Environment Variables Considered Harmful for Your Secrets

Storing your secret keys securely yet easily accessible for your code running in your production environment is a challenging task. With secret keys I mean for instance your keys for accessing 3rd-party APIs, keys used to encrypt/sign cookies, hash user passwords and so on. There are dire consequences if your production secret keys would get into the wrong hands. You'll want to tightly control how and when your secret keys are accessible.

We are probably in agreement on how not to store your...

Read on...

Force Pushing Safely with Git

Git's ability to rewrite a commit history is one my favourite features. When I'm coding, I regularity commit whenever I hit a minor milestone. Later, I might realize that there was some better solution than my original approach, or that my code had some bug in it. So while a series of commits I make may be a logical progression of steps, sharing all these steps with other developers is not necessary.

Enter git rebase. With it, I can rewrite my chain of commits into something that is more useful...

Read on...