portfolio-website/SECURITY_CLEANUP.md

30 lines
1.1 KiB
Markdown

# Security Cleanup - April 9, 2026
## What happened
Sensitive data (code exports containing potential tokens) was accidentally committed to git history in commit 2807a55.
## Actions taken
1. ✅ Removed sensitive files from tracking (code_export.txt, code_export.ps1.test.txt)
2. ✅ Added proper .gitignore to prevent future leaks
3. ✅ Used git-filter-repo to completely remove files from entire git history
4. ✅ Prepared for force-push to rewrite remote history
## Next steps (MANUAL)
1. **CRITICAL**: Revoke the exposed Gitea token immediately in Gitea settings
2. Generate a new Gitea token
3. Update any services using the old token
4. Execute: `git push --force origin master` to rewrite remote history
5. Notify any collaborators to re-clone the repository
## Prevention
- .gitignore now blocks code_export.txt and similar files
- export_code.ps1 already has exclusions for sensitive patterns
- Always review git status before committing
## Verification
After force-push, verify that sensitive files are not in history:
```bash
git log --all --full-history -- code_export.txt
# Should return nothing
```