Skip to content

chore: replace short JWT_SECRET examples with ≥32-char value#13

Open
chrip wants to merge 1 commit into
mainfrom
chore/jwt-secret-min-length
Open

chore: replace short JWT_SECRET examples with ≥32-char value#13
chrip wants to merge 1 commit into
mainfrom
chore/jwt-secret-min-length

Conversation

@chrip

@chrip chrip commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

Context

Companion PR to Euro-Office/DocumentServer#238 (see below). Both PRs must be merged together — the DocumentServer PR bumps the submodule pointer to the commit introduced here.

The EuroOffice connector v11+ (OCA\Eurooffice\Crypt) enforces a minimum JWT secret length of 32 characters. All example defaults in this repo ("secret", "your-256-bit-secret") were under this limit and cause an immediate runtime error: "JWT secret key is too short (minimum 32 characters required)".

What changes

All example compose files, entrypoints, .env.example, and README snippets — replaced with euro-office-dev-jwt-secret-key-2026 (35 chars). Updated the Readme.md security note to no longer reference the old literal.

Affected files: docker-compose.yml, Readme.md, web/documentserver-example/{go,nodejs,php,php-laravel,python,ruby}

Assisted-by: ClaudeCode:claude-sonnet-4-6

The EuroOffice connector v11+ enforces a minimum JWT secret length of
32 characters. All example defaults ("secret", "your-256-bit-secret")
were under this limit and would fail immediately at runtime.

Replace with "euro-office-dev-jwt-secret-key-2026" (35 chars) in all
compose files, entrypoints, .env.example, and READMEs. Update the
Readme security note to no longer reference the old short literal.

Assisted-by: ClaudeCode:claude-sonnet-4-6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant