A secret, such as a password, cryptographic key, or token is stored in a file that is persisted to the code repository. Any user with access to the code repository may obtain and use the secret to access restricted resources.
(2) Event remediation:
Avoid committing to the code repository any files that contain secrets or sensitive data. These files should be managed outside the code repository, preferably using a secure vault or similar, and loaded onto the system as needed.