Why avoid committing secrets to Git, and secure local alternatives?
This tests basic secret hygiene and environment isolation. A strong answer notes Git history is immutable and distributed, so secrets persist in forks forever, and proposes environment variables or gitignored dotenv files.
This tests fundamental secret hygiene and the distinction between code and configuration. A strong answer explains that Git history is append-only and globally distributed, meaning a committed secret exists in every clone, fork, and backup forever, regardless of later deletion or repo privacy. For local development, the safe pattern is injecting secrets via environment variables or gitignored dotenv files loaded at runtime, never checked in.
Read the original → docs.github.com
- #secrets-management
- #git
- #ci-cd
- #security-hygiene
- #environment-variables
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.