tags:

views:

1926

answers:

24
+36  Q: 

What should NOT be under source control?

It would be nice to have a more or less complete list over what files and/or directories that shouldn't (in most cases) be under source control. What do you think should be excluded?

Suggestion so far:

In general

  • Config files with sensitive information (passwords, private keys etc.)
  • Thumbs.db, .DS_Store and desktop.ini
  • Editor backups: *~ (emacs)
  • Generated files (for instance DoxyGen output)

C#

  • bin\*
  • obj\*
  • *.exe

Visual Studio

  • *.suo
  • *.ncb
  • *.user
  • *.aps
  • *.cachefile
  • *.backup
  • _UpgradeReport_Files

Java

  • *.class

Eclipse

I don't know, and this is what I'm looking for right now :-)

Python

  • *.pyc

Temporary files - .*.sw? - *~

+2  A: 

Config files that contain passwords or any other sensitive information.

John Hyland  2009-08-13 18:59:21
+15  A: 

OS specific files, generated by their file browsers such as Thumbs.db and .DS_Store

pgb  2009-08-13 19:00:59
+10  A: 

files that get built should not be checked in

pmeerw  2009-08-13 19:01:16
Except if you are deploying them for release. For example, our wix project builds an MSI file, and even though we tag all of our source code and tools (3rd party or otherwise) it's very useful, sometimes critical to have the MSI stored in our repository along with the code. Sure you could back it up somewhere else, but my question would be why?
Si  2009-08-14 00:40:45
Agreed, our CRUD partial classes are checked in to comply with SOX laws.
IPX Ares  2009-08-14 00:51:55
Answer too generic. OP asking for *which* files specifically.
MGOwen  2009-08-17 01:54:14
+35  A: 

Anything that is generated. Binary, bytecode, code/documents generated from XML.

From my commenters, exclude:

  • Anything generated by the build, including code documentations (doxygen, javadoc, pydoc, etc.)

But include:

  • 3rd party libraries that you don't have the source for OR don't build.

FWIW, at my work for a very large project, we have the following under ClearCase:

  • All original code
  • Qt source AND built debug/release
  • (Terribly outdated) specs

We do not have built modules for our software. A complete binary is distributed every couple weeks with the latest updates.

Corey D  2009-08-13 19:01:18
JavaDoc/Doxygen/etc output is included in this.
Thomas Owens  2009-08-13 19:03:59
It may be very useful though. Consider a big repository, with many files shared accross multiple application. If I decide to work on one of this app, I'll need to recompile everything once, before my fix is compiled. It could take a long time unless someone provide me the object file package. The repository could provide all of them.
yves Baumes  2009-08-13 20:04:06
@yves: but then if you have both compiled and source versions of the same thing, they could get out of sync. What if someone updates some code and checks it in, but forgets to compile it? You could be using stale compiled code from the repository and it could lead to mysterious bugs. If compiling time is such a big issue, you could have a separate store for compiled object files.
David Zaslavsky  2009-08-13 20:15:48
@David: true.But you know , people have to be responsible about what they do. For isntance, on a normal respository (without object files) they must not forget to commit every single source files they modified, otherwise it could break the build
yves Baumes  2009-08-13 20:23:56
source control is to hold and track revisions of "source". Putting compiled files on source control may speed up a situation but can cause confusion in multi-user environments and cause more troubleshooting problems then it's worth.
Nick  2009-08-13 20:44:17
You should change this to say anything that is going to be generated by the build. The output of a T4 Template will probably not be generated by the build, and so should be checked in.
John Saunders  2009-08-13 23:21:07
Files that are generated by specialist tools are an exception: http://stackoverflow.com/questions/1273921/what-should-not-be-under-source-control/1275259#1275259.
Paul Biggar  2009-08-13 23:40:14
This answer is very obvious, of course it's the temp/autogenerated stuff. *Which* files commonly fall into this category?
MGOwen  2009-08-13 23:57:39
Actually, it's quite legitimate to also put third party libraries under source control especially if you don't have the sources for them.
Matt H  2009-08-14 00:15:58
You need to qualify your answer a bit further! I agree with Matt, binary third party dependencies are definitely important to put in source control.
Ash  2009-08-14 02:40:06
+1  A: 

Temp files, config for anything other than global development and sensitive information

Mr. Matt  2009-08-13 19:01:45
Config files that are specific to your environment, ie. when using ANT, the build script is under source control, but properties files loaded by the script are not
Ryan McIlmoyl  2009-08-13 19:32:13
+5  A: 

Temp files from editors.

