I agree 100% in any real project.
That said I have a repo on github right now, symfony4-impressions, that I explicitly intended to commit the .env and give to people. In this case I wanted people to have the foobar password for the docker mysql container so they can easily run the performance benchmarks to see for themselves if they wanted.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.