So you committed something you shouldn't have, like an oath token or a password. If you have not pushed yet then not all is lost.
How to purge bad commits from the local repo:
- Rebase out the offending commit(s)
git reflog --expire-unreachable=now && git gc --prune=now
Caveats:
- If you have pushed the commits, the cat is out of the bag. You must revoke the access credentials immediately.
- Note that this will irrevocably remove any refs that are no longer in the tree, not only those that you just rebased out.
- This method does not protect you from anything that can recover data from the storage media.