Gitignore Patterns: What to Ignore and Why
Last published April 1, 2026
Table of Contents
Many devs adopt the git add . (yolo, just yeet it all into the commit) workflow. It is fast, simple, and usually correct. But eventually you’ll have files in your repo directory that should never be committed: secrets, generated artifacts, dependency folders, and random local junk. That’s what .gitignore is for.
All the content from our Boot.dev courses are available for free here on the blog. This one is the “Gitignore” chapter of Learn Git. If you want to try the far more immersive version of the course, do check it out!
What Does .gitignore Actually Do?
A .gitignore file tells Git which untracked paths to ignore. For example this file:
node_modules
.env
Tells Git to ignore any untracked node_modules directories and .env files. If you run git status, those paths won’t show up as untracked. If you run git add ., those paths won’t be staged.
Where Should .gitignore Live?
Usually at repo root, but it doesn’t have to.
You can have multiple .gitignore files in subdirectories. A nested .gitignore applies to the folder it’s in and everything below it. So yes, this is valid:
repo/
.gitignore
src/
assets/
.gitignore
Nested ignore files are handy in monorepos or projects where one subtree has different artifact types.
Which .gitignore Patterns Matter Most?
The bread-and-butter patterns:
*.txtwildcard matching/main.pyrooted matching (anchored to the.gitignorelocation)!important.txtnegation (unignore)# commentinline documation that doesn’t affect gitignore behavior
Order matters. Later rules can override earlier ones. For example:
temp/*
!temp/instructions.md
Everything in temp/ is ignored except instructions.md. The ! syntax is a negation pattern that can be used to reinclude specific files or directories that would otherwise be ignored by a previous pattern.
What Should You Ignore in Real Projects?
Good default categories:
- Generated files (build outputs or transpiled files like
dist/,build/,*.class, or a compiled executable) - Dependencies (like
node_modules,venv, or package caches) - Personal/editor-specific files (like
.DS_Store,*.swp, .vscode/, or IDE project files) - Sensitive files (like
.env, secrets, tokens, credentials)
If a file can be recreated from source, or could leak secrets, it probably belongs in .gitignore.
Why Is Git Still Tracking a File After I Ignore It?
One confusing thing to many new developers is that .gitignore doesn’t untrack files that are already committed.
If you previously committed a file, adding it to .gitignore won’t magically remove it from history or tracking. You need to untrack it:
git rm --cached advert.html
Then commit that change. From then on, the ignore rule takes effect for that path.
Is There a “Perfect” .gitignore?
Not really. It depends on your stack and workflow.
Start with common rules, keep it small, and evolve it as the project evolves. Ignore aggressively for generated/sensitive junk, but don’t ignore source files your team actually needs.
Personally, I don’t like starting projects with massive templated .gitignore files because they can contain a lot of entries that aren’t specific to my code. I tend to add ignore rules as I go, which keeps the .gitignore focused on the actual needs of the project. It also stops me from being surprised later when something I thought would be tracked is getting ignored by a pre-populated template.
Frequently Asked Questions
What is a .gitignore file?
A .gitignore file tells Git which files and directories should not be tracked.
Can I have more than one .gitignore file?
Yes. You can use nested .gitignore files, and each one applies to its directory and subdirectories.
What does * mean in .gitignore?
The * wildcard matches any number of characters except a slash, which makes it useful for extension and filename patterns.
Why is git still tracking a file I added to .gitignore?
Because .gitignore only affects untracked files. If the file was already tracked, remove it from tracking with git rm --cached first.
Should I commit .env and passwords files?
No. Sensitive files like .env credentials and password dumps should be ignored and never committed.
Related Articles
Git Rebase: Keep History Linear Without Merge Commits
Apr 01, 2026 by ThePrimeagen - Ex-Netflix engineer, NeoVim ricer, and Git rebaser
If git merge feels noisy, that’s because it can be. Lots of noisy merge commits make history harder to scan, especially when you’re just trying to understand what actually changed. git rebase takes a different approach: instead of creating a merge commit, it replays your branch commits on top of the latest base commit so your history stays clean and linear.
Git Remote: Add Origin, Fetch, and Merge Remote Branches
Apr 01, 2026 by ThePrimeagen - Ex-Netflix engineer, NeoVim ricer, and Git rebaser
Git is distributed, which means your repo and my repo can both be valid “sources of truth”. In practice, teams usually pick one remote as the shared source (often GitHub) and sync local work against it… but that’s just a convention. Let’s dig into how syncing Git repositories to GitHub works, and how that’s just one way to work with Git.
Git Reset: Undo Commits With --soft and --hard
Apr 01, 2026 by ThePrimeagen - Ex-Netflix engineer, NeoVim ricer, and Git rebaser
If you’ve ever made a commit and immediately thought “noooope”, then git reset is what you need. It’s one of the most useful Git commands for undoing work, but it’s also one of the easiest to misuse. The --soft version is usually safe and predictable. The --hard version is powerful and can absolutely nuke your local changes.
GitHub + Git: Push, Pull, and Pull Requests
Apr 01, 2026 by ThePrimeagen - Ex-Netflix engineer, NeoVim ricer, and Git rebaser
Git is the open-source command-line version control tool, and GitHub is basically just a collaboration on top of it. You can absolutely use Git without GitHub, but for most teams, GitHub (or something similar) is where a lot of the collaboration happens. Linus Torvalds created Git, and… well we don’t talk about who owns GitHub these days…