From 7c8b0e3d32ee6f33d1568d9278f0cb053224edc8 Mon Sep 17 00:00:00 2001
From: Thaddee Tyl <thaddee.tyl@gmail.com>
Date: Sun, 5 Feb 2017 15:59:34 +0100
Subject: [PATCH] Contain all private files in private/

---
 .gitignore         | 3 +--
 INSTALL.md         | 7 +++----
 Makefile           | 6 +++---
 lib/github-auth.js | 4 ++--
 package.json       | 2 +-
 server.js          | 6 ++++--
 suggest.js         | 6 ++++--
 7 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0b5b1415c1534..5f3d3757f9723 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,8 +4,7 @@
 /coverage.html
 /redis
 /ServerScript
-/secret.json
-/.github-user-tokens.json
+/private
 
 # Installed npm modules
 node_modules
diff --git a/INSTALL.md b/INSTALL.md
index 792f1eae1e643..d15d04a1ce87f 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -137,7 +137,7 @@ Successfully built 4471b442c220
 Then run the container:
 
 ```console
-$ docker run --rm -p 8080:80 -v "$(pwd)/secret.json":/usr/src/app/secret.json --name shields shields
+$ docker run --rm -p 8080:80 -v "$(pwd)/private/secret.json":/usr/src/app/secret.json --name shields shields
 
 > gh-badges@1.1.2 start /usr/src/app
 > node server.js
@@ -149,21 +149,20 @@ Assuming Docker is running locally, you should be able to get to the application
 
 # Secret.json
 
-Some services require the use of secret tokens or passwords. Those are stored in a file called `secret.json` that is not checked into the repository, to avoid impersonation. Here is how it currently looks like:
+Some services require the use of secret tokens or passwords. Those are stored in `private/secret.json` which is not checked into the repository, to avoid impersonation. Here is how it currently looks like:
 
 ```
 bintray_apikey
 bintray_user
 gh_client_id
 gh_client_secret
-gitter_dev_secret
 shieldsIps
 shieldsSecret
 sl_insight_apiToken
 sl_insight_userUuid
 ```
 
-(Gathered from `cat secret.json | jq keys | grep -o '".*"' | sed 's/"//g'`.)
+(Gathered from `cat private/secret.json | jq keys | grep -o '".*"' | sed 's/"//g'`.)
 
 # Main Server Sysadmin
 
diff --git a/Makefile b/Makefile
index 6fd687bc80192..efaaac0b08a4c 100644
--- a/Makefile
+++ b/Makefile
@@ -24,7 +24,7 @@ deploy: deploy-s0 deploy-s1 deploy-gh-pages
 
 deploy-s0:
 	git add -f Verdana.ttf
-	git add -f secret.json
+	git add -f private/secret.json
 	git commit -m'MUST NOT BE ON GITHUB'
 	git push -f s0 HEAD:master
 	git reset HEAD~1
@@ -32,7 +32,7 @@ deploy-s0:
 
 deploy-s1:
 	git add -f Verdana.ttf
-	git add -f secret.json
+	git add -f private/secret.json
 	git commit -m'MUST NOT BE ON GITHUB'
 	git push -f s1 HEAD:master
 	git reset HEAD~1
@@ -46,7 +46,7 @@ deploy-gh-pages:
 
 deploy-heroku:
 	git add -f Verdana.ttf
-	git add -f secret.json
+	git add -f private/secret.json
 	git commit -m'MUST NOT BE ON GITHUB'
 	git push -f heroku HEAD:master
 	git reset HEAD~1
diff --git a/lib/github-auth.js b/lib/github-auth.js
index 52b9bbcf58194..fc4ae4435b36b 100644
--- a/lib/github-auth.js
+++ b/lib/github-auth.js
@@ -5,10 +5,10 @@ var serverSecrets;
 try {
   // Everything that cannot be checked in but is useful server-side
   // is stored in this JSON data.
-  serverSecrets = require('../secret.json');
+  serverSecrets = require('../private/secret.json');
 } catch(e) {}
 var githubUserTokens;
-var githubUserTokensFile = '.github-user-tokens.json';
+var githubUserTokensFile = './private/github-user-tokens.json';
 autosave(githubUserTokensFile, {data:[]}).then(function(f) {
   githubUserTokens = f;
   for (var i = 0; i < githubUserTokens.data.length; i++) {
diff --git a/package.json b/package.json
index c9e224b9a3567..73d71cb4563d3 100644
--- a/package.json
+++ b/package.json
@@ -27,7 +27,7 @@
     "chrome-web-store-item-property": "~1.1.2",
     "dot": "~1.0.3",
     "gm": "^1.23.0",
-    "json-autosave": "~1.1.1",
+    "json-autosave": "~1.1.2",
     "pdfkit": "~0.8.0",
     "redis": "~2.6.2",
     "request": "~2.75.0",
diff --git a/server.js b/server.js
index 3607d9db80efd..62ccc80f9ea17 100644
--- a/server.js
+++ b/server.js
@@ -27,8 +27,10 @@ var serverSecrets;
 try {
   // Everything that cannot be checked in but is useful server-side
   // is stored in this JSON data.
-  serverSecrets = require('./secret.json');
-} catch(e) { console.error('No secret data (secret.json, see server.js):', e); }
+  serverSecrets = require('./private/secret.json');
+} catch(e) {
+  console.error('No secret data (private/secret.json, see server.js):', e);
+}
 if (serverSecrets && serverSecrets.gh_client_id) {
   githubAuth.setRoutes(camp);
 }
diff --git a/suggest.js b/suggest.js
index 4b7b03b5545ca..c7b3390d524d2 100644
--- a/suggest.js
+++ b/suggest.js
@@ -4,8 +4,10 @@ var serverSecrets;
 try {
   // Everything that cannot be checked in but is useful server-side
   // is stored in this JSON data.
-  serverSecrets = require('./secret.json');
-} catch(e) { console.error('No secret data (secret.json, see server.js):', e); }
+  serverSecrets = require('./private/secret.json');
+} catch(e) {
+  console.error('No secret data (private/secret.json, see server.js):', e);
+}
 
 // data: {url}, JSON-serializable object.
 // end: function(json), with json of the form: