alembic-ini-hardcoded-db-url-triggers-secret-scanner
Hardcoded database URLs in alembic.ini (even dev URLs like postgresql://user:pass@localhost/db) trigger git secret scanners and block commits. Fix: leave the sqlalchemy.url key empty in alembic.ini and have alembic env.py read from the RSAME_DATABASE_URL environment variable at runtime. This is a recurring gotcha when scaffolding new Python/SQLAlchemy projects.
Related
- alembic-ini-dev-db-url-triggers-secret-scanner
- alembic-ini-db-url-blocks-commit-use-env-var
- docker
- postgresql
- openclaw
- alembic-ini-db-url-secret-scanner-catches-plaintext
- git-secret-scanner-blocks-alembic-ini-db-url
- alembic-ini-database-url-triggers-secret-scanner
- test-password-strings-trigger-secret-scanner-false-positives
- alembic-ini-must-have-empty-db-url-use-env-var
- alembic-ini-hardcoded-url-triggers-secret-scanner
- alembic-ini-db-url-triggers-secret-scanner
- module-level-env-reads-with-dev-fallback-bypass-runtime-conf