This content originally appeared on DEV Community and was authored by Aadityasiva
Let's say that you have finished a project you have been working for a long time and wish to make it public on GitHub.
After you make it public on GitHub then you realize you got a bunch of API keys, secret files, and a lot of files which should have been in the .gitignore
file
We all have been there once or going to be ?
So if you are that unfortunate guy there is a way to remove all signs of your leaked info in this example we can assume that our API key is in a file called .env
which is a file used to store environment variables
Step 1 : clone the repo into a temporary folder
mkdir repo_cleanup # makes a folder called repo_cleanup
cd repo_cleanup # changing directory to repo_cleanup
git clone https://github.com/YOUR-USERNAME/YOUR-REPOSITORY . # clones the repo from which you want to remove the .env file
Step 2 :
git filter-branch --force --index-filter \
"git rm --cached --ignore-unmatch .env" \
--prune-empty --tag-name-filter cat -- --all
Introduce filter-branch magic that removes the naughty information (.env in our case)
Step 3 :
Add .env
to your .gitignore
file
Step 4 :
git add .gitgnore
git commit -m "Added .env to gitignore"
commit the .gitignore
file
Step 4 :
Commit the changes with --force
to remove the file from the history because if we don't do someone will be able to view the .env file in the repo's history
git push origin --force --all
git push origin --force --tags
Step 5 :
Why is removing API Key from public key is important ?
I would recommend that you read this https://nakedsecurity.sophos.com/2019/03/25/thousands-of-coders-are-leaving-their-crown-jewels-exposed-on-github/
Basically it is for safety purposes because if hackers got your key they could spam your key and drive your costs up which you definitely don't want!
? Bye and have a good day!
This content originally appeared on DEV Community and was authored by Aadityasiva
Aadityasiva | Sciencx (2021-04-20T03:28:54+00:00) How to prevent a public repo disaster?!!. Retrieved from https://www.scien.cx/2021/04/20/how-to-prevent-a-public-repo-disaster%f0%9f%a4%94/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.