Security Tip: Selectively Stage and Commit Changes
[Tip#10] You should always selectively stage changes, to avoid committing secrets or debug code and pushing to prod.
When committing changes into version control, you should always selectively stage your changes first before committing. This allows you to manually review every line of code you commit, to ensure any secrets (API keys, passwords, etc) or debug code isn’t added.
This is super easy in Git:
git add -pYou can also selectively stage specific files:
git add -p <file>I’ve even taken it a step further with some Git aliases:
git addp => git add -p
git addc => git add -p && git commit -v
git acp => git add -p && git commit -v && git pushSometimes the changes are massive and take time to review, but if you’ve ever accidently pushed debug code onto prod, you’ll appreciate the time saved cleaning up that mess!
Found this security tip helpful? Don't forget to subscribe to receive new Security Tips each week, and upgrade to a premium subscription to receive monthly In Depth articles, or toss a coin in the tip jar.
Reach out if you're looking for a Laravel Security Audit and Penetration Test or a budget-friendly Security Review, and find me on the various socials through Pinkary. Finally, don't forget to check out Practical Laravel Security, my interactive security course.
