You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36 lines
1.6 KiB
36 lines
1.6 KiB
---
|
|
date: 2026-03-28
|
|
title: "Remove .env from tracking — report"
|
|
---
|
|
|
|
Summary
|
|
-------
|
|
|
|
I removed `.env` from the repository index and added it to `.gitignore` to prevent accidental future commits. This was a non-destructive, forward-facing change — the repository history still contains prior commits that touched `.env`.
|
|
|
|
What I ran
|
|
-----------
|
|
|
|
- git rm --cached .env
|
|
- ensured `.gitignore` contains `.env`
|
|
- committed the change: chore(secrets): stop tracking .env and add to .gitignore
|
|
|
|
Commits that referenced .env
|
|
----------------------------
|
|
|
|
These commits touched `.env` in the repository history (from git log --all -- .env):
|
|
|
|
- 35f4667 2026-03-28 Sven Geboers chore(secrets): stop tracking .env and add to .gitignore
|
|
- 3551a82 2026-03-21 Sven Geboers feat(analysis): add 2D political compass and 2D trajectories
|
|
|
|
Notes
|
|
-----
|
|
|
|
- The `.env` file was removed from the index but remains in historical commits. If you need to remove it from history, we can perform a history rewrite (git-filter-repo or BFG) and force-push; this is destructive and requires coordination.
|
|
- I created a CI guard to fail builds if a `.env` file is present in the repository root (see .github/workflows/forbid-env.yml). This prevents accidental re-adding via pushes/PRs.
|
|
|
|
Next steps (recommended)
|
|
------------------------
|
|
|
|
1. Rotate secrets that might have been in `.env` (see the secrets-rotation checklist next). This is mandatory if those keys were used anywhere publicly or in shared CI.
|
|
2. If you require history purge, reply confirming and I'll prepare a filter-repo run and the exact force-push sequence.
|
|
|