From f99ff47f758832a7ce2672b9e5a3d57615f493e4 Mon Sep 17 00:00:00 2001
From: David Heinemeier Hansson <dhh@hey.com>
Date: Wed, 8 Feb 2023 08:35:30 +0100
Subject: [PATCH] Make sure folks dont leak GITHUB_TOKENs into the image when
 using git dependencies

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index 3ca5f4e8..2c619302 100644
--- a/README.md
+++ b/README.md
@@ -257,6 +257,9 @@ COPY Gemfile Gemfile.lock ./
 RUN --mount=type=secret,id=GITHUB_TOKEN \
   BUNDLE_GITHUB__COM=x-access-token:$(cat /run/secrets/GITHUB_TOKEN) \
   bundle install
+
+# Remove git configs with exposed GITHUB_TOKEN
+RUN find /usr/local/bundle/cache/bundler/git -name "config" -delete
 ```
 
 ### Using command arguments for Traefik