.*.sw?
*~

etc.

John Hyland  2009-08-13 19:01:48
This should be in a global ignore list, not necessarily a per repository ignore list.
Brad Gilbert  2009-08-13 19:43:19
Not to say that it couldn't also be in a per repository ignore list.
Brad Gilbert  2009-08-13 19:43:51
Sure, I completely agree (they're in my global .gitignore file, in fact). The question doesn't seem specific to per-repository ignore lists, though, or did I miss something?
John Hyland  2009-12-17 15:59:45
+4  A: 

Anything that can be generated by the IDE, build process or binary executable process.

LiraNuna  2009-08-13 19:01:59
What about things that can be generated, but are **not** generated? The output of running one of the single file generator "custom tools" is only generated when requested, or when the source document changes. It will not be generated by the build.
John Saunders  2009-08-13 23:22:56
'or binary executable process' - includes Doxygen output and the like.
LiraNuna  2009-08-15 00:25:49
@John: If the custom tools are generated every time there's a checkin, I'm not sure there's a savings over generating at request. If they aren't, there's a danger of stale tools. I wouldn't want to have them checked in.
David Thornley  2009-08-20 17:58:16
A: 

Whatever the language :

  • cache files
  • generally, imported files should not either (like images uploaded by users, on a web application)
  • temporary files ; even the ones generated by your OS (like thumbs.db under windows) or IDE
  • config files with passwords ? Depends on who has access to the repository

And for those who don't know about it : svn:ignore is great!

Pascal MARTIN  2009-08-13 19:02:49
I'm editing my git-ignore list, and that's why I came up with this question. :-)
l3dx  2009-08-13 19:05:05
should have guessed it :-D
Pascal MARTIN  2009-08-13 19:07:17
Note that if your editing .gitignore, you might want to expand your question to 'what goes in a project's .gitignore, and what belongs in my global .gitignore?' For example, you probably want *~ to be globally ignored, since backups generated by your editor are in no way related to your project.
William Pursell  2009-08-13 20:26:10
I'm not only interested in .gitignore :) I use other SCM systems as well, and just started searching for a list of commnon files to exclude
l3dx  2009-08-14 06:04:48
+3  A: 

Actual config files such a web.config in asp.net because people can have different settings. Usually the way I handle this is by having a web.config.template that is on SVN. People get it, make the changes they want and rename it as web.config.

Aside from this and what you said, be careful of sensitive files containing passwords (for instance).

Avoid all the annoying files generated by Windows (thumb) or Mac OS (.ds_store)

marcgg  2009-08-13 19:05:26
+10  A: 

Some other Visual Studio typical files/folders are

*.cachefile 
*.backup 
_UpgradeReport_Files

My tortoise global ignore pattern for example looks like this

bin obj *.suo *.user *.cachefile *.backup _UpgradeReport_Files
wroks  2009-08-13 19:05:51
This is a much more useful answer than "anything generated". Upvoted.
MGOwen  2009-08-14 00:00:16
+7  A: 

Like Corey D has said anything that is generated, specifically anything that is generated by the build process and development environment are good candidates. For instance:

  • Binaries and installers
  • Bytecode and archives
  • Documents generated from XML and code
  • Code generated by templates and code generators
  • IDE settings files
  • Backup files generated by your IDE or editor

Some exceptions to the above could be:

  • Images and video
  • Third party libraries
  • Team specific IDE settings files

Take third party libraries, if you need to ship or your build depends on a third party library it wouldn't be unreasonable to put it under source control, especially if you don't have the source. Also consider some source control systems aren't very efficient at storing binary blobs and you probably will not be able to take advantage of the systems diff tools for those files.

Paul also makes a great comment about generated files and you should check out his answer:

Basically, if you can't reasonably expect a developer to have the exact version of the exact tool they need, there is a case for putting the generated files in version control.

With all that being said ultimately you'll need to consider what you put under source control on a case by case basis. Defining a hard list of what and what not to put under it will only work for some and only probably for so long. And of course the more files you add to source control the longer it will take to update your working copy.

