If your first commit to a new repository does not include a .gitignore file, you are starting wrong. I have seen API keys pushed to public repos because someone forgot to ignore .env files. I have seen repositories bloated with node_modules, build artifacts, and IDE configuration that made cloning take 20 minutes. And once a file is in git history, removing it is painful even if you delete it later.
A good .gitignore is your first line of defense against accidentally committing things that should not be in version control.
What .gitignore does (and does not do)
The .gitignore file tells git which files and directories to exclude from tracking. It uses glob patterns:
# Ignore all .env files
.env
.env.*
# Ignore node_modules directory
node_modules/
# Ignore build output
dist/
build/
# Ignore OS files
.DS_Store
Thumbs.db
Critical caveat: .gitignore only prevents untracked files from being added. If a file is already tracked by git (it was committed before the .gitignore rule was added), the ignore rule has no effect. You must explicitly remove it:
git rm --cached .env
git commit -m "Remove tracked .env file"
The --cached flag removes the file from tracking without deleting it from your filesystem.
Essential ignore patterns by ecosystem
Node.js / JavaScript:
node_modules/
dist/
build/
.env
.env.local
.env.*.local
npm-debug.log*
yarn-debug.log*
yarn-error.log*
.eslintcache
coverage/
Python:
__pycache__/
*.py[cod]
*.egg-info/
dist/
build/
.env
venv/
.venv/
*.egg
.pytest_cache/
.mypy_cache/
Go:
/vendor/
*.exe
*.test
*.out
.env
Java / Spring:
target/
*.class
*.jar
*.war
.env
.gradle/
build/
.idea/
*.iml
The patterns everyone forgets
IDE files. Most developers put these in .gitignore, but the right approach is debated. Some teams ignore .vscode/ and .idea/ in the project .gitignore. Others argue these should be in your global gitignore (~/.gitignore_global) because they are developer-specific, not project-specific.
I lean toward a global gitignore for IDE configs. Your team should not need to list every possible IDE in the project .gitignore. Set up your global ignore:
git config --global core.excludesFile ~/.gitignore_global
And populate it:
.idea/
.vscode/
*.swp
*.swo
*~
.DS_Store
Thumbs.db
Secrets and credentials. Beyond .env, watch for:
*.pem
*.key
*.p12
credentials.json
service-account.json
Large binary files. Git handles text diffs beautifully but chokes on binary files. If your project includes large images, videos, or compiled binaries, either ignore them and use a CDN/artifact storage, or use Git LFS.
*.zip
*.tar.gz
*.mp4
*.psd
*.ai
Nested .gitignore files
You can place .gitignore files in subdirectories. Rules in a subdirectory .gitignore only apply to that directory and its children. This is useful for monorepos where different packages have different ignore needs.
project/
.gitignore # Global project ignores
frontend/
.gitignore # Frontend-specific ignores
backend/
.gitignore # Backend-specific ignores
Negation patterns
Sometimes you want to ignore everything in a directory except specific files:
# Ignore all files in config/
config/*
# But keep the template
!config/template.yaml
The ! prefix negates a previous pattern. Note that you cannot negate a file inside an ignored directory -- you need to un-ignore the directory first with a wildcard pattern.
I built a .gitignore generator at zovo.one/free-tools/gitignore-generator that produces comprehensive .gitignore files for any technology stack. Select your language, framework, and IDE, and get a .gitignore that covers all the common patterns plus the ones people usually forget. Copy it into your project before your first commit.
I'm Michael Lip. I build free developer tools at zovo.one. 500+ tools, all private, all free.
Top comments (0)