appsec

331 readers

4 users here now

A community for all things related to application security.

founded 1 year ago

MODERATORS

[email protected]

GitHub Copilot, Amazon Code Whisperer emit people's API keys (www.theregister.com)

submitted 1 year ago by [email protected] to c/[email protected]

11 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] ExtraMedicated 3 points 1 year ago

I guess it depends on who should have access to them, but at the company I work for, we keep all the private config files backed up in a secure place (local network server, encrypted cloud storage, whatever) and the config files are added to .gitignore. This is especially important for databases with personal info.

permalink
fedilink
source
parent