Jonathon Watney  2009-08-13 19:08:01
Sometimes you build third party libraries from their source, in which case you probably don't check in the binaries. But if you don't build from source, then by all means, check in the binaries.
JeffH  2009-08-13 19:12:18
+1 By all means if you can build third party libraries from source then go for it.
Jonathon Watney  2009-08-13 19:18:55
Seems simple to me. If you generate the images and libraries and whatever from what is under version control, don't check them in. If you don't, then at least consider checking them in.
David Thornley  2009-08-13 19:34:33
In two of your cases, they should be checked in unless generated by the build: "Documents generated from XML and code", and "Code generated by templates and code generators".
John Saunders  2009-08-13 23:24:33
@John: Even in those cases, there are exceptions. See http://stackoverflow.com/questions/1273921/what-should-not-be-under-source-control/1275259#1275259.
Paul Biggar  2009-08-13 23:39:21
A: 

Things that don't go into source control come in 3 classes

  1. Things totally unrelated to the project (obviously)
  2. Things that can be found on installation media, and are never changed (eg: 3rd-party APIs).
  3. Things that can be mechanically generated, via your build process, from things that are in source control (or from things in class 2).
T.E.D.  2009-08-13 19:21:35
We check in 3rd party JARs so that when we go back to a previous version in the repository, we have the JARs that were distributed with that version of the software.
Thomas Owens  2009-08-13 19:24:20
Yeah, I'm going to have to disagree with #2.
Imagist  2009-08-13 20:01:20
I don't agree with point 3 in all cases, see http://stackoverflow.com/questions/1273921/what-should-not-be-under-source-control/1275259#1275259.
Paul Biggar  2009-08-13 23:38:11
@Thomas: If you can keep the installer for those JARs, you should just keep that around instead. If you can't, then it doesn't violate #2.
T.E.D.  2009-08-14 13:47:31
+2  A: 

*.bak produced by WinMerge.

280Z28  2009-08-13 19:23:08
A: 

What do people think about *.designer.cs files that are generated for webforms in ASP.NET?

jeffesp  2009-08-13 19:33:30
You have to have those. That's where all of the property values are stored.
David  2009-08-13 19:37:59
I was wondering the same thing, because all the high voted answers are "nothing that's generated", but designer files I ALWAYS put into the repository, so maybe they're the exception to the exception =P
Joseph  2009-08-13 20:11:50
I understand you have to have them, but as Joseph says, they are autogenerated...
jeffesp  2009-08-13 21:23:30
@jeffesp: No, that's not true. they are not autogenerated. They are updated by the designer as you change properties through the designer. In effect, the designer is persisting the component properties, not as XML or something, but as code. These are actually _source_ documents. If the designer persisted as XML and _then_ generated code from the XML, you would check in the XML and not the code. In this case, the .designer.cs files play both roles.
John Saunders  2009-08-13 23:30:24
The difference is they are generated before compile time, rather than during compile time.
Frank Schwieterman  2009-08-13 23:38:31
No. They are not "generated" at all. They are the design-time properties of the controls, persisted. Instead of being persisted to an XML file, they are persisted as code.
John Saunders  2009-08-14 06:22:27
If they are not 'generated' why do they all say "This code was generated by a tool." I understand all the issues here, I am just trying to talk about this a little. From the debate here, you would think I had suggested that we not checkin some of the LINQ-to-SQL files because they are auto generated as well. :) I like Frank Schwieterman's explanation here best.
jeffesp  2009-08-14 19:24:51
"Generated by a tool" must mean that a human didn't type the code. In the context of this discussion, I think "generated" means "will be created by the build". In that context, a .designer.cs file is not "generated" in the sense that it is not created by the build. Same with the output from a T4 template, unless you put special stuff in the build to force the template to be reevaluated.
John Saunders  2009-08-14 21:45:30
+2  A: 

additionally:

Visual Studio

  • *.ncb
ufukgun  2009-08-13 21:20:06
+3  A: 

I would approach the problem a different way; what things should be included in source control? You should only source control those files that:

  • ( need revision history OR are created outside of your build but are part of the build, install, or media ) AND
  • can't be generated by the build process you control AND
  • are common to all users that build the product (no user config)

The list includes things like:

  • source files
  • make, project, and solution files
  • other build tool configuration files (not user related)
  • 3rd party libraries
  • pre-built files that go on the media like PDFs & documents
  • documentation
  • images, videos, sounds
  • description files like WSDL, XSL

Sometimes a build output can be a build input. For example, an obfuscation rename file may be an output and an input to keep the same renaming scheme. In this case, use the checked-in file as the build input and put the output in a different file. After the build, check out the input file and copy the output file into it and check it in.

The problem with using an exclusion list is that you will never know all the right exclusions and might end up source controlling something that shouldn't be source controlled.

EdmundG  2009-08-13 21:27:09
+4  A: 

desktop.ini is another windows file I've seen sneak in.

Jason Berry  2009-08-13 23:32:45
+4  A: 

An exception:

4 or 5 different answers have said that generated files should not go under source control. Thats not quite true.

