If you are a developer or have used git, you might have heard the term gitignore. So what is a .gitignore and why should you stop ignoring it.
What is a .gitignore?
A gitignore is a special file that specifies intentionally untracked files that Git should ignore. Sometimes there might be files in your project which you don’t want to commit to the version control for reasons like:
The file might hold some secret information like your API key/secret, APP secrets, or some username/password, server config, etc.
It might contain some configuration specific to your machine only and don’t want to commit to the version control
It might be some installed dependencies like node_modules or bower_components
It might be a machine specific useless file like .DS_store files
The file might hold some secret information like your API key/secret, APP secrets, or some username/password, server config, etc.
It might contain some configuration specific to your machine only and don’t want to commit to the version control
It might be some installed dependencies like node_modules or bower_components
It might be a machine specific useless file like .DS_store files
Gitignore is a great way to avoid unwanted files to be pushed to the server. But do I really need to learn now?
Dark Side of gitignore
What will happen if you ignore .gitignore
If you have come credentials or config file on your project you should take gitignore seriously. If you ignore the .gitignore you might leak your secret credentials yourself. If you search on Github for some config files you can find out the emails/passwords, API keys, and APP secret keys of many projects. If on the wrong hands you might be in trouble since they can change the credentials or even use it for the wrong this like sending spam and pushing updates with exploits.
For example, searching filename .env with password
https://github.com/search?q=filename%3A.env+password&type=Code
will give you a bunch of credentials.
The author is not responsible for the illegal use of the provided URL. The URL is provided for informational use and awareness only
Now that we agree on not ignoring the gitignore,
How can we implement it
How to use gitignore
Using gitignore is as easy as creating a file and entering the file name you don’t want to push inside the file. You can also ignore files as well as folders. Also, you can use pattern formats to ignore a bunch of files and folders at once. For example, you can use *.c to ignore all files with the file extension c. You can learn about the various patterns you can use in gitignore here. If you are creating a project on GitHub, GitLab, etc you can choose the .gitignore file template according to the project framework or language you are going to use and it will generate a .gitignore file for you. Moreover, you can gitignore generator like gitignore.io
- Aatish Sai
Don't Ignore .gitignore
Why you should never ignore .gitignore
git github gitignore gitlab security vcs version control