Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a .gitignore file #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Conversation

github-learning-lab[bot]
Copy link

Taking advantage of the .gitignore file for security

From time to time, there are files you don't want Git to check in to GitHub. You may want to ignore files that contain sensitive credentials or information which should not be pushed to your repository. There are a few ways to tell Git which files to ignore.

Ignoring files

Git uses a file called .gitignore to decide which files and directories to ignore when committing. Keep files containing sensitive data, like configuration or env files, out of your repositories. This is one way to promote security best practices.

The .gitignore file can, and should, be committed into your repository. By sharing this file and making it part of your code, it will also help others. Other users that contribute to the repository will also avoid committing sensitive data. There are many examples of .gitignore files available for you to use in your own repositories. You can find them in the gitignore repository.

Step 5: Ignore files

In this pull request, I'm adding a .gitignore file. Files ending with .env commonly include sensitive data. This helps you keep files with sensitive data secure and private. Let's add those files to the .gitignore.

⌨️ Activity: Updating the .gitignore file

  1. Within this pull request, go to Files changed.
  2. Click the ellipsis (...) in the right upper corner and click Edit file to edit the .gitignore file.
  3. Edit the file by adding .env to line 1.
  4. Scroll down, and commit your change.

Note: Even after adding a file to the .gitignore, the previous commits that have edited that file still exist. If you accidentally committed sensitive data, first change any tokens or passwords. Then, contact GitHub Support for help correcting your history.

For a printable version of the steps in this course, check out the Quick Reference Guide.


Return to this pull request for my next comment.

Sometimes I respond too fast for the page to update! If you perform an expected action and don't see a response from me, wait a few seconds. Then refresh the page for your next steps.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants