I've recently seen a password.js file used for "authentication" - and yes, it contained the password in cleartext. (While also talking in the comments about state-of-the-art security)
Please tell me it wasn't also checked in...
It was publicly reachable from the interwebs ;)
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.