I accidentally committed a sensitive password into source control before pushing to the central repository.
I removed the password from my code and did git add -A . && git commit --amend and then git push origin master.
Is there any trace of the sensitive password in Git? In other words, when you run git commit --amend, does Git have any trace of the commit containing the sensitive data?
(I changed the password just to be sure.)
答案 0 :(得分:0)
您首先需要以交互方式重新绑定并删除提交。 This guide有更多信息。这是通过git rebase -i --root master完成的。
在本地重新定位之后,您需要强制将提交推送到远程。请注意,这将破坏远程存储库的所有克隆副本的历史记录。理想情况下,您需要完全删除工作副本,然后再次git clone。强制推动:git push --force origin master。
答案 1 :(得分:0)
如果在修改提交之前没有按下,则遥控器中没有密码跟踪。
但是,在提交垃圾回收之前,敏感密码仍然存在于本地存储库中。 git reflog将显示仍包含密码的提交。运行git gc将触发垃圾收集并从本地存储库中删除所述提交。
有关git gc的更多信息:https://www.kernel.org/pub/software/scm/git/docs/git-gc.html
答案 2 :(得分:-1)
Assuming that the commit that contained the password was the latest commit when you did git commit --amend, then the password should be totally removed. You can confirm this by checking out the relevant commits and looking for the password.