Really surprising to see that sensitive credentials were checked in to VCS. Apar... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		davidumoh on Nov 22, 2017 \| parent \| context \| favorite \| on: Uber Paid Hackers to Delete Stolen Data on 57M Peo... Really surprising to see that sensitive credentials were checked in to VCS. Apart from peer code review, how can a company avoid developers checking in sensitive data to VCS?

rplnt on Nov 22, 2017 | [–]

You could have a git hook (even remote) that would check for pre-configured patterns and reject the push if it contains them.

Quick google yielded this https://github.com/awslabs/git-secrets

selvakn on Nov 22, 2017 | [–]

Plug: https://github.com/thoughtworks/talisman

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact