Oh this will mess up the history of the repo real good and anybody who tries to pull force-pushed commits will get errors. But if anyone is pushing secrets to a central branch that a team is pulling from, that team has bigger problems anyway.
The solution that I have in picture is just notify the team to wait for the fix then do the “pull —force”, because as you said it’s an important security fix then all will be sync and can work.
Unfortunately things like this (maybe not a .env file) but a hardcoded secret perhaps? might ever be committed and even pass a PR.
Mistakes are human, and agree once this happens you should notify the team and work on getting this sorted right away and make sure everyone is up to date in source again.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I guess, we should take into account the affected commits will change their SHA it will cause conflicts with already cloned repositories, doesn’t it?
Good question actually!
Not to sure how it behaves on cloned repo's.
Oh this will mess up the history of the repo real good and anybody who tries to pull force-pushed commits will get errors. But if anyone is pushing secrets to a central branch that a team is pulling from, that team has bigger problems anyway.
The solution that I have in picture is just notify the team to wait for the fix then do the “pull —force”, because as you said it’s an important security fix then all will be sync and can work.
Unfortunately things like this (maybe not a .env file) but a hardcoded secret perhaps? might ever be committed and even pass a PR.
Mistakes are human, and agree once this happens you should notify the team and work on getting this sorted right away and make sure everyone is up to date in source again.