|
|
|
|
|
|
by stouset
3405 days ago
|
|
|
In a nutshell, the point is that despite near-constant warnings not to commit secrets to repositories… people do. So this lets developers commit secrets to their repo with reduced risk of leaking the secrets themselves. That said, there are other good reasons not to commit configuration like this to your repo (configuration and code don't always change in unison; sometimes you need to use older code with more recent configuration, for example) but it's at least better than the current situation where careless developers wind up with thousands of dollars of charges against their AWS accounts after accidentally committing AWS keys. |
|
|