Question

We use git together with our iOS app, and we're now planning to make the app's code open source. The problem is we don't want people to have access to our API keys because the API itself shouldn't be accessible by the public.

The API keys are all in APIConstants.h and .m. I'm thinking of unstaging them in future commits, but I understand that people can still check out older commits. Is there any way I can disable the checking out of those two files even from older commits?

The other solution I can think of is deleting the .git folder altogether, add APIConstants to the .gitignore, and doing git init again at the expense of deleting all of our commit history.

Was it helpful?

Solution

Do it like this:

$ git rm --cached APIConstants.h
$ echo APIConstants.h >> .gitignore
$ git add .gitignore
$ git commit -m "Remove and ignore APIConstants.h"

OTHER TIPS

I think you can accomplish this by running the following command: git rm --cached file

and then adding the file to your .gitignore file so it's not added again later.

adding the file to .gitignore will guarantee that the file won't be included in the future commits.

However, as you said, it is already available and users can still download the old file. You could remove them from the repository altogether..

git rm --cached <file>

Or, if you want to tell the repository to stop tracking a file, you could use..

git update-index --assume-unchanged <file>

and this can be reverted by using,

git update-index --no-assume-unchanged <file>
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top