Should I commit configuration parameters?

tl;dr: no.

But we have a bit more to say about it and we hope you may find our tips useful. We’ll start from things that are so bad you should NEVER EVER do it to other things that are more gently discouraged.

How to deal with configuration parameters

When talking about parameters, we refer mostly to urls and credentials for backend, database, mailer, other external services.

First, ABSOLUTELY DO NOT write any configuration parameter within your code where it is actually used. Any relevant parameter should be at the very least stored in a single central place and you should use constants and/or variables to access them in the code. Simplest way to do that in a PHP / JS project is a config file that is then required / included / injected in some way.

DO NOT commit that configuration file. While the previous tip was about keeping your code clean and easily adaptable to local / stage / production environments, this tip is about security. True, most of the repositories you’ll be working on are private anyway, but maybe not anyone who works on the code should have write access to the production database, mmh?

PREFERABLY DO NOT mix configuration parameters and environment parameters. Database credentials should probably change between local, stage and production environments, while the default number of items in any CRUD list will not change.
You may still want to have some global settings for the application, but you can set those in the entry point or use a different file that you can safely commit. In a Symfony application this distinction is very clear and built in, but you can do the same in any other PHP application. We like using class constants, appropriately set to public or private depending on the usage of that setting.

PREFERABLY DO write a configuration template, e.g. a file where all available / required environment parameters are listed with dummy / default values. That will make it easier to setup a new instance, as you can immediately see what needs to be configured first. Those file are often marked as .dist (as in config.dist.php, env.dist, and so on).

And finally

ABSOLUTELY DO get in touch if you’d like to either:

learn more about it
have us show you how to do that
have us help you take care of your project(s)

Foto di Belinda Fewings su Unsplash