Hi there! I've been studying Pulumi for my company for a couple of weeks now. I have a security question concerning the encryptionsalt when using the passphrase secret provider.
➡️ Is it safe to commit the encryptionsalt?
I read a couple of articles and I think I kinda understood the concept of salt in cryptography. But if I understood correctly, concerning Pulumi there is only one salt generated per password? If so, doesn't it negate the benefit of using salt if it's committed to the config file? I would be happy to discuss this to understand it better 🙂 thanks!