Closed github-learning-lab[bot] closed 3 years ago
A contributor opened a pull request to add a new image to the memory game. However, it appears that this contributor also committed a sensitive .env
file that shouldn't be included. Contributors may commit sensitive information by accident or on purpose without knowing the consequences of these actions.
Before we approve this pull request and merge it in, we need to remove this sensitive .env
file from the pull request.
We can do this by cloning this repository to our computer, and then running a few local Git commands before pushing up a fix on the contributor's branch on GitHub.
git clone https://github.com/mwangilk/security-strategy-essentials.git
cd security-strategy-essentials
git checkout add-wolverine-image
.env
file with a rebase. You can do this with git rebase -i main
and then remove the entire commit so only the Add wolverine image to game
commit remainsgit push -f
to force push your changes to the branch on GitHubNice job removing that .env
file!
Notice that the commit has been removed from the pull request and that the file no longer persists in the "files changed" tab. You may need to refresh your page to see the previous commits disappear.
However, even though we removed the commit, the historical reference to this commit can still be found if you know the commit id. In a real world situation, you'll need to contact GitHub Support to perform the following:
For our situation, we can skip contacting GitHub Support for this example! :smile:
Now that the sensitive information has been removed, let's now approve this contributor's pull request
Nice job removing that .env
file and approving the game update from a contributor!
With your approval, I merged in the pull request!
.gitignore
file in your next pull request.
Game update
By popular demand, this pull request adds the wolverine image to the game: