从GitHub历史中删除了敏感文件,但我仍然可以访问它 [英] Removed sensitive file from GitHub history, but I can still access it
问题描述
我有意识地提交了包含敏感数据的文件,并希望从当前的GitHub回购状态和整个历史中摆脱它。为了确保这个过程已经完成,我在浏览器中打开了一个新的标签页,URL指向了版本库历史记录中的一些早期文件。
我去了通过删除敏感数据GitHub帮助文章,我通读了< Darhuuk 的答案,与其他许多人一样好 - 仍然毫无用处 - 文件显然已从我的本地存储库中删除,其中的GitHub远程对应,但当我刷新其他选项卡时,我可以清楚地看到该文件及其敏感内容。
我错过了什么,或者下一步该做什么?
我必须联系GitHub支持。他们一边运行 git gc
来完成这个过程。
因为我没有任何合作者到我的存储库尚未,因为我没有使用标签,我已经消除了步骤,在我看来是无关紧要的。除此之外,我做了:
-
将存储库清空
sensitive.file
file:git filter-branch --force --index-filter \
git rm - cached --ignore-unmatch sensitive.file\
--prune-empty --tag-name-filter cat - --all
-
强制更改GitHub:
git push origin - force --all
-
清除本地缓存更改:
git for-each-ref --format ='delete%(refname)'refs / original | git update-ref --stdin
git reflog expire --expire = now --all
git gc --prune = now
之后,git报告了我,没有什么要提交的( git status
),并且我的本地仓库是最新的远程仓库( git pull +
git push
)。但是,我仍然可以使用URL访问该文件,我已经在其中一个标签中打开了,这导致了它在GitHub中的一个早期版本。
刷新页面didn不会带来任何改变。文件显然存在。
我联系了GitHub支持人员,并在五分钟内获得了回复(!)。他们不得不在他们身边运行git垃圾收集器( git gc
)来完成这个过程。最后,之后,提到的链接开始显示404。
I have accidentially commited file with sensitve data and wanted to get rid of it from current GitHub repo state and from the entire history. To make sure, that process is completed, I have opened a new tab in my browser, with URL pointing to some early stage of that file in repository history.
I went through "Remove sensitive data" article in GitHub Help, I read through Darhuuk's answer, as good as many others here and still for nothing -- file is clearly removed from my local repository and its GitHub remote counterpart, but when I refresh that other tab, I can cleary see that file and its sensitve content.
What am I missing, or what should I do next?
I had to contact GitHub Support. They ran git gc
on their side to complete this procedure.
Since I don't have any collaborators to my repository yet, and since I'm not using tags, I have eliminated steps, that in my opinion was irrelevant. Aside of them I did:
Emptying repository out of
sensitive.file
file:git filter-branch --force --index-filter \ "git rm --cached --ignore-unmatch sensitive.file" \ --prune-empty --tag-name-filter cat -- --all
Forcing changes to GitHub:
git push origin --force --all
Purging locally cached changes:
git for-each-ref --format='delete %(refname)' refs/original | git update-ref --stdin git reflog expire --expire=now --all git gc --prune=now
After that, git reported me, that there is nothing to commit (git status
) and that my local repository is up-to-date with remote one (git pull
+ git push
). But, I still could access that file, using URL, I had open in one of tabs, that was leading to one of its early copies in GitHub.
Refreshing page didn't bring any change. File was clearly there.
I contacted GitHub support and got reply withing five minutes (!). They had to run git garbage collector (git gc
) on their side, to finish this process. Finally, after that, mentioned link started to show 404.
这篇关于从GitHub历史中删除了敏感文件,但我仍然可以访问它的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!