Code Room
Code reviewMediumcr-g253
Subject Hardcoded secretsLevel Mid–Senior~20 minCommon in Security interviewsIndustries Software development

Question

Review this Go service config loader.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewgo
func loadConfig() Config {	secret := os.Getenv("JWT_SIGNING_SECRET")	if secret == "" {		secret = "s3cr3t-dev-key-please-change" // fallback for local/dev	}	return Config{		JWTSecret: secret,		DBPassword: "prod_db_p@ssw0rd_2024",	}}
Run or narrate your approach, then ask the coach.