First thing I see: do NOT ignore the composer.lock file, it's bad practice. For the explanation on this, I will refer you to a talk by Jordi Boggiano (creator of composer) on the subject - he can explain it much better than I can.
Here is a sample of the gitignore file I use on my projects. I won't claim that it's perfect, but it will get you started.
@jasonb , @Elimentz the directories under storage all already have the proper .gitignore in them so you don't need to add that to your root .gitignore.
If you add your own folder to storage, then just add a .gitignore in that directory:
@ruhul: the vendor folder contains all project dependencies, these are installed using "composer install" on a fresh project. No need to upload them to git since their version management is not within your project.
On the other hand, if you gitignore the vendor folder, you won't be able to use Git for deployment (push to your server to update your website) because you will have to install and run composer on your server, which might not be optimal, or even allowed on some hosting servers.
Plus, if some repository suddenly goes away from the Internet or is modified or corrupted (it happens) then you won't be able to run your project anymore.
@tobia I understand what you're saying but i would strongly recommend you do not use git for deployments. Git is a versioning tool and not a deploy tool.
There are a lot of tools which are better suited for deployment. I myself use Ansible for server provisioning and environment deploys.
Git should be used for what it is build for.. versioning. And you do not want to version 3rd party packages (aka vendor folder) or anything else that is useless to version (like compiled files etc...)
I don't ignore my Vendor folder. Since I use Laravel Forge, it's nice to be able to push to a git repo then have Forge pull in the changes for me to update my website.
I am seeing a lot of comments directing 'good idea' at using git for deployment, and checking in binaries and vendors... No one can stop you, but this is bad practice and will catch up with you, if not in the project, somewhere else. Really listen to advice for a bit.
vendors, ignored. That's why deployment tools do composer install for you, even heroku.
I created this account specifically to post this because it's very important: @marlonZA Is correct. It WILL catch up to you eventually; please stop the violence and don't commit binaries and vendors.
I worked at a shop where our VCS was very ad-hoc and had people committing binaries, NuGet packages (C#'s version of Composer), logs etc... Our 15-project repository was ~120GB in 2-3 years. Backups took 6-8 hours because of the sheer number of files to be backed up, no one knew where anything was and training 6-8 people on "Don't commit vendors and binaries" was an absolute nightmare. Don't do it!
@tobia But still, one should not upload the vendor folder for deployment. You can create a git hook for an automatic pull request on the server and automatically run composer. Installing composer on your server should not be an obstacle since you only need to upload a file to the server.
Why vendor is in gitignore as default? When you run composer update on local machine and after commit changes remote/production goes down, becouse dependencies is missing. Isnt better way to stay safe with auto deploy (via pipelines ..) with vendor folder on git?
I try add to my post-recieve hook and i see what happens on next push
@Marlon-Kokoro Laravel projects come with a .gitignore file containing the files that should be ignored by Git. There was also no need to bump a thread that is literally a decade old.
