• carrylex@lemmy.worldOP
    3·
    4 months ago

    Well from my personal PoV there are a few problems with that

    1. You can’t detect all credentials reliably, they could be encoded in base64 for example
    2. I think it’s kind of okay to commit credentials and configuration used for the local dev environment (and ONLY the local one). E.g. when you require some infrastructure like a database inside a container for your app. Not every dev wants to manually set a few dozen configuration entries when they quickly want to checkout and run the app
    • bleistift2@sopuli.xyzEnglish
      4·
      4 months ago

      You can’t detect all credentials reliably,

      Easy. You check in the password file first. Then you can check if the codebase contains any entry on the blacklist.

      Wait…

      • pfm@scribe.disroot.org
        4·
        4 months ago

        You were so close! The right solution is of course training an AI model that detects credentials and rejects commits that contain them!