|
|
|
|
|
|
by bob1029
594 days ago
|
|
|
> and b) access to source code isn't really that valuable This is a very important lesson. Once you learn that The Moat is more about the customers & trust, you stop worrying so much about every last possible security vector into your text files. Treating a repository like a SCIF will put a lot of friction on getting things done. If you simply refrain from placing production keys/certs/secrets in your source code, nothing bad will likely occur with a broad access policy. The chances that your business has source code with any intrinsic market value is close to zero. That is how much money you should spend on defending it. |
|
|