git,security , Hide sensitive information from git changes


Hide sensitive information from git changes

Question:

Tag: git,security

Is there a way to instruct git to hide my sensitive information. E.g.

credentials.php (in local repository).

Line1: $dbname = 'xyz';
Line2: $dbpassword = 'password';

credentials.php (in github repository and history).

Line1: $dbname = 'xyz';
Line2: $dbpassword = 'xxxxxxxx';

So git automatically hides the information with 'x'.

If not via git, how should I do it? I try and keep all my credentials in one place, but it becomes hard when you are using 3rd party libraries and they keep credentials all over the place.

Sidenote: Its not possible for me to NOT track the credentials.php file at all because it may also contain some other logic which needs to be version controlled.

Note: I found this post with a similar question. But the answer is not satisfactory for me. Is there an automated way to do what is told in the "accepted answer" ?


Answer:

What you probably are looking for is a filter. You set these up in your .gitattributes file to run one substitution upon adding a file to the staging area, and another substitution upon checkout:

enter image description here

The image is from the .gitattributes section of the Git book, which has details on how to create such a filter.


Related:


Pull request within one project/branch?


git,github
Suppose C(=Coder) and S(=Supervisor) are working on a project. For some reasons S never contributes to the codes and just comments on the code. Instead C is the only person coding. Is it possible to send pull request by C to be reviewed by S, within one project, or they...

How to tell git-svn that files are NOT binary


git,svn,migration,git-svn,gitattributes
I am converting a large SVN-repo (~28k Commits) into Git using git-svn. When the process was through (~ 1 1/2 weeks) I encountered some .ps1-files being treated as binary in the diffs. I have commited a .gitignore file on master (after the conversion of course) that tells git to treat...

Reverse ^ operator for decryption


c,algorithm,security,math,encryption
I'm trying to reverse the following code in order to provide a function which takes the buffer and decrypts it. void crypt_buffer(unsigned char *buffer, size_t size, char *key) { size_t i; int j; j = 0; for(i = 0; i < size; i++) { if(j >= KEY_SIZE) j = 0;...

Trying to understand git upstream branch


git,github,version-control
I have a git project. The remote only have a master branch, at local I have a master and proj-structure branch. I created the proj-structure branch using 'git branch -b proj-structure'. I am currently at proj-structure branch at local, when I try to git push, the git suggests me to...

How to get rid of .ignore file in Git?


git,file,bitbucket,ignore
I have create an ignore file , the list included .jar files . I then merged my branch to a development branch and even though I had resolved all my conflicts , I still had a lot of errors. Most of them had something to do with support.v4 (the import...

How to restrict file copying shared using Content Provider in Android?


android,security
Is it possible to forbid making copies of files for third party applications (like adobe reader), that I am using to open pdf files stored in internal memory of my application?

Extended description text on Git


git,bitbucket
I want commit with message and Extended description text to Bitbucket server. It exists on Git-cola software and I need the command line of it. I am using ubuntu and I need terminal command for Extended description git commit -am "My commit text" "My Extended description is this. Containing break...

How to release binaries on Github for different plattforms as seperate downloads?


git,github,command-line,software-distribution
I found this at github https://github.com/blog/1547-release-your-software. Their page provide a way to attach binaries to a special release. My build script compiles binaries for Windows MacOS and Linux. How to supply seperate downloads for different platforms there? AS far I can see these releases are simple git tags. Is it...

Configure Git to use a .pem key from a specific location


git,ssh
Whenever I try to do a 'git pull origin master' I get (It is NOT Github): Permission denied (publickey). I am able to SSH into my AWS EC2 Linux sever, which has the bare repository, which I'm trying to pull from when I get the aforementioned permission error. I have...

Code fails for decrypting without salt or iv in Java


java,security,encryption,aes,password-encryption
I have a ciphertext and a 256-bit key to decrypt it, using AES. There is no salt or iv. I am using Java. I have implemented many of the solutions online, but they all use salts and input vectors. The following builds fine, but fails at runtime: "Salt not found."...

