What files should I not check into version control
My development team uses git exclusively for version control (not that it matters) and I was wondering if there are any files that I should ensure do not get pushed to our remote repository? I notice there is some secure information in /App_Data/Sitefinity/Configuration as well as some files that look like they should be regenerated when on other computers such as /App_Data/Sitefinity/Temp and perhaps /~.
Hi Michael,
/App_Data/ folder should be in sync, otherwise there might be some issues. In this folder we keep config files that are file storage for some settings like home page Id. If you do not use the proper version of these files you might get wrong/old data.
Regards,
Ivan Dimitrov
the Telerik team
Hi Ivan,
Thank you for getting back to me on this, though I don't believe the answer you gave correctly explains to me the unnecessary files for VCS.
I understand that the config files under Configuration are necessary to stay in sync, but it would be a complete security hole to store sensitive data unencrypted in any VCS; which means that unquestionably the file ~/App_Data/Sitefinity/Configuration/DataConfig.config should not be stored in VCS.
I certainly would not want to store my sitefinity 4 license file in VCS either.
Are there any other files that potentially store credentials?
Along with these, as I suggested in my original post, I believe the folders ~/~, ~/App_Data/Logs, and ~/App_Data/Temp are folders which are dynamically generated and are not necessary to compile and run the project; is this the case or are these folders absolutely necessary to compile and run the project?
Hi Michael,
If you want all users that use Version control systems to work properly with the project you should add the entire solution to source control. You might find this post useful.
http://www.sitefinity.com/devnet/forums/sitefinity-4-x/general-discussions/source-code-control-securityconfig-config-and-azure.aspx
Best wishes,
Ivan Dimitrov
the Telerik team
So as it stands all files within the application should be checked into version control. I do believe this is a bit of a security issue, but I think the way I'll get around it is by checking in a "dummy" version of the DataConfig.config file and tell my VCS to ignore any changes done to that file so that on checkout all files for the project will be available but the DatayConfig.config file will need to be manually updated with the correct database credentials.
Thanks for the help.