6

A while ago, we've pushed some app.settings files containing sensitive data such as connection strings.

That was long time ago and since then we've removed (by pushing new versions) which don't contains the sensitive data.

However , If someone will try to see app.settings's history - he will see the connection strings.

Question

How can I make the passwords not to be there even with history lookup. Also- I don't want to see that connection strings has been removed compared the one commit after.

Clarification: I don't want to remove the file , only few lines.

Visualization:

2017 - commit - connectionstring=***,***
2018 - commit - removed connectionstring=***,***
2019 - histroy of commits , I will see the sensitive data.

I want to delete 2017's sensitive lines and I dont want to see that 2018 now has few lines less (the sensitive data , will be displayed in diff imho) .

Royi Namir
  • 144,742
  • 138
  • 468
  • 792
  • 2
    You will have to rewrite the entire history to remove the information everywhere. This is no easy task, and even if you do it, there is still always the chance that some other user could still have the old version on their machine. Best advice here is: don't let it happen in the first place. – Tim Biegeleisen Jul 20 '19 at 07:48
  • Related: https://stackoverflow.com/questions/2100907/how-to-remove-delete-a-large-file-from-commit-history-in-git-repository – hyde Jul 20 '19 at 07:55
  • @hyde it will remove _file_ rather than _few lines_. right ? – Royi Namir Jul 20 '19 at 07:56
  • And note that *everybody* who has a clone needs to for example get a fresh clone and erase the old one if you want the sensitive data really gone. You can't change local branches of other clones from upstream. – hyde Jul 20 '19 at 07:58
  • @hyde Sure. make sense. thanks – Royi Namir Jul 20 '19 at 07:59
  • I used that linked tool years ago to remove a disk image. Not sure how to go about replacing a file with modified version, but if you can remove a file, it should be possible to add a file too... Oh, and make sure you have good backups. – hyde Jul 20 '19 at 08:19

1 Answers1

4

This is a classic case described in GitHub help page "Removing sensitive data from a repository".
As commented, it will involve rewriting, and then force pushing the entire history of the Git repository.

But considering the distributed nature of Git, other might already have cloned the (old version of) your repository.

Which means the main advice is: first and foremost, change your connection credentials now.
Make sure that old versioned sensitive data is no longer sensitive.

Then you can worry about cleaning up the history of your repository.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250