If you don’t want to commit sensitive info to your database.yml file, don’t use your database.yml file. Instead set an environment variable with DATABASE_URL=yourconnectionstring
This is supported on Rails 4.0 as far as I know, if you run into problems message me, I’ll be happy to take a look.
In general ask yourself, “can I open source my project if I really wanted to right now without opening up a giant security flaw”. If the answer is no, put whatever sensitive data opens that flaw into an environment variable and then have your ruby code read from that variable like: ENV[“DATABASE_URL”].
In development i use Foreman and a .env file for sensitive credentials. In production you could use the same, put it in your bash files, or use config vars if you’re using Heroku.
Related: http://www.12factor.net/config
I’m not worried about the security of projects I work on in relation to the database.yml. 
When generating a new rails application I (and others I know) put the database.yml immediately into gitignore and then create a database.yml.example file that is included in the git repo. The reason isn’t about the username/password being exposed really, but rather that team members all have different username/passwords for their local databases.
Anyways, general census says this has been discussed already and it’s up to the developers to handle that, which is reasonable.
Thanks for the feedback everyone!
Robert
OK, I created a pull request (https://github.com/rails/rails/pull/7870) to add the suggested comment to database.yml
Please look it over and suggest any changes (or accept it!).
Thanks,
@JohnB
If you know on your projects that you always want to add config/database.yml to .gitignore as part of creating the application, then use an application template. It offers a file command that generates a file with the contents in the given block. Something like this ought to do the trick:
file ‘.gitignore’, <<-IGNORE
config/database.yml
IGNORE
You could also use the run command to make a copy of of config/database.yml as config/database.yml.example, and use the git command to stage that for the initial commit.
Application templates seem under-utilized, but that might be because I don’t often generate new applications or hear others talk about using templates.
Craig