8

My problem: cygwin git doesn't seem to correctly prompt for credentials when using https:// URLs, so I used username and password in the URL. Unfortunately when I did a "get pull" it auto-commited a message with the full URL including password. I didn't notice this until after I had pushed the changes.

How do I edit old commit messages to eradicate the password in the URL?

My shared git repo is on my own server. I can do surgery on the repo if necessary.

Instructions on how to change my configuration (i.e. don't use Cygwin, don't use https) are unnecessary -- I'm trying to deal with what is already done.

Yes, I can and will burn the password but I'd still like to fix it.

Dewey Sasser
  • 379
  • 2
  • 8

3 Answers3

4

To completely remove a file from a git repository and its history, use these commands.

# Check out the remote repo
git clone git://host/path/repo.git
cd repo

# Clobber the file in your checkout
git filter-branch --force --index-filter 'git rm --cached --ignore-unmatch file-to-purge.txt' --prune empty --tag-name-filter cat -- --all

# Make sure you don't accidentally commit the file again
echo file-to-purge.txt >> .gitignore
git add .gitignore
git commit -m "Prevent accidentally committing this again" .gitignore

# Push the edited repo. This will break other people's clones, if any.
git push origin master --force

For more information, remove sensitive data guide at GitHub will help you.

cmc
  • 4,294
  • 2
  • 35
  • 34
Alan Haggai Alavi
  • 72,802
  • 19
  • 102
  • 127
1

The link to removing sensitive data on git-hub is useful. However, I found a tool that was very straight-foward to use: Eric Raymond reposurgeon.

This tool allowed me to easily import my repo, list the commits with the issue, edit them (I did so individually) and write out a git fast-import stream of my repo. I imported that stream into a new repo and rsync'd it into place.

The downside is that my old repo is completely dead -- I changed history. That would be true of using "git filter-branch" as well, according to the docs.

Dewey Sasser
  • 379
  • 2
  • 8
  • 1
    Been looking for an excuse to use the tool for a while, but the docs are very unixy- no examples. It's be nice to have an example to "just delete a darn file" with reposurgeon. – cmc Aug 23 '13 at 16:38
0

If you can edit the server, you can reset branch head to the previous one (HEAD^).

  • first of all, get the HEAD^ hash you want to "revert" to.
  • go to (git bare repository's directory in server)/refs/heads, change to user git (or any the git serves), run "echo (hash) > (branch name)" to reset.

that's all. BTW, you cannot change the repo pulled before you did the above

Tony Wang
  • 193
  • 1
  • 10