Talk in English - US at php[tek] 2023
Track Name:
PHP Architect Ballroom
Short URL: https://joind.in/talk/a0434
(QR-Code (opens in new window))
No one wants their keys and secrets on GitHub, but one bad push can mean you are suddenly exposed. In the best-case scenario, you discover the issue and fix it before something bad happens, but in the worse case, you don’t find out until it is far too late. Most devs are familiar with using .gitignore files to prevent Git from tracking specific files and folders, but did you know that you can leverage Git hooks and some open source awesomeness to keep you from accidentally committing your secrets in the first place? If you are not actively using Git hooks in your workflows, then this talk is for you. Le look into the .git folder and unlock a whole world of automation possibilities!
Comments
Comments are closed.
Thanks for all the links and additional resources.
Loved this talk! I'm definitely going to introduce some helpful git hooks to my team.
good, brief summary
Great explanation of how to leverage git hooks and how they can be a more integral part of the process.
Great insight into a tool that offers many benefits to automating and protecting your code in the git ecosystem
Great talk about some of the underlying aspects of git and git hooks. Honey tokens are indeed a thing.
Great insight into git hooks and how to utilize them to protect ourselves. Dwayne made it very easy and provided information for those that didn't know about it as well as those that already use them.
Great talk, I’ve been using GitGuardian for some time now and seeing alternative methods to help stopping secrets from getting into the repo was great!