mirror of
https://github.com/Chevron7Locked/kima-hub.git
synced 2026-06-19 07:37:17 +00:00
Your Name
ec40c235bb
Each CI run generates a fresh random password with openssl rand, writes it to GITHUB_ENV, and passes it to both create-e2e-user.sh and Playwright. The test user is ephemeral (container torn down after the run) but the password is now unique per run and never committed to source. Previously KimaE2ETest2026! was hardcoded as a fallback -- an admin account backdoor anyone with repo access could exploit on a production instance that had run the setup script.