Quick explanation on server/client scopes

Lets say I want to store database credentials in code (or any other sensitive data), so the question is I kinda need someone to briefly explain me how do client/server scopes work in s&box?

Thanks and much love

upd just to be clear I want no sensitive data ever be sent to client in any way, thats why I am asking

1 Like

Disclaimer: I don’t have a S&Box preview key and all my knowledge of internal workings is Discord discussions.

First off, as it stands right now there is no server/client scope in the sense you are talking about. The DLL compiled for the server is the same DLL that gets compiled for the client. Anything in that DLL, including hardcoded strings, will be sent to the client as far as I understand.

Second, it is terrible practice to hardcode credentials, not just for S&Box but for basically any application of credential management. Just don’t do it. At worst store the password in a separate file on the server and read it from the file. Or use environment variables set on the server.