Reply to post: Re: Two simple ways, which are common sense...

Dev put AWS keys on Github. Then BAD THINGS happened

Anonymous Coward
Anonymous Coward

Re: Two simple ways, which are common sense...

It is easily done, I accidentally committed a signing key to my local repo early last year before I realised that my .gitignore wasn't quite right.

It's the downside of automatically staging new files - though personally I think it's better than the alternative.

The first key difference is that I checked my history and purged it from my local repo before I pushed it.

(The second, possibly more important detail being that the repo I push to is also private.)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020