⚠️ Never EVER put credentials in the git repo

[velizartodorov]

https://github.com/nanovche/expense-tracker/blob/62d3f2e5dc3c7f51fe5f968d5518da08cef777ae/expense-tracker-api/src/main/resources/application.properties#L3

Usernames/passwords/DB connection etc. and all other private data has no place in your code. This should either be put in an external configuration file which is git blamed, or read from an external vault/password manager etc. This is a big vulnerability in the security of the project. You can always present an example in your readme.md file.

[nanovche]

Is src/main/resources/applications.properties considered external?

[velizartodorov]

By saying external I mean that it doesn't exist in the repository itself.