Vulnerability in EPiServer.Forms
I installed the following nuget package: EpiServer.Marketing.Testing
This places a zip file with 172 KB in: C:\EPiServer\project-episerver-backend\Project\Project.Site\modules\_protected\EPiServer.Marketing.Testing
However when I try to push the changes to our Atlassian hosted git bitbucket the Control Freak rules do not allow zip files.
Is there an alternative way to install such a nuget package? Such as unzipping it and placing the contents somewhere?
And if yes, does this break any future automatic updating of this package?
Not that I'm aware of. I usually check in those addon zip files to make it easy to get project up n running.
The drawback is of course large files in GIT which is...frowned upon. But no rules without exceptions right!? :)
You could skip the whole _modules folder from Git.
But everyone who downloads the repo from scratch, needs to force-install the NuGet packages. This way all the zip files will be placed in the _modules folder.
Second what Stefan is saying. You would need to run
to make sure packages are reinstalled and files copied.
I'm guessing you're the same person who posted this question on StackOverflow: https://stackoverflow.com/questions/63336727/git-error-message-filetype-not-allowed-or-file-too-large
Thank you all for the feedback. As we are several developers in the team, and already the _modules folder is checked in, I would be worried/reluctant to take it out of our Git repo after the fact. My first plan of action will be to check with our Bitbucket admins whether they can change the Control Freak settings for our project.
I have since spoken to other devs in the team, and the general consensus is to have git ignore the modules folder and its contents as has been suggested here.
What I am unsure about is the syntax in the gitignore file.
I tried adding this to the gitignore file but it didnt seem to have any effect: modules/
Do I need to have the relative path to the gitignore file? So project.site/modules/ ?