Skip to content

Andrew I. Carlson

  • Contact
  • Github
  • LinkedIn
  • Twitter

Category: Security

Stop committing secrets

September 23, 2019February 26, 2020 AndrewLeave a comment

Anything that is secret or varies per environment is configuration (though not all configuration is secret). Configuration should never be part of the application. Therefore it doesn't belong in version control and should never be committed. Inject these arguments dynamically as part of a CI / CD workflow and never expose them to the client.… Continue reading Stop committing secrets →

Posted in Security
Proudly powered by WordPress | Theme: Libre 2 by Automattic.