Development Environment Security
Often developers have ssh keys, database passwords, API keys and other sensitive information in their local environment or in source control. It is dangerous to share such sensitive information in this way, as often this means that a developer that leaves a company may retain credentials to production systems.
Where possible, get security feedback in your development enviornment. Whether that means running an IDE plugin or a command line tool, the better visibility you have to potential security issues as you go, the more secure your code will be and the better chance you'll have of avoiding rewrites or major remediation efforts.
Resources
Support or Contact
Having trouble with the developer pages? Help us update them or [email protected] and we’ll help you sort it out. See something wrong? Get involved and help us fix it!