How long does deployment take?

Most deployments complete in 15-45 seconds. Static sites are nearly instant. Node.js and Python apps take slightly longer due to dependency installation.

What happens if my app crashes?

DartUp automatically restarts crashed containers. Your app stays up even after unexpected errors. You can also view logs in your dashboard to debug issues.

Can I use my own domain?

Yes! Pro and Scale users can connect their own domain (e.g., yourdomain.com) to any deployment. Starter+ plans can pick custom subdomains like myapp.dartup.dev. All plans get HTTPS included.

How is DartUp different from Vercel or Railway?

DartUp is purpose-built for Claude Code users. No Git repos required, no CI/CD configuration, no build settings to tweak. Just say 'deploy' and you're live. It's the fastest path from code to URL.

Yes. Every deployment runs in an isolated Docker container with resource limits. Environment variables are encrypted. All traffic uses HTTPS. We run security scans on code before deployment.

What happens if my Discord bot token is leaked?

Anyone with your token can control your bot — send messages, ban users, delete channels, anything the bot has permissions to do. Discord will sometimes auto-reset tokens it detects in public code, but don't rely on that.

How does DartUp handle Discord bot tokens?

DartUp injects your token as an encrypted environment variable. It's never written to disk in the container, never visible in build logs, and never stored in plain text.

Keep Your Discord Bot Token Safe When Deploying

The Golden Rule

Never put your bot token in your source code. Not in a variable, not in a config file, not in a comment. Use environment variables. Always.

How Tokens Get Leaked

It usually goes like this: you're building a Discord bot, you hardcode the token to test it quickly, it works, you push the code to GitHub. Within minutes, bots scanning public repos find it. Your bot starts doing things you didn't ask it to.

Here's what that looks like in code:

DON'T do this — token in source code

// This is how bots get hijacked
const client = new Client({ intents: [GatewayIntentBits.Guilds] });
client.login("MTExNDk2MDk3OTk0NjY1MzY5Ng.XXXXXX.XXXXXXXXX");

Even if the repo is private, this is a bad habit. Tokens in source code end up in git history, CI logs, error reports, and anywhere your code gets copied.

The right way:

DO this — token from environment variable

const client = new Client({ intents: [GatewayIntentBits.Guilds] });
client.login(process.env.DISCORD_TOKEN);

Local Development: Use .env Files

For local development, use a .env file with a package like dotenv:

.env

DISCORD_TOKEN=MTExNDk2MDk3OTk0NjY1MzY5Ng.XXXXXX.XXXXXXXXX

.gitignore

.env
.env.local
.env.production

The .gitignore entry is critical. Without it, git add . will happily include your token in the commit.

Use .env.example for documentation

Create a .env.example file with placeholder values and commit that instead. It shows what variables are needed without revealing the actual values.

.env.example (safe to commit)

DISCORD_TOKEN=your_bot_token_here

Deploying: How DartUp Handles Tokens

When you deploy a Discord bot to DartUp, you pass the token as an environment variable. It never goes into your source code.

Claude Code

You: Deploy this Discord bot to DartUp as a daemon

Set DISCORD_TOKEN to MTExNDk2MDk3OTk0NjY1MzY5Ng.XXXXXX.XXXXXXXXX

Deploying Discord bot...

✓ Detected: Node.js daemon (discord.js)

✓ DISCORD_TOKEN encrypted and stored

✓ Container started

Bot is online!

Here's what happens to your token behind the scenes:

The token is encrypted before being stored
It's injected into the container as a runtime environment variable
It's not written to disk inside the container
It doesn't appear in build logs
It's not visible in the DartUp dashboard after being set

If your project has a .env file in it, DartUp's security scanner will flag it. That's intentional. You don't want your secrets in the uploaded source code, even if they're in a dotenv file. Pass them as env variables through the deploy command instead.

What to Do If Your Token Gets Leaked

If you accidentally committed your token to a public repo, or if you suspect someone has it:

Go to the Discord Developer Portal immediately
Navigate to your application > Bot
Click "Reset Token"
Copy the new token
Update it in your deployment's environment variables

The old token stops working instantly. This is the fastest way to stop unauthorized use.

Discord auto-detects some leaks

Discord has a GitHub integration that automatically resets tokens found in public repositories. But it doesn't catch everything, and it doesn't work for other platforms (GitLab, Bitbucket, paste sites). Don't rely on it. Prevent the leak in the first place.

Python Bots Too

Everything above applies to Python bots as well. Same pattern:

Python — reading from environment

import os
import discord

client = discord.Client(intents=discord.Intents.default())

# Never hardcode the token
client.run(os.environ["DISCORD_TOKEN"])

Deploy the same way. DartUp handles Python bots identically to Node.js ones. The token goes in as an env var, gets encrypted, and is injected at runtime.

Quick Checklist

✓Token is read from process.env or os.environ
✓.env is in .gitignore
✓.env.example exists with placeholder values
✓Token is passed as env var when deploying, not in source code
✓No token in git history (check with git log -p | grep DISCORD)

FAQ

What happens if my Discord bot token leaks?

Anyone with the token can control your bot. They can send messages, delete channels, ban users — anything the bot has permissions to do. Reset the token immediately in the Discord Developer Portal if you suspect a leak.

Where should I store my Discord bot token?

In an environment variable. Locally, use a .env file that's in your .gitignore. When deploying, pass it as an env var through your hosting platform. Never put it in source code.

Does DartUp keep my token safe?

Yes. Tokens are encrypted at rest, injected as runtime env vars, and never written to disk in the container or shown in build logs. Once set, even you can't view the raw value in the dashboard.

Can I update my bot token without redeploying?

You'll need to redeploy with the updated env var. Tell Claude: 'Update my Discord bot on DartUp with this new token.' The redeployment takes about 30 seconds.

Deploy your Discord bot safely

Encrypted env vars, isolated containers, 24/7 uptime. Pro plan required for daemons.

Get Started Discord Bot Tutorial