[ohwp]

I once committed my DB settings (Mercurial) and noticed my mistake only later. It's very hard to get it out of the history. Ofcourse it could be fixed but this is one example.

Imho version control could be used for deployment but only when you use the release-branch of your project.

And ofcourse NEVER put your config in version-control ;)

[mnutt]

And of course NEVER put your config in version-control ;)

I'm not sure I'd make that blanket statement. Version control seems like a great place for configuration. It allows you to centrally manage configuration details and provides an audit trail for debugging. You just want to make sure it is in a separate, secure repository and not mixed in with your app development.

[jlgreco]

FWIW, removing things from history entirely is easy with git using git-filter-branch. The real problem is realizing that you need to do that in the first place.

[scott_w]

I want to reinforce what mnutt said. A separate, secured repository for your settings is a very good thing.

You may want to look into salt, chef or puppet, which let you separate out your configuration from your security credentials.

[jwilliams]

I'm sure many people have done this - the most prudent thing would be to change the sensitive settings? That would solve your history problem as well.

[rdtsc]

> And ofcourse NEVER put your config in version-control ;)

Why wouldn't you want to version your configurations in general? Maybe I am not sure what you mean by "config" but in general version controlled configuration is always good. I even set up git in my etc sometimes to track changes I make to it manually (not in production, on my home machine).

[bpatrianakos]

I think what everyone is getting at here is to be smart about when to use git for deployment. Rsync is great for small static sites the same way git is. Now, I'm not going to use it on my medium to large size web app (actually I do for the testing server but that's another story). It's just another way to get a site deployed. I think its great for small static sites and prefer it over rsync for no other reason than I'm already using git and its just an extra git push when I'm ready. I actually use different remotes for deployment rather than a branching strategy.