https://stackoverflow.com/questions/20634551
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI'd like to clarify something that was confusing me in the first place. Your question is basically analogue to this one: "Should I use fork or teaspoon so I wouldn't harm my child while feeding it with poisonous berries?" And the answer is: "Nevermind the tool, it's berries you should worry about!"
Now, let's separate override_attributes problem (tool), from the risk of exposure of sensitive data (berries).
Override attributes are being used only when we are not sure where the data will come from and we need to override them forcefully. What you're seeing is just that. Writer of that recipe ensured that vault will be used.
Message you posted regarding sensitive data has nothing to do with override_attributes. I presume you wouldn't like to put your private keys, passwords, or your credit card credentials into files and have it pushed to github, public git repo, or make it public in any other way. Message is just there to remind you. So, where should sensitive data be placed? There's no answer but the one you got All secrets should be kept in the password vault.. Thing you should also keep in mind before storing sensitive data on a certain place, are the architecture of a system and privileges of it's users. You want to keep it out of reach of people who doesn't need to know it. All this talk is about keeping your vulnerable, precious, sensitive data as secure as possible, and there's no Q&A recipe for that.
Hope this vague answer helped. If anyone knows how it might be more clear, please comment or edit, I'll be happy to see it improved.
