To a local repository I accidentally committed a file whit a password in it that should not go out to the public (it was there for a lazy testing purpose…).
I saved the file again whit out the password and used git commit --amend
to commit the file again.
Is the password now gone for good or can it still be found some where in the repository?
Best Answer
If you haven't performed a
git push
to a remote repository before doing amending, then the commit is not available in that remote repository. It will not be pushed in the future, either.However, your local repository still contains the old commit which you can see by running
git reflog
.The actual (old) commit can then be shown with a command like:
(assuming that you committed something and then amended it without further commits / branch switching)
To get rid of that commit locally, you should have a look at
git gc
. When you run it as-is, it will remove older, dangling commits with a certain age.