Remove History on SVN

Posted by root on Saturday Jun 4, 2011 Under Bash, Centos, Debian, Remote Access

Version control systems like CVS or Subversion are designed for keeping track of the changes of a project and for having the possibility to revert to old revisions if something goes wrong. In contrast to regular relational databases, these systems are made only for adding new content to a repository, and not for removing data from it. In fact, deleting old content is not a built-in functionality in SVN, and mostly requires removing entire revisions from the repository or even creating a new one.

But what happens if you accidentally commit a password or other sensitive information to a repository? This post explains how to remove this confidential data permanently from the repository by simply overwriting it in old revisions, i.e. without having to remove revisions or create a new repository.

First create a local repo where you’ll download googlecode’s repo to:

<code>svnadmin create /tmp/your_local_repo
</code>

create file /tmp/isd_gc/hooks/pre-revprop-change with contents

<code>#!/bin/bash
exit 0
</code>

make it eXecutable:

<code>chmod +x /tmp/isd_gc/hooks/pre-revprop-change
</code>

if you fail on this section you most likely will see an error: Revprop change blocked by pre-revprop-change hook (exit code 255) with no output.

now you can init the svn sync from code.google.com

<code>svnsync init --username yourname@youremail file:///tmp/your_local_repo https://yourproject.googlecode.com/svn 
</code>

and start downloading all history:

<code>svnsync sync --username  yourname@youremail file:///tmp/your_local_repo
</code>

Committed revision 1.

Copied properties for revision 1.

Transmitting file data …………………..

Copied properties for revision 87.

Now we create a dumpfile which will be fed to svndumpfilter to remove unwanted files.

<code>svnadmin dump . &gt; /tmp/tst_dump_gc.dmp
</code>

use svndumpfilter to remove first unwanted file from it.

<code>svndumpfilter exclude /trunk/unwanted file_1.jsvg &lt; /tmp/tst_dump_gc.dmp &gt; /tmp/tst_dump_clean1.dmp
</code>

Dropped 1 node:

‘/trunk/unwanted file_new.jsvg’

remove second unwanted file:

<code>svndumpfilter exclude /trunk/unwanted file_2.jsvg &lt; /tmp/tst_dump_clean1.dmp &gt; /tmp/tst_dump_clean2.dmp
</code>

recreate “old temp repo”

<code>rm -rf /tmp/your_local_repo

svnadmin create /tmp/your_local_repo
</code>

load filtered dump into repo

<code>[/tmp]$svnadmin load --ignore-uuid your_local_repo &lt; /tmp/tst_dump_clean2.dmp
</code>

Check that everything is ok in a svn client (doing a history check on the trunk only shows 25 first results in my svn client).

<code>svnsync sync --username yourname@youremail https://yourproject.googlecode.com/svn
</code>

Leave a Reply

You must be logged in to post a comment.