Remove Sensitive Firebase Configuration from Commit

[ChanglaiSun]

Description:

In commit 787de93 by @YuechengHao626 , the file src/app/config/firebaseConfig.ts containing sensitive Firebase configuration (API keys, project ID, etc.) was accidentally committed and pushed to this public repository by the team leader.

Steps to Resolve:

1. Remove the Sensitive File from Git History:

   • Use a tool like BFG Repo-Cleaner or git filter-branch to remove the src/app/config/firebaseConfig.ts file from the entire commit history.
   • Ensure the file is fully purged from the repository's history, both locally and on the remote.

2. Add the File to .gitignore:

   • Add the src/app/config/firebaseConfig.ts file to .gitignore to prevent it from being committed again in the future.

3. Regenerate Firebase Credentials:

   • Since the configuration file was exposed, it's essential to regenerate the API keys and other credentials in the Firebase Console.
   • Update the project to use the new credentials and ensure they are stored securely.

4. Force Push the Cleaned History:

   • After cleaning the history, force push the changes to the remote repository to overwrite the current history with the cleaned version.

Impact:

This issue needs to be addressed immediately to prevent potential misuse of the exposed credentials. Anyone with access to the current commit history could potentially exploit the Firebase configuration.

Additional Notes:

• We should also consider rotating any other potentially exposed credentials (like database URLs or storage keys) associated with the Firebase project.
• After resolving this issue, inform the other team members to update local repositories accordingly to avoid conflicts.

[YuechengHao626]

Good review, I will fix it.

[YuechengHao626]

Now config file is on our google drive.