You're expected to capture your full shell history while you're working on this, we're mostly interested in seeing your workings rather than the finished end result, so please annotate this with your thinking on what you're exploring and what you learn from the output each time.
- Locate and edit the commit with the credentials in and remove the credentials
- At some point a bug was introduced after
A, locate and remove that commit, to test if the bug is present you can run the following command that tests your work against a 'blackbox' lambda that will fail (and throw a 4xx error) when a string from the offending commit is found in the POST payload.
# bash
curl -X POST -d "$(cat files/*)" https://69o349t9b2.execute-api.eu-west-2.amazonaws.com/production/
# powershell
echo $(invoke-webrequest -Body "$(cat files/*)" -Method POST https://69o349t9b2.execute-api.eu-west-2.amazonaws.com/production/).Content- Reorder the commits to be
initial commitadd readmeABCD(from branchfeature/other-branch)EFetc...
shell_history.txt- annotated shell history.archive.zip- archived zip of the full codebase including the.gitdirectorynotes.txt- any thoughts or notes you'd like to share with the assessorweb-history- google/stackoverflow/etc is allowed but we do ask to see your history while you're working on it