From 0ac7f340be7fb8aba8427b318d62ed9bce189653 Mon Sep 17 00:00:00 2001
From: Luke Towers <luke@luketowers.ca>
Date: Fri, 6 Apr 2018 01:18:07 -0600
Subject: [PATCH] Remove sensitive data from the tracked config files after
 running october:env

---
 modules/system/console/OctoberEnv.php | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/modules/system/console/OctoberEnv.php b/modules/system/console/OctoberEnv.php
index 9848fdc27..de8a50390 100644
--- a/modules/system/console/OctoberEnv.php
+++ b/modules/system/console/OctoberEnv.php
@@ -24,6 +24,18 @@ class OctoberEnv extends Command
      */
     protected $description = 'Creates .env file with default configuration values.';
 
+    /**
+     * @var array The env keys that need to have their original values removed from the config files
+     */
+    protected $protectedKeys = [
+        'APP_KEY',
+        'DB_USERNAME',
+        'DB_PASSWORD',
+        'MAIL_USERNAME',
+        'MAIL_PASSWORD',
+        'REDIS_PASSWORD',
+    ];
+
     /**
      * The current config cursor.
      */
@@ -184,6 +196,11 @@ class OctoberEnv extends Command
 
             $this->saveEnvSettings($envKey, $value);
 
+            // Remove protected values from the config files
+            if (in_array($envKey, $this->protectedKeys) && !empty($value)) {
+                $value = "''";
+            }
+
             return $this->isEnv($matches[0]) ? $matches[0] : "'$configKey' => env('$envKey', {$value}),";
         };
     }