How to prevent a public repo disaster?!!

Let’s say that you have finished a project you have been working for a long time and wish to make it public on GitHub.
After you make it public on GitHub then you realize you got a bunch of API keys, secret files, and a lot of files which should have b…


This content originally appeared on DEV Community and was authored by Aadityasiva

Let's say that you have finished a project you have been working for a long time and wish to make it public on GitHub.
After you make it public on GitHub then you realize you got a bunch of API keys, secret files, and a lot of files which should have been in the .gitignore file
alt

We all have been there once or going to be ?

alt text
So if you are that unfortunate guy there is a way to remove all signs of your leaked info in this example we can assume that our API key is in a file called .env which is a file used to store environment variables

Step 1 : clone the repo into a temporary folder

mkdir repo_cleanup # makes a folder called repo_cleanup
cd repo_cleanup # changing directory to repo_cleanup
git clone https://github.com/YOUR-USERNAME/YOUR-REPOSITORY . # clones the repo from which you want to remove the .env file

Step 2 :

git filter-branch --force --index-filter \
"git rm --cached --ignore-unmatch .env" \
--prune-empty --tag-name-filter cat -- --all

Introduce filter-branch magic that removes the naughty information (.env in our case)

Step 3 :

Add .env to your .gitignore file

Step 4 :

git add .gitgnore
git commit -m "Added .env to gitignore"

commit the .gitignore file

Step 4 :

Commit the changes with --force to remove the file from the history because if we don't do someone will be able to view the .env file in the repo's history

git push origin --force --all
git push origin --force --tags

Step 5 :

Success ?!!

Why is removing API Key from public key is important ?

I would recommend that you read this https://nakedsecurity.sophos.com/2019/03/25/thousands-of-coders-are-leaving-their-crown-jewels-exposed-on-github/
Basically it is for safety purposes because if hackers got your key they could spam your key and drive your costs up which you definitely don't want!

? Bye and have a good day!


This content originally appeared on DEV Community and was authored by Aadityasiva


Print Share Comment Cite Upload Translate Updates
APA

Aadityasiva | Sciencx (2021-04-20T03:28:54+00:00) How to prevent a public repo disaster?!!. Retrieved from https://www.scien.cx/2021/04/20/how-to-prevent-a-public-repo-disaster%f0%9f%a4%94/

MLA
" » How to prevent a public repo disaster?!!." Aadityasiva | Sciencx - Tuesday April 20, 2021, https://www.scien.cx/2021/04/20/how-to-prevent-a-public-repo-disaster%f0%9f%a4%94/
HARVARD
Aadityasiva | Sciencx Tuesday April 20, 2021 » How to prevent a public repo disaster?!!., viewed ,<https://www.scien.cx/2021/04/20/how-to-prevent-a-public-repo-disaster%f0%9f%a4%94/>
VANCOUVER
Aadityasiva | Sciencx - » How to prevent a public repo disaster?!!. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/04/20/how-to-prevent-a-public-repo-disaster%f0%9f%a4%94/
CHICAGO
" » How to prevent a public repo disaster?!!." Aadityasiva | Sciencx - Accessed . https://www.scien.cx/2021/04/20/how-to-prevent-a-public-repo-disaster%f0%9f%a4%94/
IEEE
" » How to prevent a public repo disaster?!!." Aadityasiva | Sciencx [Online]. Available: https://www.scien.cx/2021/04/20/how-to-prevent-a-public-repo-disaster%f0%9f%a4%94/. [Accessed: ]
rf:citation
» How to prevent a public repo disaster?!! | Aadityasiva | Sciencx | https://www.scien.cx/2021/04/20/how-to-prevent-a-public-repo-disaster%f0%9f%a4%94/ |

Please log in to upload a file.




There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.