Tell me if that sounds familiar: you’re happily hacking on your codebase and, at some point, you type in a password / secret token / really shameful limerick that shouldn’t be sent to the repository motheship, but that you need on your local copy. Well, no sweat, you just have to remember not to commit that specific file. So hack, hack, hack go the fingers. Several hours later, satisfied by your work, you commit the fruit of your labor and send it to the master public repository. And, guess what? The file you were supposed to remember not to commit? You didn’t. And you did. Ooops.

Knowing how embarassingly failible my memory is, I looked for some automated safety net to use with Git. The most obvious would have been to use a push hook, but alas Git has no such thing, and if the latest thread I caught on the topic still hold, one isn’t going to appear anytime soon. Since that venue is (for now) closed, I turned to plan B: crafting a new git command, git-safepush:

git-safepush

With that, I just had to add DO NOT PUSH in a comment line along sensitive code, like so

# DO NOT PUSH
my $password = '$ecr3t';

and safepush is going to prevent me of doing anything foolish:

$ git safepush origin master:foo
'DO NO PUSH' seen in file 'MyConfig.pm', aborting push