Git Windows Vulnerability and Development Environment best Practices
Last updated
Last updated
Due to recent vulnerabilities disclosures CVE-2022-24765 CVE-2022-24767, it is highly advised to update your Git version if you use Windows to develop.
Follow this link to download the latest version:.
Keep up to date Software and Operating system.
Use a password manager (recommended with offline exports ( keep archived with password). It’s also recommended never to store sensitive information without proper encryption.
Don’t run commands using root unless you know what you’re doing, have a strong password for the user.
Help avoid CI/CD Pipeline attacks(Think ) by using Source Composition analysis on Docker images and IaC(Infrastructure as Code) by using Snyk locally and in the IDE(Integrated development environment)
Configure git to use your work email, and learn to boost security.
Reduce the effects of a data breach by not storing essential secrets in the git repository. use .env files with caution and always prefer a secure outpost for your secrets, such as
Reference: