Putting a file in .gitignore does nothing if git already tracks it. I built a CLI to find the leftovers.
The author developed `gitslip`, a zero-dependency CLI, to identify files that are tracked by Git but are also listed in `.gitignore` rules. This addresses a documented Git behavior where adding a path to `.gitignore` only prevents *untracked* files from being added, doing nothing to files Git already tracks. Consequently, sensitive information like `.env` files, build artifacts, or large log files can remain in a repository, pushed to GitHub, and present in every clone, even after an ignore rule is added. The standard fix involves using `git rm --cached` for each file, but developers often do not notice the issue because `git status` reports a clean working directory, making the file appear ignored. `gitslip` scans the repository to find every tracked file that matches the user's ignore rules and provides the exact commands needed to untrack them. For instance, it might report that `config/secrets.env` is tracked but ignored by `*.env` in `.gitignore:7`, and `logs/app.log` is tracked but ignored by `*.log` in `.gitignore:2`. The tool then suggests `git rm --cached -- config/secrets.env` and `git rm --cached -- logs/app.log` as fixes, which untracks the files while keeping local copies. Users can also opt to have `gitslip` apply these fixes directly using the `gitslip --apply` command.
Developers can inadvertently commit sensitive data or large files that remain tracked despite `.gitignore` rules, leading to potential exposure or repository bloat.