How to secure configuration file containing database username and password


php,security
Issue In order to connect my PHP code with MySQL database I use PDO way, creating variable, assigning it with new PDO object where arguments contain settings such as server, database, login and password. So in resulting code it could look like this: $DAcess=new PDO("mysql:host=server;dbname=database","login","password"); I don't feel comfortable having...

Write Access for user on all repos on Gitolite


git,ubuntu,gitolite
I'm trying to add access to read, write and create new repos from my local to a gitolite server. I have the following config on my gitolite server, but it doesn't want to let me push to a new repo: repo @all RW+ = git repo gitolite-admin RW+ = git...

Getting code from my forked repository


git,laravel,repository,laravel-5,composer-php
I made a fork from a repository called "chrisbjr/api-guard". the repository latest version is v2.2.2, and I made a release v2.2.3 from my fork. I have my own branch which is dev-fulluth, to get the code from my fork not from the main repo, composer has to contain the below...

Cannot get my post-commit script to run (git)


git,hook
I want my remote git-repo to create a zip file from one folder in the master branch every time someone pushes. I renamed the post-commit.sample file and added the following: #!/bin/bash echo "creating zip" /usr/local/bin/git archive --format=zip --output=~/the-folder.zip master:the-folder echo "creating zip done" When I commit from my client I...

Android encryption and decryption of text fails


android,security,encryption,encryption-symmetric
I try to encrypt some text (here it is named code) and decrypt it again. For this i use a 4 digit Pin which is salted. After this the text is encrypted, also again some Base64 decoding, so i can safely output the String again. As i understand i have...

How to undo a successful “git cherry-pick”?


git
On a local repo, I've just exected git cherry-pick SHA without any conflicts or problems. I then realized I didn't want to do what I just did. I have not pushed this anywhere. How can I remove just this cherry pick? I'd like to know if there's a way to...

Git post-receive hook is not executed


linux,git,githooks,git-post-receive
The following post-receive hook: #!/bin/bash echo "-> Post-receive test" is not executed when pushing to my remote repository. The remote is ssh://[email protected]:2222/home/git/repo.git (it's a VM) and works, as when I manually checkout it I see the modifications I've made. Some additional informations ... $ ls -al /home/git drwxr-xr-x 7 git...

Git undo changes made in a specific folder


git
How I can undo changes made in a specific folder? I've modified files from multiple folders like app/code/core/ app/code/local/ app/design/frontend/ I want to undo all the changes made in files present in app/code/core/ while keeping the changes modified in files present in app/code/local/ and app/design/frontend/....

Why doesn't “go get gopkg.in/…” work while “go get github.com/…” OK?


windows,git,powershell,github,go
I try to use go get gopkg.in/fatih/pool.v2 to install pool according to Readme.md, but can't success: C:\Users\xiaona\Documents\GitHub> go get -v gopkg.in/fatih/pool.v2 Fetching https://gopkg.in/fatih/pool.v2?go-get=1 https fetch failed. Fetching http://gopkg.in/fatih/pool.v2?go-get=1 import "gopkg.in/fatih/pool.v2": http/https fetch: Get http://gopkg.in/fatih/poo l.v2?go-get=1: dial tcp 107.178.216.236:80: ConnectEx tcp: A connection attempt failed because the connected party did not...

Custom post-receive hook with gitlab


git,gitlab,webhooks
I am trying to set up a custom post-receive hook using gitlab I am following their documentation here I have an executable post-receive file in the custom_hooks folder with the following code: !/bin/bash echo "post-receive firing | wall git pull If I run this file with: ./post-receive It works fine....

git: assume unchanged bit not set


git
I have a file in my repo for which I tried setting the assume unchanged bit but it's still showing up in my unstaged file list. When I list all files for which the assumed unchanged bit is set, I get no files. Below are the steps I did. /tmp/GitIssue...

