Is the ID for a site in Netlify private? I’m assuming not but wanting to verify so that I can check in the my .netlify
folder (which contains my site ID) to source control.
hm, what do you mean by private, exactly? sensitive? no, it is part of the URL to your site. Can you explain a bit more what you mean?
Sensitive yes. And I don’t mean the site name, I mean the api id. This is what gets included in the state.json
file inside of my project locally so that running netlify dev
knows what site to connect to.
That make sense?
Out of curiosity why would I ignore it? The only thing in there is the project id…
Hi, @jamesqquick, the reason is because it isn’t intended to be tracked in source control. This is similar to the node_modules
subdirectory for a node apps dependencies. Can you submit node_modules
to source control? Yes. Should you? Probably not.
The .netlify
subdirectory is intended to hold settings for the Netlify CLI tool. Those settings are intended to be directory specific and not repo specific.
By “directory specifc” I mean that you can make six clones of a repo (to six different local directories) and link each local directory to a different Netlify site. One repo but six sites. This is a common setup with sites using a monorepo structure
However, if you were to include the .netlify
subdirectory in the repo itself, then this would overwrite the local settings for the local directories and unlink Netlify CLI from the intended site. With the .netlify
subdirectory in git, Netlify CLI will have the local setting overwritten by whatever is committed to the repo.
So, as a summary, there is the limitation I mention above and it could break other things in the future if something else gets stored there later. You can include it in the repo if you want to but please keep in mind that this is not intended or supported.
Just to be clear, is the consensus then here that the netlify site ID is not considered sensitive information? Like if I tweeted my netlify site id, e.g. abcd1234-xy12-zz22-aa11-efgh67890000
there’s nothing necessarily wrong about that?
Yep it’s not sensitive information.