Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
u make mistakes like these and then wonder why you don't hear back from employers.
-
Bibbit7401yThe bigger question is why you didn't have anything in place blocking the commit/pr?
I'm very happy to hear that they proactively warn you about it though: I've heard about government clouds having credentials leaked just like this (luckily nothing happened afterwards but still) -
b2plane63951y@SidTheITGuy it was for a dummy project u dumbass im testing shit on my own github and learning how vault is used properly cause no tutorial ever explains this for production, they all explain only for development
-
b2plane63951y@Bibbit im testing and learning how vault is used on a dummy project because no tutorial ever teaches this, i have to experiment myself, all shit tutorials teach only for development and just assume i know how to mold this bullshit to work for production. No i fucking dont you dumbass indian tutorial guy. Deploying for production takes a lot more work and configuration of the exact same bullshit code that it took to work for dev mode
-
AceDev2711yThe same happened with my Google Maps API Key when I tried to share with my team...
I had to remove it after two email notifications -
PAKA8921yThis is how they know:
https://docs.github.com/en/...
Other providers have similar mechanisms in place. -
@b2plane then say these things in ur original post. What's this clickbait thing you're trying out here?
Accidentally pushed AWS IAM access and secret key to repository defined within application.yml file in code, immediately i got a mail from AWS warning me that my access and secret keys are now exposed with instructions how to rotate this key and secure it. How the fuck do they know?
rant