How to keep sensitive commands out of .zsh_history
By default, if you enable command history in Zsh, all commands including those that contain sensitive informations such as access token or password will be saved into your command history file after you run them.
It’s definitely a bad idea to have those information
winded up in your .zsh_history file.
However,
there is a way you can tell Zsh to not putting a command in your history file
by setting this option in your .zshrc:
setopt HIST_IGNORE_SPACE
After that, Zsh will not store any command that starts with a space in a history file.
So, instead of running this:
$ curl -u "LOLNOPE:x-oauth-basic" -i https://api.github.com/...
add an empty space before your command like this:
$ curl -u "LOLNOPE:x-oauth-basic" -i https://api.github.com/...
^--------- notice an empty space here
Note that this most recent command will temporary stay in the command history in your current session so you can go back to reuse or edit it by using the UP arrow, and it will automatically disappear after you run another command in the same session.
You can read more about this in Zsh documentation