re: Please don't commit .env VIEW POST

TOP OF THREAD FULL DISCUSSION
re: Install the operating system edit your user global gitignore vim ~/.gitignore paste: .idea/ .vs/ .env .pk .pem .pub Do not think you will...
 

That's pretty dangerous advice because it depends on how you configure your application.

I personally commit .env files because they don't contain sensitive information and typically having settings important to being able to start up my app in development. I have a feeling just about anyone using Docker Compose would also commit .env files too since it's used for setting your project name.

I reserve .env.prod or other environment specific files for sensitive API keys and other things I wouldn't want to commit.

 

It is not dangerous and also .env.prod is very specific.

You can always commit the files from gitignore, but you have to do it explicitly, so you avoid mistakes --force.

I just mean putting it into your main .gitignore file is dangerous because you run the risk of not committing essential settings to make your project work if it depends on .env being around.

Using --force every time they want to add a file isn't a viable solution IMO. That's a command you might run 50 times a day.

In other words, you should add .env on a per project basis when your project may have .env files that contain sensitive info, just like you would want to ignore any other files that have sensitive data.

code of conduct - report abuse