> A credential for a DB server holding customer data was hardcoded into the repo.
This is normally not a problem since databases should not be exposed to everyone one the Internet.
> One of the benefits of Git is that everyone has a complete copy of the project they are working on.
This is one of the problems with GIT and many programming langs. Because of this full copies of entire code bases are everywhere. GIT also only has ACL on repo level.
In many langs it is recommended to not store credentials in the code but at the same time there are no guidelines for how to store credentials. If you use cloud services there are recommendations.
Edit: Btw, which git service where they using? Cause I believe Github and others monitor code bases for accidental pushes of secrets.
This is normally not a problem since databases should not be exposed to everyone one the Internet.
> One of the benefits of Git is that everyone has a complete copy of the project they are working on.
This is one of the problems with GIT and many programming langs. Because of this full copies of entire code bases are everywhere. GIT also only has ACL on repo level.
In many langs it is recommended to not store credentials in the code but at the same time there are no guidelines for how to store credentials. If you use cloud services there are recommendations.
Edit: Btw, which git service where they using? Cause I believe Github and others monitor code bases for accidental pushes of secrets.