For security reason I can't put a file in .gitignore, but so often I just do git add .. Now what I do is just copy the file into my private notepad, reusing it so that I don't push it to my repo. Is there any better solution than that?

CodePudding user response：

You can Ignore local changes to tracked files: git update-index --assume-unchanged file.txt.

A question similar to yours was asked before on another thread, maybe something else here can help you if the above solution doesn't do the work: How do you make Git ignore files without using .gitignore?

Or this other link has information that can be useful: Exlude files from git commit

Alternatively, if you're using GitHub and don't mind using the desktop application you can just unselect the file you don't want to commit and then push everything, instead of doing everything on the console/terminal. But I know not many people like this approach, so... just another solution.

CodePudding user response：

The best solution if you can is to have the actual key outside of the repository:

• no .gitignore needed,
• no git update-index --assume-unchanged file.txt. trickery,
• no add/commit/push by mistake possible of the sensitive file.

You would reference that external file either through:

• a program modification to look for the file throughv a relative path (../secret_file),
• or through a symlink (which can be versioned), again referencing as a target a relative path (../secret_file)