alt Hacker News100% this. The idea that Codex should enforce this is putting the security boundary at the wrong layer. If you don’t want codes to access something, make it so it doesn’t have access.
Replies
MattDamonSpace • today at 2:07 PM
Not sure I agree?
It’s not like gitignore should be independent from git
➕ show 3 replies
londons_explore • today at 1:58 PM
I could imagine perhaps some system which rather than denying access might instead replace the key material from your .env key with "** redacted. This key material can be used via make, but can never be exfoltrated directly **" whenever that key is seen heading out towards the network...
➕ show 2 replies
jgalt212 • today at 2:15 PM
I'm a fan of belt and suspenders.
The Codex bug tracker is a great insight into how wide the knowledge gap seem to be between users. The issue where people ask them to add back /undo or whatever it is instead of just learning to use git, probably reached 100 comments at least by now. People seemingly don't really understand the computers they use on a daily basis, and refuse to learn too.