Security Tip: Selectively Stage and Commit Changes

[Tip#10] You should always selectively stage changes, to avoid committing secrets or debug code and pushing to prod.

Security Tip: Selectively Stage and Commit Changes

When committing changes into version control, you should always selectively stage your changes first before committing. This allows you to manually review every line of code you commit, to ensure any secrets1 or debug code isn’t added.

This is super easy in Git:

git add -p

You can also selectively stage specific files:

git add -p <file>

I’ve even taken it a step further with some Git aliases:

git addp  =>  git add -p
git addc  =>  git add -p && git commit -v
git acp   =>  git add -p && git commit -v && git push

Sometimes the changes are massive and take time to review, but if you’ve ever accidently pushed debug code onto prod2, you’ll appreciate the time saved cleaning up that mess!

👉 Looking to dive deeper into Laravel security? Check out Practical Laravel Security, my hands-on security course that uses interactive hacking challenges to teach you about how vulnerabilities work, so you can avoid them in your own code! 🕵️

👉 When was your last security audit or penetration test? Book in a Laravel Security Audit and Penetration Test today! 🕵️

  1. API keys, passwords, etc… see Tip#3: App Config.

  2. Like Stack Overflow, with alert(false);