How do I delete 1 file from a revision in SVN?

Question

One of my co-workers checked in a some files in SVN and one of the files has a password in it. The password has been removed from the file and a new version checked in but the password is obviously still in the repository if we look at the revision history and go to that revision. (We're using TortoiseSVN as the client.)

So how do I securely delete that single file from the repository in SVN?

Answer 1

It isn't pretty: How do I completely remove a file from the repository's history?

Answer 2

link to subversion FAQ entry on this

Answer 3

your password is still there (svn cat file@2342 where 2342 is a revision the file was still there).

you can ''svnadmin dump'' you repos to a file, search and replace you password with "ultrasecret', ''svnadmin create'' a new repos and ''svnadmin load'' the modified dump into that new repos. be aware of binary data in your dump, so use a proper editor/sed.

Answer 4

If it's the last revision (HEAD) you can (BACKING UP your repo beforehand) delete that revision's files in db\revs and db\revprops and then run the following python script to fix what revision you repo thinks HEAD is.

e.g. if head is 522 and the password was commited in 520, you'd have to delete revisions 520,521 and 522.

(This script shouldn't be necessary once SVN obliterate is implemented)

(I didn't write this script, I got it from here)

#!/usr/bin/python

def dec_to_36(dec):
  key = '0123456789abcdefghijklmnopqrstuvwxyz'
  result = ''
  while 1:
    div = dec / 36
    mod = dec % 36
    dec = div
    result = key[mod] + result
    if dec == 0:
      break
  return result


import os, re, sys

repo_path = sys.argv[1]
rev_path = os.path.join(repo_path, 'db', 'revs')
current_path = os.path.join(repo_path, 'db', 'current')

id_re = re.compile(r'^id:\ ([a-z0-9]+)\.([a-z0-9]+)\.r([0-9]+).*')

max_node_id = 0
max_copy_id = 0
max_rev_id = 0

for rev in os.listdir(rev_path):
  f = open(os.path.join(rev_path, rev), 'r')

  for line in f:
    m = id_re.match(line)
    if m:
      node_id = int(m.group(1), 36)
      copy_id = int(m.group(2), 36)
      rev_id = int(m.group(3), 10)

      if copy_id > max_copy_id:
        max_copy_id = copy_id

      if node_id > max_node_id:
        max_node_id = node_id

      if rev_id > max_rev_id:
        max_rev_id = rev_id

f = open(current_path, 'w+b')
f.write("%d %s %s\n" % (max_rev_id, dec_to_36(max_node_id+1),
                        dec_to_36(max_copy_id+1)))
f.close()

Answer 5

I can't seem to find any revision history now - however, it could just be that I'm not looking in the right place.

You can see it by looking at the folder history, which will give you the revision where the file was still there, and thus you'll be able to recover the confidential file. So it's a bad solution.

Answer 6

That seemed to work. So what I did was:

1. Copy the file to another folder.
2. Do a TortoiseSVN delete from the current folder followed by a commit.
3. Copy the file back in to the folder.
4. Add the file using TortoiseSVN and commit again.

I can't seem to find any revision history now - however, it could just be that I'm not looking in the right place.

So a modified question would now be, how can I find the revision history of the file that was deleted and then resubmitted to SVN?

(BTW I apologize for not asking the question more accurately earlier as I never mentioned that one of the options was to obliterate all revision history as it hadn't occurred to me.)

Answer 7

Maybe you should change your production password to avoid the svn problem altogether.

Answer 8

I'm not sure. You could always create a new file and copy the latest revision into that, wiping out prior revision history.