F-002 fix: Remove secrets and externalize config
This commit is contained in:
30
spec/sdd/components/legacy-config-loader.md
Normal file
30
spec/sdd/components/legacy-config-loader.md
Normal file
@@ -0,0 +1,30 @@
|
||||
# Component: Legacy config loader
|
||||
|
||||
## Responsibility
|
||||
Load local configuration for the legacy PHP module.
|
||||
Expose helper access for DB, OpenAI, URLs, endpoints, and path values.
|
||||
Provide one DB connection factory used by web pages and worker.
|
||||
|
||||
## Interfaces
|
||||
- Input:
|
||||
- `config/local.php` if present
|
||||
- fallback `config/local.example.php` for shape and safe defaults
|
||||
- Output:
|
||||
- config access helpers
|
||||
- mysqli connection helper
|
||||
- normalized path values for logs and routes
|
||||
|
||||
## Dependencies
|
||||
- PHP array config files
|
||||
- `mysqli`
|
||||
- module root path
|
||||
|
||||
## Limits
|
||||
- Does not manage secret rotation.
|
||||
- Does not validate remote credentials.
|
||||
- Does not redesign auth or downstream business logic.
|
||||
|
||||
## Success criteria
|
||||
- [ ] No tracked PHP file contains hard-coded DB or OpenAI secrets
|
||||
- [ ] Entry points use shared config helper
|
||||
- [ ] Local setup path is documented
|
||||
Reference in New Issue
Block a user