It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Remove sensitive files from commit history

Back when I was first starting with Git, I pushed my config.php file and some unneeded cache files into the repo. I have seen that it is possible to use filter branch to remove unwanted files from history. So say I had these files I wanted to remove:

- config.php

- forums/cache/*.php

there is more, but I can figure it out when someone tells me how to do those. I am using BitBucket with SourceTree.

2 answers

Hi

take a look at this article: https://help.github.com/articles/remove-sensitive-data

What's explained there applies also to BitBucket.

My suggestion is to go directly to the BFG paragraph. It's very easy to install and to use, and automates the procedure of cleaning unwanted files from the history. After BFG step, you need to follow the instructions to purge the local git repo.

Before trying anything make a copy of the entire repo in another dir on your pc, just in case...

Pay attention to the online caches that services like GitHub and BitBucket maintains.

If what you have to delete is not sensitive data, then you can simply force push your changes online, with

git push origin master --force

and repeat it for every branch whose history BFG has rewritten. Be aware that you are rewriting history on (possibly) public branches. If you share work with others, don't do that and instead do a regular commit to delete files (and leave the history untouched).

If you DO have sensitive data to delete (passwords, keys), then you should delete and recreate the repo on bitbucket before pushing the repo after BFG.

A last word of caution: if something goes wrong and you don't have a backup, you'll lose some data.

Hi Alex,

You can ignore the sensitive files and logs files from being commited to the repository by using the git ignore feature. Refer to the following documentation on using git ignore. You can also run the command git help gitignore to view all the available commands for the git ignore function.

Here is a sample of gitignore code:

config.php
forums/cache/*

Copy the code and save it in a file with .gitignore name and place it in your root directory.

Will this will work on files that are already versioned?

No..

Aafrin refers to the standard way to configure ignore patterns in a Git repository.

.gitignore files must be in place before you git add files. After committing, the changes will be recorded permanently in the repo, and the only way to delete them is "rewriting"history.

The approach outlined in my answer is one of the simplest, but keep in my mind that you should avoid it, unless you have strong reasons to do so (the only one I think of is when you commit really sensitive data, like passwords and keys).

When you want to remove unharmful unwanted files (like logs, executables, etc.), the best option is to do a commit that "reverts" changes. To do so, you simply delete unwanted files in your local repo, then stage the deletion and commit it the usual way.

That's what I thought. Thanks for the confirmation.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Bitbucket

Share your software development horror stories!

Hey Community! I work on the Bitbucket product marketing team. With Halloween approaching, we wanted to discuss a topic tailor-made for October: development horror stories. Whether it was a lurk...

1,658 views 11 3
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you