Some of my programs require that some sensitive data (mainly authentication) work correctly. I often add my own credentials to the main()source code when developing and testing, to check if my code works, and delete them when everything is ok. However, it is easy to forget to remove them.
What is a good approach to prevent the completion of this sensitive data in version control commit?
I am using Mercurial (and Python).
I thought:
- automatically run some validation of confidential script data during a commit, which is interrupted if it finds some specific lines (does not seem like a fool proof, requires saving sensitive lines)
- saving confidential data in another place (where ?, how to practically import / use them).
- using the testing branch (but doesn’t really solve the problem)
- providing sensitive data as command line arguments (too impractical)
source
share