A while ago, we've pushed some app.settings
files containing sensitive data such as connection strings.
That was long time ago and since then we've removed (by pushing new versions) which don't contains the sensitive data.
However , If someone will try to see app.settings
's history - he will see the connection strings.
Question
How can I make the passwords not to be there even with history lookup.
Also- I don't want to see that connection strings
has been removed compared the one commit after.
Clarification: I don't want to remove the file , only few lines.
Visualization:
2017 - commit - connectionstring=***,***
2018 - commit - removed connectionstring=***,***
2019 - histroy of commits , I will see the sensitive data.
I want to delete 2017's sensitive lines and I dont want to see that 2018 now has few lines less (the sensitive data , will be displayed in diff imho) .
If you commit sensitive data, such as a password or SSH key into a Git repository, you can remove it from the history. To entirely remove unwanted files from a repository's history you can use either the git filter-repo tool or the BFG Repo-Cleaner open source tool.
To remove the last commit from git, you can simply run git reset --hard HEAD^ If you are removing multiple commits from the top, you can run git reset --hard HEAD~2 to remove the last two commits. You can increase the number to remove even more commits.
This is a classic case described in GitHub help page "Removing sensitive data from a repository".
As commented, it will involve rewriting, and then force pushing the entire history of the Git repository.
But considering the distributed nature of Git, other might already have cloned the (old version of) your repository.
Which means the main advice is: first and foremost, change your connection credentials now.
Make sure that old versioned sensitive data is no longer sensitive.
Then you can worry about cleaning up the history of your repository.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With