From 0bf18ba50feb8ba574403aac51e587ae09f6e1cb Mon Sep 17 00:00:00 2001
From: Paul Payne <paul@payne.io>
Date: Wed, 23 Jul 2025 07:47:06 -0700
Subject: [PATCH] Replace dummy secret generation with random secret for
 improved security

---
 bin/wild-app-add | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/bin/wild-app-add b/bin/wild-app-add
index f0c13d8..8dd4eb4 100755
--- a/bin/wild-app-add
+++ b/bin/wild-app-add
@@ -193,10 +193,9 @@ if yq eval '.requiredSecrets' "${DEST_APP_DIR}/manifest.yaml" | grep -q -v '^nul
         current_value=$(yq eval ".${secret_path} // \"null\"" "${SECRETS_FILE}")
         
         if [ "${current_value}" = "null" ]; then
-            echo "Adding dummy secret: ${secret_path}"
-            # Extract just the key name for the dummy value
-            secret_key=$(basename "${secret_path}")
-            yq eval ".${secret_path} = \"CHANGE_ME_${secret_key^^}\"" -i "${SECRETS_FILE}"
+            echo "Adding random secret: ${secret_path}"
+            random_secret=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 6)
+            yq eval ".${secret_path} = \"${random_secret}\"" -i "${SECRETS_FILE}"
         fi
     done