How to avoid common mistakes most of us make (or have made):

  • This can’t be said enough. Never hardcode sensitive data. Use a secure key management solution.
  • Use .gitignore to prevent sensitive data from reaching the repository.
  • Use PGP/GPP to sign your commits.
  • Assign access rights to each repository & give access only to the developers who need it.
  • Always patch your software. Know what systems integrate with your Git installation and patch them too.

Full post here, 5 mins read