Remove History on SVN

Posted by root on Saturday Jun 4, 2011 Under Bash, Centos, Debian, Remote Access

Version control systems like CVS or Subversion are designed for keeping track of the changes of a project and for having the possibility to revert to old revisions if something goes wrong. In contrast to regular relational databases, these systems are made only for adding new content to a repository, and not for removing data from it. In fact, deleting old content is not a built-in functionality in SVN, and mostly requires removing entire revisions from the repository or even creating a new one.

But what happens if you accidentally commit a password or other sensitive information to a repository? This post explains how to remove this confidential data permanently from the repository by simply overwriting it in old revisions, i.e. without having to remove revisions or create a new repository.

First create a local repo where you’ll download googlecode’s repo to:

<code>svnadmin create /tmp/your_local_repo

create file /tmp/isd_gc/hooks/pre-revprop-change with contents

exit 0

make it eXecutable:

<code>chmod +x /tmp/isd_gc/hooks/pre-revprop-change

if you fail on this section you most likely will see an error: Revprop change blocked by pre-revprop-change hook (exit code 255) with no output.

now you can init the svn sync from

<code>svnsync init --username yourname@youremail file:///tmp/your_local_repo 

and start downloading all history:

<code>svnsync sync --username  yourname@youremail file:///tmp/your_local_repo

Committed revision 1.

Copied properties for revision 1.

Transmitting file data …………………..

Copied properties for revision 87.

Now we create a dumpfile which will be fed to svndumpfilter to remove unwanted files.

<code>svnadmin dump . &gt; /tmp/tst_dump_gc.dmp

use svndumpfilter to remove first unwanted file from it.

<code>svndumpfilter exclude /trunk/unwanted file_1.jsvg &lt; /tmp/tst_dump_gc.dmp &gt; /tmp/tst_dump_clean1.dmp

Dropped 1 node:

‘/trunk/unwanted file_new.jsvg’

remove second unwanted file:

<code>svndumpfilter exclude /trunk/unwanted file_2.jsvg &lt; /tmp/tst_dump_clean1.dmp &gt; /tmp/tst_dump_clean2.dmp

recreate “old temp repo”

<code>rm -rf /tmp/your_local_repo

svnadmin create /tmp/your_local_repo

load filtered dump into repo

<code>[/tmp]$svnadmin load --ignore-uuid your_local_repo &lt; /tmp/tst_dump_clean2.dmp

Check that everything is ok in a svn client (doing a history check on the trunk only shows 25 first results in my svn client).

<code>svnsync sync --username yourname@youremail
Tags : , , , , , | add comments