Hello all, When creating web2py applications, are there any "best practices" regarding ensuring you don't push sensitive data (e.g. email password) to github by accident? Do people test using new email addresses that were created specifically for testing web apps? Or perhaps someone has developed a script that automatically (temporarily?) removes sensitive data before committing? How about database contents? Should files like 0.py and database folder contents simply never be committed, and made part of .gitignore? (Apart from some initial version where mail settings and stuff like settings.security_key are empty...)
I want to avoid having to take manual actions before committing/pushing because I expect that sooner or later I would make mistakes. Ideas on the topic or a link to explanation welcome... p.s. I already saw this, but I'm sure it's still up to date: What data should be private (for security) in a standard web2py installation?<https://groups.google.com/forum/#!searchin/web2py/sensitive$20data/web2py/UBhDaekkT8Q/hMJWEycUGYUJ> Best regards, Stefaan. -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
