Testing code with sensitive data
I recently renewed work on my first ever github project. Over the course of a whole year when that project was dormant, I’d learned some new tricks. I now try to focus on writing tests for my projects. It is immensely convenient when I add features here and there and need to check the whole code for errors.
My script that looks for
CLIENT_SECRET and inserts API keys:
Immediately after the code is run (
python $file). The file is restored to its initial state so I can upload it to github safely.
If you already have some sensitive information uploaded to github or in your git history, check out BFG. It is a tool that can purge files/replace text from git history permanently.