Developing authentication code for open source repositories can be a scary task; you're scared that hackers can find loopholes in your code but you're also petrified of accidentally committing sensitive credentials to a public repository.
Full article