DEV Community

Discussion on: Removing Sensitive Data From Git History

Collapse
 
somedood profile image
Basti Ortiz

I'm surprised by how short this was. I'm not an expert in Git, but I thought the redaction process was much more tedious. Apparently not.

How does this method fare when "dirty" commits have already been pushed remotely (i.e. GitHub), though?

Also, are there any other ways to "clean up" the workstations of other maintainers without having to manually intervene (by cloning a fresh repository as you noted in the end)? For large teams, I would imagine how much of a hassle this would be; even more so for major open-source projects.

Collapse
 
jeff_codes profile image
Jeff Edmondson

This also updates all dirty commits if you push the references up to GitHub. However, I am not sure about your second question. I bet that there would be some sort of method to do this but I am not currently aware of it. But hopefully code reviews would catch these keys from being merged into the main code line.

Collapse
 
somedood profile image
Basti Ortiz

Ah, that's unfortunate. All the more incentive to prioritize "prevention" over the "cure".