Fabian Mendez
Fabian Mendez's Blog

Fabian Mendez's Blog

How to prepare your private repository for the public

Photo by Yancy Min on Unsplash

How to prepare your private repository for the public

Fabian Mendez's photo
Fabian Mendez

Published on Dec 29, 2021

2 min read

I usually work on pet projects using git to keep track of changes but without thinking too much about exposing credentials or sensitive information, and once it is a good idea to publish it I clean it up.

Step 1

The first thing I do is push my current version to a remote repository, because if I mess something up I can always revert my changes.

Step 2

Download and install git-filter-repo.

This is the tool used to remove files/directories or sensitive information from the repository history.

Step 3

These are the commands I usually use:

  1. To remove a file or directory:

    git-filter-repo --path "my-trash-0" --path "my-trash-1/abc" --invert-paths
    

    Note: The --invert-paths flag is really important, otherwise you will remove all files but the ones specified.

  2. To check if some text is present anywhere in the history:

    git rev-list --all | xargs git grep -i "text i'm looking for"
    
  3. To replace/remove text:

    git filter-repo --replace-text <(echo "SECRET==>notsosecret")
    

Then rinse and repeat until there is not anything unwanted.

Step 4

Force push your changes.

As you've rewritten the repository history you will need to push your changes with the --force flag and depending on the remote repository settings you may need to allow force pushes.

Before doing this, you may need to add your remote again, because I believe git-filter-repo removes it to prevent you from pushing your changes by mistake.

You can do this with the following command:

git remote add origin https://github.com/user/repo

Thanks

Thanks for reading and I hope this can be useful to you.

 
Share this