How to avoid common mistakes most of us make (or have made):
- This can’t be said enough. Never hardcode sensitive data. Use a secure key management solution.
- Use .gitignore to prevent sensitive data from reaching the repository.
- Use PGP/GPP to sign your commits.
- Assign access rights to each repository & give access only to the developers who need it.
- Always patch your software. Know what systems integrate with your Git installation and patch them too.
Full post here, 5 mins read