You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Darrell Esau <da...@gmail.com> on 2008/09/01 00:59:42 UTC
passwords in checked-in code
Hi all,
I accidentally committed a password in clear text to a configuration
file in my SVN codebase. I've since added various other new
revisions.
I'm wondering if it's possible to edit the repository to remove the
password from the config file.
I'm using the linux filesystem for storage.. I found the files in
db/revs -- however when I remove the password (replacing the
characters with X's) -- when I try to check out the file, I get a
checksum failure.
So -- Is there any way to do this while maintaining all the other history?
Thanks in advance
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: passwords in checked-in code
Posted by Blair Zajac <bl...@orcaware.com>.
Darrell Esau wrote:
> Hi all,
>
> I accidentally committed a password in clear text to a configuration
> file in my SVN codebase. I've since added various other new
> revisions.
>
> I'm wondering if it's possible to edit the repository to remove the
> password from the config file.
>
> I'm using the linux filesystem for storage.. I found the files in
> db/revs -- however when I remove the password (replacing the
> characters with X's) -- when I try to check out the file, I get a
> checksum failure.
>
> So -- Is there any way to do this while maintaining all the other history?
A couple of choices:
1) 'svnadmin dump' the repos up to the revision before the bad commit and create
a new repos from the dump that is missing later history. Then commit the files
over it without the passwords. Make sure to change the UUID of the new repos.
2) Change your passwords :)
Regards,
Blair
--
Blair Zajac, Ph.D.
CTO, OrcaWare Technologies
<bl...@orcaware.com>
Subversion training, consulting and support
http://www.orcaware.com/svn/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: passwords in checked-in code
Posted by Ryan Schmidt <su...@ryandesign.com>.
On Aug 31, 2008, at 7:59 PM, Darrell Esau wrote:
> I accidentally committed a password in clear text to a configuration
> file in my SVN codebase. I've since added various other new
> revisions.
>
> I'm wondering if it's possible to edit the repository to remove the
> password from the config file.
>
> I'm using the linux filesystem for storage.. I found the files in
> db/revs -- however when I remove the password (replacing the
> characters with X's) -- when I try to check out the file, I get a
> checksum failure.
>
> So -- Is there any way to do this while maintaining all the other
> history?
Yes. There's what Blair suggested, or you can use svndumptool to help
you. It lets you do various fun things to dumpfiles, including
replace a historical file's contents (svndumptool.py edit).
http://svn.borg.ch/svndumptool/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org