Not able to create staging instance on heroku [duplicate]


ruby-on-rails,git,heroku,sqlite3
This question already has an answer here: Errors of pushing rails app to Heroku error occurred while installing sqlite3, and Bundler cannot continue 3 answers I am trying to create a staging instance of my app on heroku. While I am doing git push staging master I am getting...

Contributing to open source project on github


git,github
I want to add translation and a bugfix on open source project on github. I had installed git, forked the project, cloned the fork on my harddrive, changed the permissions of the file(needed to do so I can test the changes), then created a new branch called "Bulgarian_language", then added...

How to pull files and only override conflicts


git,github
How can I pull down a git and have it overwrite my local project ONLY where conflicts are found? E.g. I have many folders / files in my local project that are not on the git project and never will be. Ok... here is the full scenario. I used DaftMonk...

How do I view the list of commits that haven't been pushed yet?


git,git-bash
I like documenting minor changes as separate commits and finally use git interactive --rebase to combine commits and change commit messages like I deem appropriate. Is there a way to determine which commits I haven't pushed yet without manually checking Github i.e. is there a way to find out from...

I rewrote my program and need some suggestions for my git repo


git
My program has gone through a rewrite. I have done all the work in a separate git repo but I want to it all back to the original. Is there a good way to do this so that it is obvious that this a new rewrite? Something like rename master...

Is there a way to push to a remote Git repository without having to fetch its objects?


git
Let's say I have a large Git repository stored in a server so multiple people can work with it. I want to be able to work with individual files from this repository, i.e. read, edit or insert new ones, without having to fetch all its contents, since it's a considerably...

gitignore in PHPStorm


php,git,phpstorm
I create a .gitignore file and add two folders. But when I click "commit directory" in PHPStorm my folders are always in my commit changes. magento/media/ magento/var/ What is going wrong? In Terminal it works great ...

Why does git checkout modify the index without being documented as such?


git
Here is what git checkout treeish -- file does: $ git init foo $ cd foo/ $ echo aaaa > file.txt $ git add file.txt $ git commit -m 'commit aaaa' $ git checkout -b bbbb $ echo bbbb > file.txt $ git add file.txt $ git commit -m 'commit...

“Arguments to path.resolve must be strings” when calling 'gitbook build' from a Git hook


node.js,git,gruntjs,githooks,gitbook
I am trying to run gitbook build within a post-receive Git hook on my (Gitlab, Debian 7, virtual private) server. Basically I want to: checkout the bare repository to a temporary dir run gitbook build in that temporary dir sync with the webspace through rsync The post-receive script runs something...

Git sees duplicated modified file


git,git-add,git-status
In my repository there is a file (always that one) that always gives me trouble. I'm working with coffeescript and generating the js with a grunt task. For several times git status told me that this file was modified and needed to be added. The problem is that git sees...

How to get previous version using git and VS Express for web 2013?


git,visual-studio-2013
I want to find the cause of a bug which caused by one of the recent commits. Is it possible to get a specific version, and then undo the checkouts?

Composer package not found in private repository


git,composer-php
I'm using Composer to load my private remote repository from BitBucket: { "require": { "pico/pico-core": "dev-dev" }, "repositories": [ { "type": "git", "url": "https://[email protected]/picodevelopmentteam/php-server-core.git" } ], "autoload": { "psr-0": { "PicoApi\\": "" } }, "minimum-stability": "dev" } My pico-core composer.json looks like this: { "name": "pico/pico-core", "require": { "facebook/php-sdk": "@stable",...

Go back before commit and push changes


git
In my local environment I made several changes, then: $ git log --oneline 2aa8998 Changes 02 5131bfe Changes 01 $ git commit -am "Commit 03" $ git push $ git log --oneline 9ca6c56 Changes 03 2aa8998 Changes 02 5131bfe Changes 01 But I noticed what I made a mistake, as...

Can git ever send your code to a repo that isn't yours?


git,github,git-commit,git-add,git-init
Can running git add . git commit -m "message" in a git repo which you've initialized using git init ever result in your code being sent to a repo that is not yours? I am concerned because I did this while not logged in to my git hub account....

