Problem
The install command creates a .code-review-graph/ directory containing an SQLite database with the full structural map of the codebase (functions, classes, call graphs, imports, inheritance). However, it never adds this directory to .gitignore.
Impact
- A developer running
git add . or using a GUI git client will accidentally commit the database
- The SQLite DB exposes the full architecture of the codebase — function names, class hierarchies, inter-module dependencies — even if the source files themselves are private
- For monorepos or shared team repos, this could leak internal structure to anyone with repo access
Note
Issue #157 ("Auto ignore gitignored paths") is a related but different request — it's about skipping gitignored files during indexing. This issue is specifically about the DB itself being committed accidentally.
Suggested Fix
During install, automatically append .code-review-graph/ to the project's .gitignore (creating one if it doesn't exist). Print a message confirming this was done so the user is aware.
# Added by code-review-graph
.code-review-graph/
Problem
The
installcommand creates a.code-review-graph/directory containing an SQLite database with the full structural map of the codebase (functions, classes, call graphs, imports, inheritance). However, it never adds this directory to.gitignore.Impact
git add .or using a GUI git client will accidentally commit the databaseNote
Issue #157 ("Auto ignore gitignored paths") is a related but different request — it's about skipping gitignored files during indexing. This issue is specifically about the DB itself being committed accidentally.
Suggested Fix
During
install, automatically append.code-review-graph/to the project's.gitignore(creating one if it doesn't exist). Print a message confirming this was done so the user is aware.