0

I learn git and Github and now I added this rule

# misc
.env.production
.env.development
.env

But when I pushad to GitHub this gitignore file and both .env.development and prod. was pushed also very annoying I have to delete Firebase app I think.

What did I do wrong?

Kid
  • 1,869
  • 3
  • 19
  • 48
  • If a file is already tracked in a git repository, `.gitignore` has no effect. – yi fan song Nov 14 '20 at 12:13
  • aha but if I want to track the file in my local git but not at Github, how would that be done. This files have Firebase kyes – Kid Nov 14 '20 at 12:14
  • 1
    I don't really understand what you mean by tracking locally but not on github, if it's the same repository, then that's not really how you should be using github. If you want to hide the keys but still have the project on github, private your repo or don't upload the keys and instead only fill them in as you're deploying. You don't have to delete the app, you should be able to regenerate all of the keys and sometimes those keys are exposed to users if it's used directly through your front-end. – yi fan song Nov 14 '20 at 12:21
  • I now read that Firebase for web [Apikeys](https://dotnetthoughts.net/assets/images/2020/05/firebase_sdk_config.png) config keys are public and there is no way to hide them? Is this true. I can restrict the apikey to my website url that's good – Kid Nov 14 '20 at 12:47
  • 1
    Seems correct as I googled the same thing a few months ago and found my [answer](https://stackoverflow.com/a/37484053/11575008) – yi fan song Nov 14 '20 at 12:49
  • ok good to know so the answer to my question is maybe your comment please post and answer and I accept. I dont need to hide the config – Kid Nov 14 '20 at 12:55

1 Answers1

1

If a file is already tracked in a git repository, .gitignore has no effect. With that said, there is no need to hide Firebase Api keys. source

yi fan song
  • 407
  • 2
  • 10