Hacker News new | ask | show | jobs
by tehlike 3328 days ago
I know many instances where code reviews didnt catch log statement in huge binaries.
1 comments
nothrabannosir 3328 days ago
Right, but now you're in the "review of a PR didn't catch malicious code" boat. At which point, you've got bigger problems than leaking env vars in your CI.

Not to dismiss it---it's just a different point.

link