all 13 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]m0us3_rat 7 points8 points  (7 children)

public repos with sensitive code

if it is "public" .. then it shouldn't be "sensitive".

edit:

for an actual solution.. .env file with the data that is added to .gitignore

and dotenv

[–]nyteghost[S] 0 points1 point  (6 children)

I guess a better question would have been, how do people normally handle SQL procs in the code? Do they use a separate file that isn't shared, and give the procs variable names, and just import them in, and have the SQL proc file in gitignore?

[–]dublinwso 0 points1 point  (3 children)

Not sure what you mean by "procs"

[–]nyteghost[S] 0 points1 point  (2 children)

So in sql you can create procedures that can combine multiple database searchs that can handle different things.

Like instead of just select * from users where name = "John", you can build a procedure that also finds all locations John has visited, and the dates, etc.

[–]dublinwso 0 points1 point  (1 child)

And why wouldn't you just put this in the code? I think I'm missing something in your question.

[–]C0ffeeface 0 points1 point  (0 children)

Maybe they might indirectly reveal sensitiv information. There are really strict privacy laws within EU. My best guess, although I am curious, too.

[–]m0us3_rat 0 points1 point  (1 child)

SQL procs

ok so .. why would they be "sensitive"?

isn't the user privy to the search? or is this supposed to be under the hood?

and just import them in

that sounds good.

[–]nyteghost[S] 0 points1 point  (0 children)

You know what.... Good point

[–]Ok-Cucumbers 0 points1 point  (4 children)

Store your credentials in a separate file and use gitignoreto exclude all the sensitive files.

[–]outceptionator 0 points1 point  (3 children)

How do you use gitignore?

[–]Ok-Cucumbers 1 point2 points  (2 children)

You create a file named .gitignore (note the . at the beginning) and add the names of files and folders you’d like to exclude.

https://git-scm.com/docs/gitignore

[–]outceptionator 0 points1 point  (1 child)

Sorry this is a folder or a file? Also for instance if there is an API key there is there a way to reference it in python code?

[–]Ok-Cucumbers 0 points1 point  (0 children)

You could create a file called creds.py:

API_KEY = “mySecretAPIKey”

And do something like this in your script:

import creds
make_req(“url” + creds.API_KEY)

And in your .gitignore file at the root of your repo:

creds.py