Note that all environment variables referenced in your code should be declared (for example in an .env file), even if they don't have a value until the app is deployed

hmmmmmm (from https://kit.svelte.dev/docs/modules#$env-static-private)

In reply to @lily:lily.flowers

Note that all environment variables referenced in your code should be declared (for example in an .env file), even if they don't have a value until the app is deployed

hmmmmmm (from https://kit.svelte.dev/docs/modules#$env-static-private)

In reply to @peter-lustig:matrix.org
i had everything working with dynamic env variables and now nothing of that works anymore

In reply to @lily:lily.flowers
well i'm worried it's trying to include these vars in client-side generated code. which handing over secrets to the client feels ,,, problematic. would you mind sharing more of the code to help me understand?

import { github, google } from '@lucia-auth/oauth/providers';
import {
	GITHUB_CLIENT_ID,
	GITHUB_CLIENT_SECRET,
	GOOGLE_CLIENT_ID,
	GOOGLE_CLIENT_SECRET
} from '$env/static/private';

export const pool = new postgres.Pool({
	host: '/run/postgresql',
	user: 'postgres',
	database: 'app'
});

export const auth = lucia({
	env: dev ? 'DEV' : 'PROD',
	middleware: sveltekit(),
	adapter: pg(pool, {
		user: 'auth_user',
		key: 'user_key',
		session: 'user_session'
	}),
	getUserAttributes: (data) => {
		return {
			username: data.username,
			authProvider: data.auth_provider
		};
	}
});

export const githubAuth = github(auth, {
	clientId: GITHUB_CLIENT_ID,
	clientSecret: GITHUB_CLIENT_SECRET
});