| ▲ | froobius a day ago | |||||||
It's a bad idea... - commit secret in currently private repo - 3 years later share / make public - forget the secret is in the commit history, and still valid, (and relatedly, having long-lived secrets is less secure) Sure that might not happen for you, but the chances increase dramatically if you make a habit of commiting secrets. | ||||||||
| ▲ | yard2010 a day ago | parent [-] | |||||||
In a large messaging app I worked for we self hosted a gitlab instance for this exact reason. I thought it was over the top but now I get it, you can never be too sure. | ||||||||
| ||||||||