• @tmRgwnM9b87eJUPq
    link
    English
    11 year ago

    No. For development purposes I want my devs to be able to clone the repo and start.

    So the development config files are inside the repositories.

    • @DoomBot5
      link
      English
      01 year ago

      Wow, that’s a terrible security process even for development configs. How about adding a script they can run right after cloning to pull the needed keys from a secure location using their own user credentials? Plenty of solutions out there.

      • @tmRgwnM9b87eJUPq
        link
        English
        01 year ago

        So let’s say the code base leaks.

        Let’s say our VPN was also compromised.

        Then what is the worst that can happen? Some internal dev api with no real data in it can be tested by hackers.