IMPORTANT: Be careful running these tools, git history will be changed
The BFG Repo Cleaner is a simpler, faster alternative to git-filter-branch for specifically cleansing bad data out of your Git repository history: Removing Crazy Big Files, Removing Passwords, Credentials & other Private data
-
Close all pull requests on the git repo
-
Clone the repo locally with the
--mirrorflaggit clone --mirror <REPO SSH TARGET>
-
Download the BFG tool binary (
bfg.jar) -
Create a
replace.txtfile that contains the sensitive text to be replaced by**REMOVED**- Each line in this text file is text to be replaced as shown below
-
# replace.txt mypassword someAPItoken$% login_info
-
Run BFG Repo Cleaner
java -jar bfg.jar --replace-text replace.txt <REPO NAME>.git
-
Cleanup unnecessary files and optimize the local repository
cd <REPO NAME>.gitgit reflog expire --expire=now --all && git gc --prune=now --aggressive
-
Push updated Git commits
git push --force- Ensure branch protection is off in repository settings
git-filter-repo is a versitile tool to rewrite git history. It can do what BFG Repo Cleaner does and more.
-
Close all pull requests on the git repo
-
Clone the repo locally
git clone <REPO SSH TARGET>
-
Change into repository directory
cd <REPO NAME>
-
Install
git-filter-repopip3 install git-filter-repo
-
Create a
replace.txtfile that contains the sensitive text to be replaced by**REMOVED**-
literal:MYSECRET==>**REMOVED**
- More options for
replace.txt: Example
-
-
Run
git-filter-repowithgitgit filter-repo --replace-text replace.txt
-
Push to remote
git push --force- Ensure branch protection is off in repository settings
- May have to
git remote add <REPO NAME> <REPO SSH TARGET>