It is not dangerous and also .env.prod is very specific.
You can always commit the files from gitignore, but you have to do it explicitly, so you avoid mistakes --force.
I just mean putting it into your main .gitignore file is dangerous because you run the risk of not committing essential settings to make your project work if it depends on .env being around.
Using --force every time they want to add a file isn't a viable solution IMO. That's a command you might run 50 times a day.
In other words, you should add .env on a per project basis when your project may have .env files that contain sensitive info, just like you would want to ignore any other files that have sensitive data.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.