How to safe share code on public repositories on GitHub when it contains private access keys?

Yesterday, I put some code onto GitHub for public. I realized then, that my code contains some private access credentials.

How can I maintain code via GitHub and keep access data private, while other can pull the code which still compiles?

If your code requires credentials, it won’t ever be able to compile unless people insert their own. Having said that, you might consider replacing your credentials with <<insert XXXX here>>. That’s how most people around this forum do it, and I personally haven’t yet had a problem with it, as long as you clearly state that something has to be edited, as well as where you have to edit it.

I understand that.

My idea was to have a not synced definition file and another dummy file with all the declarations “insert data here” in it.

On the other hand, I can develop the code on a different location and deploy the files manualy into GitHub.

1 Like

That’s one way to do it…

I like having the < insert X here> because it’ll cause a compiler error that brings attention to the fact that you need to change something…

Another suggestion that I’ve taken, is to have one repo that’s the public version… and then make a local git repository that keeps the public version as a “remote”. Then when you make changes to the remote one, aka “upstream”, you can merge those changes in and git should take care of most of the private changes for you.

And lastly, which is kind of a PITA… you can tell git to ignore a change in a file… SO make your private change and then:

git update-index --assume-unchanged path/to/file.txt

And to reverse:

git update-index --no-assume-unchanged path/to/file.txt

The problem with this though, is that if you start to do branching a lot, it doesn’t carry through a branch and when you come back after a checkout, it’ll be back to normal.

My prefered way is the have a config.h.dist file committed that people have to manually rename to config.h, then add config.h to your .gitignore file. That way there is a default for people to fill in, but you won’t ever accidentally commit your private keys or passwords.


Great inputs from you guys. Thanks a lot.