Skip to content

.env file is not included in .gitignore and is tracked in the repository #42

@Himanshu4812

Description

@Himanshu4812

🐞 Bug Description

While exploring the repository structure, I noticed that a .env file is committed to the repository, and .gitignore does not include an entry to exclude .env.

📍 Steps to Reproduce

  1. Clone the repository
  2. Navigate to the project root directory
  3. Open the .gitignore file
  4. Notice that .env is not listed
  5. Observe that a .env file exists and is tracked in the repository

Observations

  • .gitignore excludes environment-specific files like .env.local, .env.development.local, etc.
  • However, the base .env file is still tracked in the repository.
  • The .env file contains configuration values such as API URLs and Firebase settings.

✅ Expected Behavior

The .env file should be excluded from version control by adding it to .gitignore.
A .env.example file should be provided to document required environment variables without exposing actual configuration values.

Actual Behavior

  • .env is currently committed and publicly accessible in the repository.

📸 Screenshots

Not applicable.

🖥️ Device & Environment

  • OS: Windows
  • Browser: Chrome
  • Branch: main

Additional Context

This improvement would help align the project with common environment variable and security best practices.

I would like to work on fixing this issue as part of Winter of Code Social (WOC Social).

Metadata

Metadata

Assignees

Labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions