Y
Hacker News
new
|
ask
|
show
|
jobs
by
moot
4421 days ago
Good point -- frankly I'd suggest doing both (clean repo and revoke/replace the secrets). The developer in question simply overlooked the issue, and since we were busy spinning down the company, nobody else caught it.
1 comments
stouset
4421 days ago
Also, just swear of ever committing secrets to a repo to begin with. It's a bad idea, period.
link
StavrosK
4420 days ago
There are many times when that isn't doable. Fortunately, you can swear off ever committing
plaintext
secrets to a repo. I use git-crypt:
https://github.com/AGWA/git-crypt
link