GIT-020 critical repo-cleanliness

Proper .gitignore configured

.gitignore covers all standard patterns for the project type

Question to ask

"How confident are you nothing sensitive slips through?"

Verification guide

Severity: Critical

Check .gitignore exists:

ls -la .gitignore

Verify it contains standard patterns for the project type:

For Node/JS/TS projects:

grep -E "(node_modules|dist|build|\.env|coverage)" .gitignore

For Python projects:

grep -E "(__pycache__|\.pyc|\.venv|venv|\.env|\.pytest_cache)" .gitignore

For general:

grep -E "(\.DS_Store|\.env|\.log|tmp)" .gitignore

Cross-reference with what should be ignored:

  • From GIT-016: Test results patterns
  • From GIT-017: .env files (except .env.example)
  • From GIT-019: IDE/editor patterns
  • Dependencies (node_modules, vendor, venv)
  • Build output (dist, build, out)
  • Logs (*.log)

Compare against gitignore.io template for project type:

# Detect project type and compare
# Node: check for package.json
# Python: check for requirements.txt or pyproject.toml

Pass criteria:

  • .gitignore exists
  • Contains appropriate patterns for project type
  • Covers: dependencies, build output, env files, test results, IDE configs

Fail criteria:

  • No .gitignore
  • Missing critical patterns (node_modules, .env, etc.)
  • Project type patterns not covered

Evidence to capture:

  • .gitignore exists (yes/no)
  • Project type detected
  • Critical patterns present/missing
  • Recommended additions

Section

01. Git Repo Setup & Security

Infrastructure & Setup

← Previous

GIT-019

No local engineer settings

 Next →

DEP-001

Dependencies secure and maintained