What files should I not check into version control

Posted by Community Admin on 03-Aug-2018 02:31

What files should I not check into version control

Sitefinity - General Discussions

All Replies

Posted by Community Admin on 12-Feb-2011 00:00

My development team uses git exclusively for version control (not that it matters) and I was wondering if there are any files that I should ensure do not get pushed to our remote repository?  I notice there is some secure information in /App_Data/Sitefinity/Configuration as well as some files that look like they should be regenerated when on other computers such as /App_Data/Sitefinity/Temp and perhaps /~.

Posted by Community Admin on 15-Feb-2011 00:00

Hi Michael,

/App_Data/ folder should be  in sync, otherwise there might be some issues. In this folder we keep config files that are file storage for some settings like home page Id. If you do not use the proper version of these files you might get wrong/old data.

Regards,
Ivan Dimitrov
the Telerik team

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 15-Feb-2011 00:00

Hi Ivan,

Thank you for getting back to me on this, though I don't believe the answer you gave correctly explains to me the unnecessary files for VCS.

I understand that the config files under Configuration are necessary to stay in sync, but it would be a complete security hole to store sensitive data unencrypted in any VCS; which means that unquestionably the file ~/App_Data/Sitefinity/Configuration/DataConfig.config should not be stored in VCS.

I certainly would not want to store my sitefinity 4 license file in VCS either.

Are there any other files that potentially store credentials?

Along with these, as I suggested in my original post, I believe the folders ~/~, ~/App_Data/Logs, and ~/App_Data/Temp are folders which are dynamically generated and are not necessary to compile and run the project; is this the case or are these folders absolutely necessary to compile and run the project?

Posted by Community Admin on 18-Feb-2011 00:00

Hi Michael,

If you want all users that use Version control systems to work properly with the project you should add the entire solution to source control. You might find this post useful.
http://www.sitefinity.com/devnet/forums/sitefinity-4-x/general-discussions/source-code-control-securityconfig-config-and-azure.aspx

Best wishes,
Ivan Dimitrov
the Telerik team

Vote for the 7 Telerik products at the 2011 Great Indian Developer Awards!

Posted by Community Admin on 18-Feb-2011 00:00

So as it stands all files within the application should be checked into version control.  I do believe this is a bit of a security issue, but I think the way I'll get around it is by checking in a "dummy" version of the DataConfig.config file and tell my VCS to ignore any changes done to that file so that on checkout all files for the project will be available but the DatayConfig.config file will need to be manually updated with the correct database credentials.

Thanks for the help.

This thread is closed