问题
I have a local svn repository in my PC, I have been using it for a hobby project and it wasn't meant to be accessible to anyone, so I commited files with passwords in them.
Now, I'm thinking of making the repository available for other people and I don't want to have that data there.
Is there a way to crawl the repository and replace all the passwords and account data with a text like "xxxxxxxxxx"?
回答1:
Check the Subversion FAQ: How do I completely remove a file from the repository's history?
回答2:
If you do an
svnadmin dump > mysvn
you'll get a flat file of all the data of all the revisions in your repository. From there, you should be able to manually edit the file (if your repo was significant in size at all, you may need a line-editor, like pico, nano, vi, etc.).
Lastly, you would then reload this dump into a new repository. This will preserve your history of your project.
svnadmin load /path/to/new/repo < mysvn
This practice would be considered a no-no in any corporate environment where you undergo auditing, etc, but for a hobby project it may just do the trick for you.
EDIT: I've had to do this before trying to merge two different repositories together, so it required adding a new "directory node" the flat file. I'm not sure if SVN hashes the files or changes to determine if it's been tampered with.
回答3:
It seems that there was a misunderstanding. I didn't want to delete a file. I want to delete passwords stored in the repository. I don't want to lose the files, neither the revisions, modifications and the history.
What I did is what Matt suggested, dump the repository and edit it.
To do this, I used a hexadecimal editor (khexedit) and replaced the password string with a string of the same lenght. That way, I don't have to update the size fields.
Next, I need to update the md5 fields with the hash of the file contents. For this, I wrote a script that used "svnadmin load" output to generate a error and get the old and new md5 from that error. Next, replace the old hash with sed and then, repeat until there aren't errors.
回答4:
I had same issue but than on code.google.com: I checked in some files which should not be accessible via the history on googlecode but I did not want to ditch all history, after some googling, trying, retrying and retrying i succeeded. Below the recipe which worked for my little project (6.5 MB, 90 revisions). Most knowledge came from googlecode, the rest mostly from the svn redbook
First create a local repo where you'll download googlecode's repo to:
svnadmin create /tmp/your_local_repo
create file /tmp/isd_gc/hooks/pre-revprop-change with contents
#!/bin/bash
exit 0
make it eXecutable:
chmod +x /tmp/isd_gc/hooks/pre-revprop-change
if you fail on this section you most likely will see an error: Revprop change blocked by pre-revprop-change hook (exit code 255) with no output.
now you can init the svn sync from code.google.com
svnsync init --username yourname@youremail file:///tmp/your_local_repo https://yourproject.googlecode.com/svn
and start downloading all history:
svnsync sync --username yourname@youremail file:///tmp/your_local_repo
Committed revision 1.
Copied properties for revision 1.
Transmitting file data .......................
Copied properties for revision 87.
Now we create a dumpfile which will be fed to svndumpfilter to remove unwanted files.
svnadmin dump . > /tmp/tst_dump_gc.dmp
use svndumpfilter to remove first unwanted file from it.
svndumpfilter exclude /trunk/unwanted file_1.jsvg < /tmp/tst_dump_gc.dmp > /tmp/tst_dump_clean1.dmp
Dropped 1 node:
'/trunk/unwanted file_new.jsvg'
remove second unwanted file:
svndumpfilter exclude /trunk/unwanted file_2.jsvg < /tmp/tst_dump_clean1.dmp > /tmp/tst_dump_clean2.dmp
recreate "old temp repo"
rm -rf /tmp/your_local_repo
svnadmin create /tmp/your_local_repo
load filtered dump into repo
[/tmp]$svnadmin load --ignore-uuid your_local_repo < /tmp/tst_dump_clean2.dmp
Check that everything is ok in a svn client (doing a history check on the trunk only shows 25 first results in my svn client).
svnsync sync --username yourname@youremail https://yourproject.googlecode.com/svn
回答5:
The easiest thing would be to check out the contents of the repository, remove all the sensitive information, import the working directory into a new repository, and make that available to the public. It is very likely that whoever will be using your project will be interested in its current state, not in the change history.
来源:https://stackoverflow.com/questions/205296/delete-file-contents-from-svn-history