Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Voxera113884yPut all local credentials in a separate debug config and git.ignore it.
On the other hand, they should never use their own credentials to access anything even in debug mode. -
What I suggest and do is a bfg repo cleaner as a pre commit hook that searches for passwords or other creds. Saves me a lot.of accidental derps
-
Any credential pushed to public repo should be assumed as compromised, first step should be to revoke the credentials.
-
@theabbie First step is to slap the (ir)responsible party. Revoking the credentials is step 2.
-
@ItsNotMyFault I'd say the first step is revoking credentials.
Credential scrappers might be a lot faster than your pimp hand.
Related Rants
The intern pushed their credentials to GitHub...
... again
rant
security
git
credentials
push
password