0

I have accidentally committed a password to a BitBucket git repository some time ago, several commits behind the current master. While I removed the password later by committing without it, it still exists in several past commits.

I don't mind losing the history of changes during those commits. I'm also not worried about somebody having seen the password during the time it was committed, but I want to delete this history to avoid problems in the future.

What steps to take to ensure that, after those steps, nobody who gets access to this BitBucket repository in the future can find this password?

Lets say I have the commits (from oldest to newest) with the (fake) SHA1s: c001 c002 c003 c004

c002 and c003 are hashes of "bad" commits that I want to delete entirely. I want master to stay on c004, but for c002 and c003 to no longer be accessible for anybody if I give them access to this repo. I tried following the instructions of similar questions on SO that offer to reset or rebase, but could not get them to work; I either manage to delete the commits on my machine but then cannot push back to BitBucket, or fail to delete on my machine altogether after messing something up.

Can somebody please explain the steps needed to: 1. eliminate c002 and c003 from the repository's history 2. make sure it's saved on BitBucket, and that people cannot view those commits neither in BitBucket's GUI, or by cloning the repo to their machine

I would appreciate an answer that explains what the commands do, and not just write some magic git commands that either work or don't work for me. Also, this question is specifically about BitBucket in case some things might be specific for it... I had trouble with "Updates were rejected because the tip of your current branch is behind" when trying to push changes back to BitBucket after making local repo changes with reset --hard. After several failed attempts and frustration with git's docs I decided to ask SO.

.

Idemax
  • 2,712
  • 6
  • 33
  • 66
Aqo
  • 343
  • 4
  • 16

2 Answers2

3

What I would do is:

git checkout revision-where-the-file-was-added
git rm the-file-with-the-password
git commit --amend --no-edit # fix the revision
git cherry-pick revision-where-the-file-was-added..the-branch # replay all later revision
# if you like the result
git branch -f the-branch
git push -f origin the-branch
git checkout the-branch

This assumes there's a single line of revisions after the file was added. If there are merges involved in later history, you might have to need to play with options in cherry-pick.

eftshift0
  • 26,375
  • 3
  • 36
  • 60
  • I followed those steps, doing: git checkout c002, git rm password.txt, git commit --amend --no-edit, git branch -f master, git push -f origin master, git checkout master, and while it did remove the commits from the history listed in the repo, I am still able to access the commits with the password by going to https://bitbucket.org/accountname/reponame/commits/c002. So while this answer answers the git half, it does not answer the bitbucket half. :/ – Aqo Aug 01 '19 at 20:32
  • Well.... 2 things: you can't force bitbucket to do as they please on their git repos.... but second and perhaps what you want to hear: in order to reach a revision on a given repo, bitbucket _probably_ checks that the revision is part of the history of one published branch or tag on the repo... so I would _assume_ that you still have another branch/tag that has that revision in history. – eftshift0 Aug 01 '19 at 20:35
  • in order to not mess up my real repo before I'm sure I know what I'm doing, I made a test repo on BitBucket, which only has a master branch and four commits, and practiced your steps on it. It has no other branches. Still, I am able to reach the commits even after they were "removed". Are you saying getting rid of those being available on BitBucket's site is basically impossible due to BitBucket's policy/implementation? – Aqo Aug 01 '19 at 20:47
  • i would think so. – eftshift0 Aug 01 '19 at 20:50
  • Alright, I will upvote your answer because it's probably the closest thing I'll get to what I want, even that it doesn't entirely solve my problem. Thanks for the help. However if somebody else does figure out how to remove the BitBucket history as well, I will move the answer to them. – Aqo Aug 01 '19 at 20:54
0

You can do a combination of a rebase and a git push origin master --force to rewrite the history of your repository and force-push your changes so that no one would be able to view the password in the commit history.

From your main branch you can do git rebase origin/master -i and then edit the commit where you pushed the password. Then run git add . to add it- then git commit --amend and git rebase --continue to continue with the rebase. When its done, git push origin master to force push it through and rewrite the history the way you want to.

chevybow
  • 9,959
  • 6
  • 24
  • 39
  • I tried to follow your steps but I must've done it wrong because the commit still appears in my history? 1. called git rebase origin/master -i 2. edited the first line in text editor to "edit c002", 3. edited the file in my working tree to remove the password 4. called git add . 5. called git rebase --continue; however I am still able to see the bad commit in the history. even after the push. – Aqo Aug 01 '19 at 20:45
  • @Aqo I believe I missed a step. I edited my answer, can you try the steps again with the extra git commit --amend command? – chevybow Aug 01 '19 at 20:54
  • After adding git commit --amend at the step you specified, I am still able to see the previous commit in the history, and on top of that, can no longer push to the remote repo and get an "Updates were rejected because the tip of your current branch is behind" error – Aqo Aug 01 '19 at 21:02