Removing files from github
https://stackoverflow.com//questions/21031596
-
21-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have been using github for one project for some time now, but only as a issue tracker. So, tonight I devoted some time to get things going with code as well, and made a rookie mistake: I committed credential files and other unnecessary data. I have added those to the .gitignore file now and they should be not an issue anymore, but I see they are available in the history.
That poses a security issue so I have to sort this out and remove that sensitive data there. I am the currently sole developer, so that's why I kept the code on my PC only and on the actual server, but wanted to get a hang of this as well.
So far, I have tried this article, this one as well and found some questions on SO, but haven't been able to figure this out. I mostly get some sort of error like this one: fatal: ambiguous argument 'rm': unknown revision or path not in the working tree.
I would delete the whole repo, but I have quite a lot of issue tracking data there, so I need to keep that, so this is not an option. I don't mind about other commits, I can start from scratch with code from my local machine, but need some way to lose older commits and their complete history, or change those files (some things in .gitignore are directories, so that might be very tedious to remove).
I tried with git rebase -i, but there I see only my last three commits (testing), which were not pushed, the remaining ones that are online, 10 or so of them don't show there.
The repo I am using is private one, with me and a client only having access, so no 3rd party has seen this.
I am new to git so thanks for your time and help!
Solution
First, here's the important bit: Consider your credentials compromised. Change them. No matter what you do at this point, they are no longer secure.
Now that yo've done that, you have a couple of options:
If you really just want to start from scratch, overwrite what's there with new commits using
git push --force. This is likely your easiest path forward.git init <new-directory> $EDITOR README.md git add README.md git commit git remote add origin https://github.com/user/repo.git git push --force origin masterAlternatively, you can remove the credentials from the history with
filter-branch, as outlined on the GitHub help page on removing sensitive data.Your
ambiguous argument 'rm'error is likely to do with quoting the command properly. Make sure to quote it as it shows in the article.
OTHER TIPS
I got the same ambiguous argument error too, when I was trying to run this command:
git filter-branch --force --index-filter \
'git rm --cached --ignore-unmatch path\to\my\file.txt' \
--prune-empty --tag-name-filter cat -- --all
I was able to run it by changing single quotes to double quotes, and backslashes to slashes.
git filter-branch --force --index-filter \
"git rm --cached --ignore-unmatch path/to/my/file.txt" \
--prune-empty --tag-name-filter cat -- --all
Even that you had it for some time available it is enough to be a security thread. Deal with the real issue: you have leaked credentials and you have to change it first. After that the file on github will not have any value at all and you can leave it over there in history. To make it more clear why you should not even bother to remove it from github assume it was cached by search engines so anyone can get to that file even after it was removed from github.
