What is Not Versioned

A Git-tracked group folder is designed to be safe to share. You can push it to a public hosting provider, hand it to a new teammate, or attach it to a bug report without stopping to wonder "wait, is there anything sensitive in here?" The Git panel enforces that guarantee by deliberately keeping an explicit list of things out of every commit, even when the rest of the group they belong to is happily versioned.

The Rule, Stated Simply

Everything that describes what a flow or a load-test spec does — the HTTP steps, their assertions, their scripts, their thresholds, their environment layout — is versioned. Everything that contains who you are or how to authenticate as you is not. The rule of thumb is: if a value would give someone else unwanted access if leaked, it is kept out of the repository by design, and only its name or reference is tracked.

This is enforced through a combination of the auto-maintained .gitignore (which the panel keeps in shape on your behalf — see Safety Rails) and by storing sensitive values in places that are not inside the group folder in the first place, such as the operating system's keychain.

What Is Versioned

For a flow group, the tracked content is everything you would expect to see when reviewing a teammate's flow:

  • Flows, their ordered HTTP steps, and the relationships between steps.
  • Variable extractions, pre- and post-step scripts, and flow-level Before All / After All lifecycle scripts.
  • Assertions attached to steps — structure, operators, expected values.
  • The environment layout: which variables exist, what source they pull from, and their plain-text values where plain-text is explicitly chosen.

For a load-test spec group, the same idea applies plus the load-specific pieces:

  • Specs, their ordered steps, and per-test-type configurations (Load / Stress / Spike / Soak / Custom).
  • Thresholds — pass / fail rules on percentile response time, error rate, and throughput.
  • Before All / After All lifecycle scripts and per-step pre- and post-scripts.
  • The spec group's environment layout, same shape as flow-group environments.

What Is Not Versioned

The following categories are explicitly excluded from the tracked tree. None of them are committed even once — not in the first commit, not in any later commit. Cloning the repository on a new machine will leave every one of them blank, which is by design: the new user fills them in with their own values.

  • Authentication credential values: Basic Auth passwords, Bearer token values, API key values, OAuth / OIDC client secrets, and every other secret collected on an Auth tab. What is committed is the metadata — which auth type the step uses, the names of the fields, and any non-secret configuration like endpoint URLs. The secrets themselves are not.
  • OS Secret environment variable values: variables whose source is set to OS Secret are backed by the operating system's keychain. Only their key names and their source type are committed. At run time Tigrister asks the OS for the actual value each time it is needed; the values never pass through the repository.
  • Vault environment variable values: variables whose source is Vault store only the vault reference (the path and the field name) in the tracked file. The actual secret is fetched from the Vault instance at run time with the user's own Vault credentials.
  • Git remote access tokens: every token you enter in the Setup Wizard, in the Clone dialog, in Quick Connect, or in the Token Required dialog is written into the operating system's keychain — never into any tracked configuration. A cloned copy of the repository on another machine starts with no tokens at all.
  • Licence and activation state: your Tigrister licence lives outside the group folder entirely, so it is structurally impossible for the Git panel to commit it. Nothing about your licence is included in any commit.
  • Run outputs and local caches: transient data produced by running flows or load tests — recorded responses, per-run metrics, temporary files — is kept out of the tracked tree. What you share with teammates is the definition, not past run results.

What This Means in Practice

  • Onboarding a teammate: they clone the group, open it in Tigrister, and see the same flows, steps, and assertions you see. Every credential field is empty. They fill in their own token, their own basic-auth password, or connect their own OS Secret / Vault entries — none of which ever travels through Git.
  • Diff reviews are safe: when you look at the diff of an Auth-tab change in the Changes or History section, you see structural changes ("auth type switched from Basic to Bearer"), not the secret values themselves. Pasting a diff into a code review tool does not leak anything.
  • Public repositories are an option: because nothing sensitive is ever committed, publishing a group on a public repository to share it with the open-source community is a deliberate choice rather than a risk audit exercise.
  • Environment switching stays private: the same spec group can point at a staging API for one user and at production for another simply by filling in environment variables with different values — all without ever touching the repository.
Safety RailsBest Practices