Is it safe to share .git folder of a public repo?



  • Say I cloned a repo, then maybe worked on it a bit. Then I reverted/pushed all changes, so my friend has all the repo files. Is it safe for me to send him the .git folder? Is there any private information there, such as my username, my email, command history, or perhaps some secrets?



  • The contents of your .git repository may contain loose objects that you may not want to share (e.g. something you committed but changed your mind and deleted/amended), so there is no definite "yes, this is safe."

    A better way to share git repositories offline is to create a bundle file and send that to your friend, e.g.:

    git bundle create /tmp/myrepo.bundle --all
    

    Then you can send myrepo.bundle to your friend and they can clone from it like they would from any remote:

    git clone myrepo.bundle 
    

    That would be a better way to make sure that you're not sharing loose objects that aren't intended to be seen by others.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2