This is a general git question. I want to share my repo with other developers but my code has a login and password in it (for Parse.com's API) which I don't want them to see. I can see a couple options:
1) Don't include the login and password in my source code. When I build the app I manually copy/paste the login and password into the right place, compile, then remove the login and password before the next commit.
2) Setup two repos. One private repo for myself which has the login and password in the code and one for sharing. I would manually remove the login and password whenever I needed to update the shared repo from the private one.
3) Some feature of git or sourcetree that I don't know about which hides the login and password from everyone except me.
How do others do this? Are there best practices?
Don't hard code credentials in code. From a security perspective you run into issues like you're facing. The other problem is if you need to change the credentials - do you really want to have to compile and release the code again? And what if somebody decides to copy that part of the code fragment (without realizing that the credentials are there) - now you've got to keep the the credentials up to date in 2 places (and you won't know the second location).
A better approach is to externalize these values into an external configuration. This can be as simple as a key value file. Then maintain that in a separate repository that only the people that needs to have access to.
To complete this answer, I'll point out that I've never heard of a feature built into any versioning system to that would hide usernames or passwords that are stored in text files.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.