One does not commit or compile credentials
Context:
This meme was brought to you by the PyPI Director of Infrastructure who accidentally hardcoded credentials - which could have resulted in compromissing the entire core Python ecosystem.
This sounds like a really useful solution, how do you implement something like this? Especially with linter integration
Depending on which stack you’re using, you could use https://danger.systems to automatically fail PRs.
PRs? Isn’t the point of that something does not get committed, and therefore no credentials are stored in the git repository? Even if the PR does not get merged, the file is still stored as a hit object and can be restored.