with production or even test databases.
You can see this in the readme: https://archive.softwareheritage.org/browse/origin/directory/?origin_url=https%3A%2F%2Fgithub.com%2Fgsa-tts-archived%2Fai-gov-api
See my longer previous comment if you want to know more. And again, not defending this project, but this whole comment chain was just misinformation.
It’s like having your password set to “password”
Is this real lmao
Unfortunately no, it seems. Somebody at least had the bare minimum sense to let GitHub generate the .gitignore for them, which includes most common environment files. https://github.com/gsa-tts-archived/ai.gov/blob/main/.gitignore
It's from another repo and literally just an example env for an empty local docker DB: https://archive.softwareheritage.org/browse/origin/directory/?origin_url=https%3A%2F%2Fgithub.com%2Fgsa-tts-archived%2Fai-gov-api