Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add wolverine octocat to game #7

Merged
merged 1 commit into from
May 28, 2020
Merged

Conversation

github-learning-lab[bot]
Copy link
Contributor

Game update

By popular demand, this pull request adds the wolverine image to the game:

xtocat

@github-learning-lab
Copy link
Contributor Author

Removing sensitive information

A contributor opened a pull request to add a new image to the memory game. However, it appears that this contributor also committed a sensitive .env file that shouldn't be included. Contributors may commit sensitive information by accident or on purpose without knowing the consequences of these actions.

Before we approve this pull request and merge it in, we need to remove this sensitive .env file from the pull request.

Step 8: Remove sensitive data in a pull request

We can do this by cloning this repository to our computer, and then running a few local Git commands before pushing up a fix on the contributor's branch on GitHub.

  1. Clone this repository locally by running git clone https://github.com/vpegg/security-strategy-essentials.git
  2. CD into your newly cloned repository with cd security-strategy-essentials
  3. Checkout to the contributor's branch with git checkout add-wolverine-image
  4. Remove the unwanted commit that introduced the .env file with a rebase. You can do this with git rebase -i master and then remove the entire commit so only the Add wolverine image to game commit remains
  5. Run git push -f to force push your changes to the branch on GitHub

I'll respond below when you push up a fix to remove the `.env` file.

@github-learning-lab github-learning-lab bot mentioned this pull request May 28, 2020
@github-learning-lab
Copy link
Contributor Author

Nice job removing that .env file!

Notice that the commit has been removed from the pull request and that the file no longer persists in the "files changed" tab. You may need to refresh your page to see the previous commits disappear.

However, even though we removed the commit, the historical reference to this commit can still be found if you know the commit id. In a real world situation, you'll need to contact GitHub Support to perform the following:

  • Run garbage collection on the repository to remove the unreferenced commit(s)
  • Invalidate the Git cache

For our situation, we can skip contacting GitHub Support for this example! 😄

Now that the sensitive information has been removed, let's now approve this contributor's pull request

Step 9: Approve the pull request

  1. Approve this pull request.

I'll respond below when I see your approval.

@github-learning-lab github-learning-lab bot merged commit 8338223 into master May 28, 2020
@github-learning-lab
Copy link
Contributor Author

Nice job removing that .env file and approving the game update from a contributor!

With your approval, I merged in the pull request!


Let's now learn about adding a .gitignore file in your next pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants