For the same reason that you should not treat secure credentials poorly, developers shouldn't store clear credentials in the version-controlled project repository. Even if the repository is hosted company-internally, this introduces a security risk.

The credentials will be visible permanently in the repository's history.

As shown in Chapter 5, Container and Cloud Environments with Java EE, there are features of cloud environments that inject secret configuration values into applications. This functionality can be used to provide secret credentials that are configured externally.