Anything that is secret or varies per environment is configuration (though not all configuration is secret). Configuration should never be part of the application. Therefore it doesn't belong in version control and should never be committed. Inject these arguments dynamically as part of a CI / CD workflow and never expose them to the client.… Continue reading Stop committing secrets