Skip to content

Comments

fix: ensure .env.local is added to .gitignore during install#69

Open
nicknisi wants to merge 1 commit intomainfrom
nicknisi/gitignore-creds
Open

fix: ensure .env.local is added to .gitignore during install#69
nicknisi wants to merge 1 commit intomainfrom
nicknisi/gitignore-creds

Conversation

@nicknisi
Copy link
Member

@nicknisi nicknisi commented Feb 20, 2026

Summary

The AI installer writes secrets (API key, client ID, cookie password) to .env.local before the agent runs. If the user's project doesn't have .env.local in .gitignore, these secrets risk being committed and pushed to a remote repository.

This adds an ensureGitignore() step to env-writer.ts that runs automatically after writing .env.local:

  • Creates .gitignore with .env.local if no .gitignore exists
  • Appends .env.local to existing .gitignore if not already covered
  • No-ops if a covering pattern is already present (.env.local, .env*.local, .env*)
  • Preserves existing .gitignore content — append only, never rewrite

jasonbarry
jasonbarry reviewed Feb 20, 2026
View reviewed changes
src/lib/env-writer.ts
Comment on lines 78 to +80
writeFileSync(envPath, content + '\n');

ensureGitignore(installDir);
Copy link

@jasonbarry jasonbarry Feb 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you think about ensuring the .gitignore before writing to the .env.local? In case something fails or an interrupt occurs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasonbarry jasonbarry jasonbarry left review comments

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nicknisi @jasonbarry