5

Possible Duplicate:
How to open-source a project whose git repository has copyrighted media in the history?

Our company has spent a year working on an internal web application and has decided to open source the project and host on github. The application was originally versioned with Bazaar and we are going to preserve the commit history when converting it to git.

There is some confidential information within the commit history, such as internal database information.

Question:
Is there a way to preserve the commit history while removing or hiding all traces of confidential information?

The big reason being that we have had employees that have worked on the project that have moved on to higher-paying other jobs and we want to maintain recognition of their hard work.

Community
  • 1
OozeMeister
  • 161
  • 3
  • Is you problem the identification of confidential information, or the mechanical process of changing the identified commits? – mattnz Jan 08 '13 at 20:12
  • Mostly the mechanical process of changing the identified commits. If you know of a nice UI for examining the commit history, that would be very helpful as well. – OozeMeister Jan 08 '13 at 20:15
  • 3
    Their hard work was recognised by a monthly paycheque. – James Jan 09 '13 at 00:28
  • 2
    Cannot understand the close votes. This question, while specific in it's current form, covers a common issue for software developers - removing (confidential) information from source control. – mattnz Jan 09 '13 at 02:48
  • Perhaps your opinion would change if I told you that this wasn't for a company, but for a low-paying student job (hence hard-coding passwords and other sensitive information in the code-base) where the portfolio of a large open-source project meant more than the "paycheque". – OozeMeister Jan 22 '15 at 00:55

1 Answers1

8

GitHub has a help page on Removing sensitive data. This page describes in detail how to use git filter-branch to remove old commits that have sensitive information.

This is the general workflow you can use:

  1. Convert the complete repository from Bazaar to Git.
  2. Identify commit(s) that have confidential information.
  3. Remove the confidential data with git filter-branch.
  4. After you are satisfied that you have removed all the confidential information, then you can upload to GitHub.

To view the commit history, Git comes with the built-in gitk tool. I normally use tig which is a text mode repository viewer. There are many other possible repository viewers to choose from, your favourite IDE probably already has something built in.

Greg Hewgill
  • 10,181
  • 1
  • 46
  • 45