问题
A while ago, we've pushed some app.settings files containing sensitive data such as connection strings.
That was long time ago and since then we've removed (by pushing new versions) which don't contains the sensitive data.
However , If someone will try to see app.settings's history - he will see the connection strings.
Question
How can I make the passwords not to be there even with history lookup.
Also- I don't want to see that connection strings has been removed compared the one commit after.
Clarification: I don't want to remove the file , only few lines.
Visualization:
2017 - commit - connectionstring=***,***
2018 - commit - removed connectionstring=***,***
2019 - histroy of commits , I will see the sensitive data.
I want to delete 2017's sensitive lines and I dont want to see that 2018 now has few lines less (the sensitive data , will be displayed in diff imho) .
回答1:
This is a classic case described in GitHub help page "Removing sensitive data from a repository".
As commented, it will involve rewriting, and then force pushing the entire history of the Git repository.
But considering the distributed nature of Git, other might already have cloned the (old version of) your repository.
Which means the main advice is: first and foremost, change your connection credentials now.
Make sure that old versioned sensitive data is no longer sensitive.
Then you can worry about cleaning up the history of your repository.
来源:https://stackoverflow.com/questions/57122756/purge-history-for-a-pushed-confidential-data-in-remote-origin