Using git with Doxygen FILE_VERSION_FILTER


git,version-control,doxygen
What command would be used with git for the doxygen FILE_VERSION_FILTER? The output would preferably be the number of times that file as been revised in the repo.

Fix git branch after another developer did a reset


git,github
We 2 developers are working on a branch. I did 2 commits, and pushed them, and we later decided we didn't want them anymore. I did git reset -i <sha> to the sha before the 2 commits, and then force pushed it to the branch on github. The other developer...

Hide sensitive information from git changes


git,security
Is there a way to instruct git to hide my sensitive information. E.g. credentials.php (in local repository). Line1: $dbname = 'xyz'; Line2: $dbpassword = 'password'; credentials.php (in github repository and history). Line1: $dbname = 'xyz'; Line2: $dbpassword = 'xxxxxxxx'; So git automatically hides the information with 'x'. If not via...

Git submodule fail because of link to unexisting revision


git,github,git-submodules
I've got a problem with git submodules pull: I have two reporistories, let's call them repo A and repo B. Repo B is a submodule of repo A, so I added repo B as a submodule of A with this command line: git submodule add [email protected]:Aracthor/B.git libvvgl But when I...

How to download files from git repository?


git,heroku
So I have few .mp4 files in my heroku repository. And I want to download them to my local repositroy. I'm doing it like this: git pull heroku master But it doesn't download the .mp4 files. How can I get those files?...

choose authentication for git pull


git,github
I want to add a second form of authentication to a github remote. Here is the situation : I have ssh access to a shared server In the server, there is a git repository, with a github remote. If I run git pull, it asks for a passphrase that I...

Managing git repos


git,github
I am new to git and am unsure of a few things, would really appreciate if someone could answer the below questions. So I own 2 private git repos. Repo1 has numerous developers contributing. Repo2 is only for me. I want to be able to basically take a copy Repo1,...

Working with 2 git repos simultaneously


git
My company purchased a license to certain software. The license includes access to the product's github account so we can get real-time updates by fetching code directly from the repository. Additionally, we also develop new functionality for this software in-house, and for that we have created a new git account...

How can I get the last commit in all tags?


git
I've just made a commit in my project, and I was creating a tag in every step, but it seems the last commit was done in some of this tags. The thing is that I can not longer see my latest change from a minutes ago. How can I checkout...

Why does rebasing unset my current branch and does not complete?


git,rebase
I'm on branch b4 and do "$ git rebase master", it gives me conflicts. $ git rebase master First, rewinding head to replay your work on top of it... Applying: rebase: Modified 1.txt Using index info to reconstruct a base tree... M 1.txt Falling back to patching base and 3-way...

Is it possible to connect to remote DB while working in localhost?


php,mysql,git,phpmyadmin
I am working on a project with my developers on localhost. We are using git to collaborate but are having issues collaborating the database using git or using a remote db. Is there any possible way where I can use git or set up a remote server while working with...

Override .gitattributes text=auto in Windows


windows,git,gitattributes,core.autocrlf
This is pretty unintuitive: C:\python-tdl\examples\termbox>git config core.autocrlf false C:\python-tdl\examples\termbox>git commit termbox.py warning: LF will be replaced by CRLF in examples/termbox/termbox.py. The file will have its original line endings in your working directory. warning: LF will be replaced by CRLF in examples/termbox/termbox.py. The file will have its original line endings in...

How to push local git repo to remote branch?


git,github
I have got new design project in localhost and I have gotten github account with old design. I want to upload it to new branch. I create new branch with web interface on the github "new-design". I create local git repo: #git init I add the remote repo: #git remote...

Why can I view some Unix executable files in Mac OS X and not others?


git,bash,shell,unix,binary
I am on a Macbook Pro on Mac OS X 10.10 (Yosemite). When I go to /usr/bin, git is there as a unix executable file. When I open it up in Sublime Text, all I get is unreadable machine code. However, when I open up a different Unix executable file—in...