Justin du Coeur (jducoeur) wrote,
Justin du Coeur

PSA: keep an eye on what you check into GitHub

This article on Ars last week is worth a quick think for any engineer who is using GitHub. The thing it doesn't mention is that it is really *easy* to accidentally check in confidential information: all it takes is not paying attention to which files you are committing, and poof, you're screwed.

The moral of the story is, make sure that your .gitignore is set up to *never* check in full configuration files. Querki deliberately checks in a configuration *template* file, and ignores application.conf, specifically to make it hard to make this mistake. I recommend this practice or similar to any project that matters...
Tags: programming

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment