apocryph.org

Recently it came to my attention that I accidentally committed some sensitive information to my SVN repository. I had already deleted it months ago, but as those of you who use SVN well know, nothing is ever really gone from SVN; any deleted items can always be recovered from the previous revisions in which they were not deleted. What to do?

Well, not surprisingly, I’m not the first person to have this problem. The SVN book describes the solution, and it’s not pretty. I’ll summarize:

• run svnadmin dump on your whole repository
• run svndumpfilter on the dump file to filter out specific path prefixes
• delete and recreate your repository, or create a new one to contain the modified dump
• run svnadmin load on the dump file output by svndumpfilter

If you’re lucky you have a very small repository like I do, and this only takes a half hour or so. I can only imagine doing this with a production code repository like our AppAssure repository; the dump/load operation could easily take days.

So the lesson here is pay attention to what you’re committing, because unless you’re the SVN admin there’s no way to uncommit something once it’s in. This is a feature of SVN, not a bug, but that comes as no consolation when you really want something gone permanently.

Tags: Migrated from Drupal, svn, tech diary

This entry was posted on Saturday, April 19th, 2008 at 11:23 am and is filed under Migrated from Drupal. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.