This is the tenth security tip from Laravel Security in Depth.
Subscribe to receive weekly security tips and monthly In Depth emails covering Laravel Security topics.
When committing changes into version control, you should always selectively stage your changes first before committing. This allows you to manually review every line of code you commit, to ensure any secrets1 or debug code isn’t added.
This is super easy in Git:
git add -p
You can also selectively stage specific files:
git add -p <file>
I’ve even taken it a step further with some Git aliases:
git addp => git add -p git addc => git add -p && git commit -v git acp => git add -p && git commit -v && git push
Sometimes the changes are massive and take time to review, but if you’ve ever accidently pushed debug code onto production (like Like Stack Overflow did with
alert(false);), you’ll appreciate the time saved cleaning up that mess!