From 7b9f33763cdac48df65d88923a8ac74a84bbe77a Mon Sep 17 00:00:00 2001 From: Ben Bodenmiller Date: Thu, 10 Jul 2014 08:38:21 -0700 Subject: [PATCH 1/2] Clarify what commenting *.pubxml does https://github.com/github/gitignore/commit/08def965cd1c0241a7cffbe7c26a74b3cab61243 incorrect states that commenting *.pubxml will keep your passwords hidden when it will actually do the opposite. This clarifies what commenting *.pubxml does and warns you of the dangers. --- VisualStudio.gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/VisualStudio.gitignore b/VisualStudio.gitignore index 296b6c4e..b1931b38 100644 --- a/VisualStudio.gitignore +++ b/VisualStudio.gitignore @@ -125,7 +125,8 @@ publish/ # Publish Web Output *.[Pp]ublish.xml *.azurePubxml -# TODO: Comment out the next line if you want to keep your passwords hidden +# TODO: Comment the next line if you want to checkin your +# web deploy settings but any saved passwords will be unencrypted *.pubxml # NuGet Packages From 279936d8eb91db6b863cab4e1c35c424400e4e95 Mon Sep 17 00:00:00 2001 From: Ben Bodenmiller Date: Thu, 10 Jul 2014 14:02:18 -0700 Subject: [PATCH 2/2] database connection strings unencrypted user passwords are stored in *.user files so it is only database connection strings that are not protected. --- VisualStudio.gitignore | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/VisualStudio.gitignore b/VisualStudio.gitignore index b1931b38..5b4334f5 100644 --- a/VisualStudio.gitignore +++ b/VisualStudio.gitignore @@ -125,8 +125,8 @@ publish/ # Publish Web Output *.[Pp]ublish.xml *.azurePubxml -# TODO: Comment the next line if you want to checkin your -# web deploy settings but any saved passwords will be unencrypted +# TODO: Comment the next line if you want to checkin your web deploy settings +# but database connection strings (with potential passwords) will be unencrypted *.pubxml # NuGet Packages