Files generated by specialist tools may belong in source control, especially if particular versions of those tools are necessary.

Examples:

  • parsers generated by bison/yacc/antlr,
  • autotools files such as configure or Makefile.in, created by autoconf, automake, libtool etc,
  • translation or localization files,
  • files may be generated by expensive tools, and it might be cheaper to only install them on a few machines.

Basically, if you can't reasonably expect a developer to have the exact version of the exact tool they need, there is a case for putting the generated files in version control.

This exception is discussed by the svn guys in their best practices talk.

Paul Biggar  2009-08-13 23:33:20
you can't, but you _definitely_ should. Having different versions of development tools in your team is a good first step toward madness.
Stefano Borini  2009-08-13 23:37:52
@Stefano: Well, consider an open source project, where the particular version of bison the developer has installed varies depending on the distribution. In fact, our autotools files randomly get regenerated at times.
Paul Biggar  2009-08-14 00:20:50
@Paul: this is a potential source of hard-to-find, hard-to-reproduce bugs. Of course I am a bit extremist (slight differences oftentimes are irrelevant), but you should strive for a uniform, well defined development environment and runtime.
Stefano Borini  2009-08-14 12:33:48
@Stefano: It is a source of random bugs if its **not** in source control. Because configure and Makefile.in are in source control, we can see when they get regenerated, and *avoid* random bugs.There are many cases where you simply cannot mandate the tools the developer uses, as much as you'd like to.
Paul Biggar  2009-08-14 12:52:21
An example of tools on a few machines is often the FPGA tools (for chip design) aren't on the software team's machine.
Brian Carlton  2009-10-30 20:30:04
A: 

If you have a runtime environment for your code (e.g. dependency libraries, specific compiler versions etc.) do not put the packages into the source control. My approach is brutal, but effective. I commit a makefile, whose role is to downloads (via wget) the stuff, unpack it, and build my runtime environment.

Stefano Borini  2009-08-13 23:35:37
A: 

I have a particular .c file that does not go in source control.

The rule is nothing in source control that is generated during the build process.

The only known exception is if a tool requires an older version of itself to build (bootstrap problem). In that case you will need a known good bootstrap copy in source control so you can build from blank.

Joshua  2009-08-13 23:43:45
A: 

The best way I've found to think about it is as follows:

Pretend you've got a brand-new, store-bought computer. You install the OS and updates; you install all your development tools including the source control client; you create an empty directory to be the root of your local sources; you do a "get latest" or whatever your source control system calls it to fetch out clean copies of the release you want to build; you then run the build (fetched from source control), and everything builds.

This thought process tells you why certain files have to be in source control: all of those necessary for the build to work on a clean system. This includes .designer.cs files, the outputs of T4 templates, and any other artifact that the build will not create.

John Saunders  2009-08-14 21:54:06
A: 

Going out on a limb here, but I believe that if you use task lists in Visual Studio, they are kept in the .suo file. This may not be a reason to keep them in source control, but it is a reason to keep a backup somewhere, just in case...

Benjol  2009-11-27 21:57:28
+1  A: 

Porn video definitely shouldn't be in the repo.

No, really, I've seen it once :)

Fedyashev Nikita  2009-11-27 22:12:37
+1  A: 

Opinion: everything can be in source control, if you need to, unless it brings significant repository overhead such as frequently changing or large blobs.

3rd party binaries, hard-to-generate (in terms of time) generated files to speed up your deployment process, all are ok.

The main purpose of source control is to match one coherent system state to a revision number. If it would be possible, I'd freeze the entire universe with the code - build tools and the target operating system.

Pavel Radzivilovsky  2009-12-21 08:12:16

related questions

How to transition to Functional Programming
List of the top Programming "shows"
How to contribute code back to an Open Source project?
What is Test Driven Development (TDD)?
pass by reference or pass by value?
Could you recommend a good free project hosting website?
Writing A "Conway's Game of Life" Program
Learning to write a compiler
How can I modify .xfdl files? (Update #1)
Followup: "Sorting" colors by distinctiveness
Followup: Finding an accurate "distance" between colors
Windows Help files - what are the options?
A little diversion into floating point (im)precision, part 1
Internationalization in your projects
Efficiently get sorted sums of a sorted list
Format string to title case
GUI Programming APIs
Using combinations of sets as test data
What books would you recommend for a beginning Software Developer?
The Definitive Guide To Website Authentication
What is your solution to the FizzBuzz problem?
Generate list of all possible permutations of a string
When to use unsigned values over signed ones?
Function for creating color wheels
Fastest way to get value of pi