哪個目錄初始化git repo


1

我剛開始使用Git。我將進行PHP開發,並且想知道是否應該在服務器根文件夾或硬盤驅動器上的任何目錄中初始化存儲庫,然後將更改發佈到服務器根目錄。優點/缺點是否真的重要?

目前,這只是為了跟踪我正在做的個人項目,但是有關最佳實踐,個人喜好/經驗,有無為的任何反饋將不勝感激。

3

Putting your source control files in the deployed directory runs the risk of exposing those files and their complete history. This is potentially a bad thing (do you have passwords in these files? Are the files themselves important to not let leak?)

One could try to staunch this by putting a .htaccess to restrict raw access to .git files from a web browser:

RedirectMatch 404 "(?:.*)/(?:\.git|file_or_dir)(?:/.*)?$"

However, this only restricts files that way - it doesn't prevent someone from passing in something to poorly coded php that accesses those files.

The best way to avoid this is to keep the git repository well away from the production code itself.

If you specify a working tree (your production area) to be different then the git files are well away from prying eyes. This can be done with the environment variable GIT_WORK_TREE.

Related: