Do y’all use git to store sensitive data like passwords, even encrypted? This does not sit well with me. At work, we use a vault. For personal use, I use a password manager and manually copy and paste those envs.
I concur, which is why I was a bit surprised by this section of yadm’s webpage:
It can be useful to manage confidential files, like SSH keys, across multiple systems. However, doing so would put plain text data into a Git repository, which often resides on a public system. yadm implements a feature which can make it easy to encrypt and decrypt a set of files so the encrypted version can be maintained in the Git repository.
Do y’all use git to store sensitive data like passwords, even encrypted? This does not sit well with me. At work, we use a vault. For personal use, I use a password manager and manually copy and paste those envs.
Definitely don’t include passwords in git.
Using a password manager is best.
If you are using secrets when developing you can load secrets into environment variables automatically when you run a program: https://developer.1password.com/docs/cli/secrets-environment-variables/
I concur, which is why I was a bit surprised by this section of yadm’s webpage:
(emphasis mine)
Source: https://yadm.io/docs/encryption