I'm a full stack web developer who has been freelancing for the last 20 years. I write about everything from development to production and also have video courses on my site!
I just mean putting it into your main .gitignore file is dangerous because you run the risk of not committing essential settings to make your project work if it depends on .env being around.
Using --force every time they want to add a file isn't a viable solution IMO. That's a command you might run 50 times a day.
In other words, you should add .env on a per project basis when your project may have .env files that contain sensitive info, just like you would want to ignore any other files that have sensitive data.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I just mean putting it into your main
.gitignorefile is dangerous because you run the risk of not committing essential settings to make your project work if it depends on.envbeing around.Using
--forceevery time they want to add a file isn't a viable solution IMO. That's a command you might run 50 times a day.In other words, you should add
.envon a per project basis when your project may have.envfiles that contain sensitive info, just like you would want to ignore any other files that have sensitive data.