feat: verify .netlify doesn't contain sensitive information
#2039
Labels
area: command: build
area: command: init
area: command: link
type: feature
code contributing to the implementation of a feature and/or user facing functionality
Comments
erezrokah
added
type: feature
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Per this comment
.netlifycan contain sensitive information.At the moment we have under that folder:
state.jsonwith the linked site id.netlify/plugins(after runningnetlify build).netlify/functions(after runningnetlify build)None of these is sensitive, but they still should not be committed to the repo.
We should verify the statement in #506 (comment) is still true, and find a better way to prevent users from committing sensitive information as users can also manually update
.gitignore.Describe the solution you'd like
If we do plan to save sensitive I don't think we should have under a folder that can be committed by mistake.
The solution might be verifying we don't save sensitive information under
.netlifyat the moment and prevent future code changes from doing so.Describe alternatives you've considered
N/A
Additional context
#2029 (comment)
Can you submit a pull request?
Yes
The text was updated successfully, but these errors were encountered: