production settings, as well as site-specific settings, and this caused repeated adverse effects for our production systems. In our case, some of the differences were development vs. I have personal experience with this one, and it's a major, ongoing nuisance to deal with. Site-/developer-specific settings don't raise the security issues that authentication information does, but they will still cause issues if multiple sites or developers are involved because, even if you have a policy against committing/pushing changes to those files, it's just a matter of time before someone commits them and causes everyone else's settings to be changed (or spurious conflicts to be generated) the next time they pull. Even if the credentials have been removed at some future point, they'll still be available in the history. If there is any chance that your git repo will ever be made accessible to outside or untrusted entities, then your authentication details should not be in it because they will be disclosed to anyone who clones the project. If I'm reading your question correctly, and the files in question contain such things as authentication credentials and site- or developer-specific configuration settings, then this is the way to go. Ask all my team members to add these files back to their local project with their own settings.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |