Sep 23, 2019 02:20 AM|Fei Han - MSFT|LINK
what about passwords? For localhost I use trivial passwords, is it good practice to left things like this in repo?
Normally, it is not recommended to keep passwords or secrets etc sensitive information in source control, even if it's a private repository.
We can imagine that someone on your team who should not have access to these sensitive information could now have access to it, and if he/she do misoperation on systems/resources with pulled passwords or secrets from repository, which would cause serious
impact on your project. Besides, if leaking passwords or secrets to public, which may have a devastating impact.