0

This might sound like duplicate, but my problem is a bit more complicated than the already answered ones. I regretably did a few very wrong choices and don't know how to get out of the current state of things.

Note that all of my changes are'nt pushed and are only local

In my Java webapp, I connect to a database and have the credentials (including password) for that hardcoded in my source code. I wasn't dumb enough to commit the file with the password, I actually commited a file where it said in the comment //enter your credentials here and after entering the real password I ran git update-index --assume-unchanged. Before pushing my progress I wanted to make sure the password really didn't remain anywhere, so using gitk I searched the password in various commits and found out it is visible in (multiple) .../.metadata/.plugins/org.eclipse.coore.resources/.history/ ... files.

It's even worse than that though. The /.history files were only in commits of my master branch. I'm now working inside my devel branch. Dumb as I was, i tried to remove the bad files using the git rm --cached command, but in my devel branch. As a result, the password is now visible also in devel's commit history and also I'm unable to checkout into master, because every time I try to do that, I get an error saying The following untracked working tree files would be overwritten by checkout: <the name of the file I tried to remove>.

What do I do to remove all commit history that includes the sensitive data before pushing (I would really like not to push the data, because that will go to a public github repository)

Again, note that all of this was commited locally and that the remote repo is still empty. If there was a way I could delete all commit history and both branches and commit my progress in a single master commit, I'd be good with even such solution, i feel quite helpless right now.

skw
  • 516
  • 7
  • 19
martin k.
  • 156
  • 3
  • 15
  • 1
    How about: Copy all your source code and resources to a backup folder (use Windows Explorer or `cp`, do not use git tools). Delete your repo, completly purge it from your drive. Init a new repo. `cp` your sources back into the repo. You will then have your first commit with content. All history is gone, all commits and their commit messages are gone. – Korashen Jan 15 '18 at 16:11
  • 1
    Not using the tabula rasa / purge method: You can always make a hard reset on your branch(es). Make sure to copy your sources to a backup folder to not lose your progress. Then make a hard reset (not a soft one). This will wipe all commits. Copy back sources to restore your progress. – Korashen Jan 15 '18 at 16:13
  • I obviously thought of the purge method too, but I would really make use of a more thorough guide on that. I mean, there might be files that I don't want to copy. Also, the folder still includes many git-related files and the .gitignore, what about stuff like that? – martin k. Jan 15 '18 at 16:24
  • `org.eclipse.core.resources/.history` is the Eclipse 'Local History'. See the 'General > Workspace > Local History' page in the Preferences. – greg-449 Jan 15 '18 at 17:29
  • The .gitignore file only contains a list of filenames / extensions, that git should ignore. So for example, the .gitignore contains `*.class`, which tells git, to ignore all files ending with `.class`, so compiles java files will not be pushed into the repo. It does not contain any history information or such and it is not bound to a specific path or repository. – Korashen Jan 16 '18 at 08:46

0 Answers0