Earlier today, I accidentally committed a sensitive data of a project I was working on to a public Github repository.
To remove every trace of that data on Github, I had to remove all history of the file that contained the said data.
In this succinct article, I will show us how to remove or delete all Git history of a file on Github using BFG Repo-Cleaner
Note: BFG Repo-Cleaner do not clean-up the latest commit and assume it is the good one that doesn’t contain the sensitive data.
The instruction below is also applicable to other Git hosting services such as Bitbucket or a privately own Git server.
We assume your Git repo is at https://github.com/w3guy/app.git.
Firstly, head over to rtyley.github.io/bfg-repo-cleaner and download BFG Repo-Cleaner by clicking the Download .jar file button at the fight-sidebar.
Create a new directory where the below shebang will take place.
Copy the .jar file you downloaded and rename to bfg.jar
Open your terminal, cd into the created folder and clone a fresh copy of your repo, using the --mirror flag:
$ git clone --mirror git://github.com/w3guy/app.git
Instruct BFG Repo-Cleaner to remove for example, all config.php files history from the repository leaving the current.
$ java -jar bfg.jar --delete-files config.php app.git
An app.git folder will be created.
CD into the folder.
$ cd app.git
And run the command below.
$ git reflog expire --expire=now --all && git gc --prune=now --aggressive
Finally, push the changes to GitHub.
$ git push
The End.