Phoenix secrets checked into version control?

From Phoenix Deployment docs:

If for some reason you do not want to rely on environment variables, you can hard code the secrets in your config/prod.secret.exs , but make sure to check the file into your version control system.

I believe that to check should read to not check, because is against all best practices for security and secrets management to check secrets into version control, unless they are encrypted.


absolutely correct… recently fixed: